Added the LDAp module

Author: 0xInfection

modules/VulnLysis/SerioBugs/colors.pyc

@@ -135,7 +135,7 @@ def crlf(web):
 	print O+' [*] Using !nfected UA Value : '+inf_headers['User-Agent']
 	m = getHeaders0x00(web, inf_headers)
 	check0x00(m, 'Mozilla/5.0 (Windows; U; Windows NT 6.1; rv:2.2) Gecko/20110201%0d%0aSet-Cookie: Infected_by=Drake')
-	print GR+' [*] Initiating '+R+'Parameter Based Check...'
+	print GR+'\n [*] Initiating '+R+'Parameter Based Check...'
 	param = raw_input(O+' [#] Scope parameter (eg. /vuln/page.php?crlf=x) :> ')
 	if param.startswith('/') == False:
 		param = '/' + param

modules/VulnLysis/SerioBugs/crlf.py

@@ -0,0 +1,143 @@
+#!/usr/bin/env python2
+# coding: utf-8
+
+#-:-:-:-:-:-:-:-:-:-:-:-:#
+#    TIDoS Framework     #
+#-:-:-:-:-:-:-:-:-:-:-:-:#
+
+#Author: @_tID
+#This module requires TIDoS Framework
+#https://github.com/the-Infected-Drake/TIDoS-Framework 
+
+import os
+import time
+import requests
+from colors import *
+from requests.packages.urllib3.exceptions import InsecureRequestWarning
+
+requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
+
+def getFile0x00(fi):
+
+	global payloads
+	payloads = []
+	print GR+' [*] Importing payloads...'
+	time.sleep(0.7)
+	with open(fi,'r') as payl:
+		for pay in payl:	
+			c = pay.replace('\n','')
+			payloads.append(c)
+	print G+' [+] Loaded '+O+str(len(payloads))+G+' payloads...'
+
+def check0x00(web000, headers):
+
+	errors = [
+		"supplied argument is not a valid ldap",
+		"javax.naming.NameNotFoundException",
+		"javax.naming.directory.InvalidSearchFilterException",
+		"Invalid DN syntax",
+		"LDAPException|com.sun.jndi.ldap",
+		"Search: Bad search filter",
+		"Protocol error occurred",
+		"Size limit has exceeded",
+		"The alias is invalid",
+		"Module Products.LDAPMultiPlugins",
+		"Object does not exist",
+		"The syntax is invalid",
+		"A constraint violation occurred",
+		"An inappropriate matching occurred",
+		"Unknown error occurred",
+		"Unknown exception encountered",
+		"The search filter is incorrect",
+		"Local error occurred",
+		"The search filter is invalid",
+		"The search filter cannot be recognized",
+		"IPWorksASP.LDAP"
+		]
+	print GR+' [*] Starting enumeration...'
+	time.sleep(0.7)
+	for payload in payloads:
+		gotcha = False
+		print B+'\n [+] Using Payload : '+C+payload
+		web0x00 = web000 + payload
+		print O+' [+] Url : '+C+web0x00
+		print GR+' [*] Making the request...'
+		try:
+			req = requests.get(web0x00, headers=headers, allow_redirects=False, timeout=7, verify=False).text
+			print O+' [!] Searching through error database...'
+			for err in errors:
+				if err.lower() in req.lower():
+					print G+' [+] Possible LDAP Injection Found : '+O+web0x00
+					gotcha=True
+					print O+' [+] Response : '
+					print P+req
+				else:
+					pass
+
+			if gotcha == False:			
+				print R+' [-] No error reflection found in response!'
+				time.sleep(0.4)
+				print R+' [-] Payload '+O+payload+R+' not working!'
+				pass
+
+		except Exception as e:
+			print R+' [-] Query Exception : '+str(e)
+
+def ldap(web):
+
+	print GR+' [*] Loading module...'
+	time.sleep(0.5)
+	print R+'\n     ============================='
+	print R+'      L D A P   I N J E C T I O N'
+	print R+'     =============================\n'
+	try:
+		web0 = raw_input(O+' [#] Parameter path to test (eg. /lmao.php?foo=bar) :> ')
+		if "?" in web0 and '=' in web0:
+			if web0.startswith('/'):
+				m = raw_input(GR+'\n [!] Your path starts with "/".\n [#] Do you mean root directory? (Y/n) :> ')
+				if m.lower() == 'y':
+					web00 = web + web0
+				elif m.lower() == 'n':
+					web00 = web + web0
+				else:
+					print R+' [-] U mad?'
+			else:
+				web00 = web + '/' + web0
+		print B+' [+] Parameterised Url : '+C+web00
+
+		input_cookie = raw_input("\n [*] Enter cookies if needed (Enter if none) :> ")
+		print GR+' [*] Setting headers...'
+		time.sleep(0.6)		
+		gen_headers =    {'User-Agent':'Mozilla/5.0 (Windows; U; Windows NT 6.1; rv:2.2) Gecko/20110201',
+			   	  'Accept-Language':'en-US;',
+			   	  'Accept-Encoding': 'gzip, deflate',
+			   	  'Accept': 'text/html,application/xhtml+xml,application/xml;',
+			   	  'Connection':'close'}
+
+		if(len(input_cookie) > 0):
+			gen_headers['Cookie'] = input_cookie
+		print O+' [#] Enter the payloads file '+R+'(Default: files/payload-db/ldap_payloads.lst)...'
+		fi = raw_input(O+' [#] Your input (Press Enter for default) :> ')
+		if fi == '':
+			fi = 'files/payload-db/ldap_payloads.lst'
+			getFile0x00(fi)
+		else:
+			if os.path.exists(fi) == True:
+				print G+' [+] File under '+fi+' found!'
+				getFile0x00(fi)
+			else:
+				print R+' [-] Invalid input... Using default...'
+				fi = 'files/payload-db/ldap_payloads.lst'
+				getFile0x00(fi)
+		print O+' [!] Parsing url...'
+		time.sleep(0.7)
+		web000 = web00.split('=')[0] + '='
+		check0x00(web000, gen_headers)
+
+	except KeyboardInterrupt:
+		print R+' [-] Aborting module...'
+		pass
+	except Exception as e:
+		print R+' [-] Exception : '+str(e)
+	print G+'\n [+] LDAP Injection module completed!\n'
+

modules/VulnLysis/SerioBugs/ldap.py

@@ -124,9 +124,9 @@ def lfi(web):
 	global gotcha
 	print GR+' [*] Loading module...'
 	time.sleep(0.5)
-	print R+'\n     ======================='
-	print R+'      L F I   S C A N N E R'
-	print R+'     =======================\n'
+	print R+'\n     ========================================='
+	print R+'      L O C A L   F I L E   I N C L U S I O N'
+	print R+'     =========================================\n'
 	try:
 		web0 = raw_input(O+' [#] Parameter path to test (eg. /load.php?file=foo) :> ')
 		if "?" in web0 and '=' in web0: