Darkjumper versi 4 + user enumeration(s) by mywisdom

[mywisdom]

Tool name: darkjumper version 4.0
C0d3r: mywisdom (solhack 2004 c0d3r)
Released on: February 2010
Download url:
http://yoyoparty.com/upload/darkjumper.tgz
mirror:
http://fams-online.com/images/darkjumper.tgz

Function(s)
1. User enumeration(s) guessing based on 4-8 chars trial taken from every site name that host at the same server
2. Scan for sql injection,local file inclusion,remote file inclusion and blind sql injection on every site(s) at the same server
3. CGI and Path(s) Scanning
Additional feature: 30 fake http user agent(s)

Requirement(s): python > 2.5.x, perl

Ok introducing my new upgraded tool called darkjumper version 4.0. Ok here's a little tutorial about "Using Darkjumper"
This tool can run on linux and windows.

Tutorial for Linux Environment (command line)

Ok u may download this tool and then extract it

Code:

wget http://fams-online.com/images/darkjumper.tgz
tar zxvf darkjumper.tgz

Then go to folder darkjumper:

Code:

cd darkjumper;ls -la

Here's the view from my b0x:

Code:

bt next_steps # cd darkjumper
bt darkjumper # ls -la
total 872
drwxr-xr-x  2 turkmentel root   4096 Feb  6 00:38 ./
drwxrwxrwx 11 root       root   4096 Oct  2 01:19 ../
-rwxrwxrwx  1 turkmentel 1001   1727 Feb  5 18:16 cgilist*
-rwxrwxrwx  1 root       root    485 Jun  8  2009 clearlog.py*
-rwxrwxrwx  1 turkmentel 1001   1263 Oct 27 21:58 darkcgi.pl*
-rwxrwxrwx  1 root       root  35840 Feb  6 00:28 darkjumper.py*
-rwxrwxrwx  1 root       root      9 Feb  6 00:37 darkjumperlog.txt*
-rwxrwxrwx  1 root       root  23128 Feb  5 17:29 devilzc0de.py*
-rwxrwxrwx  1 root       root  57154 Jun  8  2009 shot1.jpg*
-rwxrwxrwx  1 root       root 141527 Jun  8  2009 shot2.jpg*
-rwxrwxrwx  1 root       root 255572 Jun  8  2009 shot3.jpg*
-rwxrwxrwx  1 root       root 188846 Jun  8  2009 shot4.jpg*
-rwxrwxrwx  1 root       root 101075 Jun  8  2009 shot5.jpg*
-rwxrwxrwx  1 root       root   4876 Jun  8  2009 subscan.py*
-rwxrwxrwx  1 root       root   5254 Jun  8  2009 subscan2.py*
-rwxrwxrwx  1 root       root   5641 Jun  8  2009 tes.py*
-rwxrwxrwx  1 root       root   5641 Jun  8  2009 tes2.py*
bt darkjumper #

on that folder u will see these important file(s) for running darkjumper:

clearlog.py

Everytime before u run your darkjumper.py you must clear the log (don't forget about this) to make darkjumper.py works perfectly !!
type this:

Code:

./clearlog.py

or : python clearlog.py

darkjumper.py
Here is your main tool.
Ok then you are ready to run darkjumper.py, let's have a try by typing:

Code:

./darkjumper.py

And here's the view from my b0x:


Ok let's see what's the function of this tool, just type this to view help :

Code:

./darkjumper.py -help

Ok here's the help view from my b0x:


Ok from the help,We may run this tool using this ways

Code:

Usage:./darkjumper.py -t www.target_web.com -m mode

confuse??? don't be bro ! it's so easy!
ok let me give you sample:

Actually this tool has 3 mode, here they are:

1. surface scan
This is faster than full scan, only scan for: sqli and blind sqli on every site(s) at the same server

2. full scan
This will scan for cgi, path, lfi,rfi,sqli and blind sqli (will takes long time) on every site(s) at the same server
3. enum scan
This is for guessing user(s) on that server, then u may use ssh,ftp or telnet dict attack depends on what daemon(s) are running on ur target

Ok here's the explanation(s) on each scan mode:

SURFACE SCANNING MODE

surface scanning will scan all site at the same server for sqli and blind sqli only.

Sample how to use this scanning using command line :

Code:

./darkjumper.py -t liquid-security.net -m surface

and then it will start to scan all site(s) at the same server as liquid-security.net



sorry just sample only ok?? I don't attack liquid-security and I don't suggest u ppl to attack it !!!


FULL SCANNING MODE

full scan will combine all basic attack(s) such as: sqli, blind sqli, lfi, and rfi on every site(s) at the same server.
Sample how to use this scanning using command line :

Code:

./darkjumper.py -t liquid-security.net -m full

only site sample ok???

USER ENUMERATION MODE

This is for guessing username(s) on that server. Why this is important??
once u get list of user(s) of that server, u may start to dict attack on one of the service.

ok let's have a try on a sample site and start guessing username based on 8 chars that we get from site name(s) on that server:

Code:

./darkjumper.py -t www.palapastudio.com -m enum 8

then just wait and the result may be viewed at darkjumperlog.txt

this mode guessing is available from 4-8 chars
if you wanna try 4 chars guessing:

Code:

./darkjumper.py -t www.palapastudio.com -m enum 4

if you wanna try 5 chars guessing:

Code:

./darkjumper.py -t www.palapastudio.com -m enum 5

if you wanna try 6 chars guessing:

Code:

./darkjumper.py -t www.palapastudio.com -m enum 6

if you wanna try 7 chars guessing:

Code:

./darkjumper.py -t www.palapastudio.com -m enum 7

warning !!! not all server setting permit user enumerations, but don't worry this tool will first check whether user enumeration is possible or not by testing
like this: http://www.yourtarget.com/~root
if the result is forbidden then it's a sign that u may try user enumeration there. But if 404 not found, u can't do user enumeration there

Ok here's the sample of view:


Ok from the scanning log at darkjumperlog.txt i got this:

Code:

----------------------------------------
W00t !!! found possible user: mclemore
Check this out:http://www.palapastudio.com/~mclemore
----------------------------------------
W00t !!! found possible user: getgoliv
Check this out:http://www.palapastudio.com/~getgoliv
----------------------------------------
W00t !!! found possible user: dreampop
Check this out:http://www.palapastudio.com/~dreampop
----------------------------------------
W00t !!! found possible user: snjegoti
Check this out:http://www.palapastudio.com/~snjegoti
----------------------------------------
W00t !!! found possible user: artafric
Check this out:http://www.palapastudio.com/~artafric
----------------------------------------
W00t !!! found possible user: emergedc
Check this out:http://www.palapastudio.com/~emergedc
----------------------------------------
W00t !!! found possible user: kevinrei
Check this out:http://www.palapastudio.com/~kevinrei
----------------------------------------
W00t !!! found possible user: gadgetco
Check this out:http://www.palapastudio.com/~gadgetco
----------------------------------------
W00t !!! found possible user: wallpape
Check this out:http://www.palapastudio.com/~wallpape
----------------------------------------
W00t !!! found possible user: sadewase
Check this out:http://www.palapastudio.com/~sadewase
----------------------------------------
W00t !!! found possible user: vidagasd
Check this out:http://www.palapastudio.com/~vidagasd
----------------------------------------
W00t !!! found possible user: shonenwa
Check this out:http://www.palapastudio.com/~shonenwa
----------------------------------------
W00t !!! found possible user: earnforc
Check this out:http://www.palapastudio.com/~earnforc
----------------------------------------
W00t !!! found possible user: satishco
Check this out:http://www.palapastudio.com/~satishco
----------------------------------------
W00t !!! found possible user: ahlihost
Check this out:http://www.palapastudio.com/~ahlihost
----------------------------------------
W00t !!! found possible user: hostingd
Check this out:http://www.palapastudio.com/~hostingd
----------------------------------------
W00t !!! found possible user: albrowma
Check this out:http://www.palapastudio.com/~albrowma
----------------------------------------
W00t !!! found possible user: futurest
Check this out:http://www.palapastudio.com/~futurest
----------------------------------------
W00t !!! found possible user: lamavine
Check this out:http://www.palapastudio.com/~lamavine
----------------------------------------
W00t !!! found possible user: vukkarad
Check this out:http://www.palapastudio.com/~vukkarad
----------------------------------------
W00t !!! found possible user: stxsummi
Check this out:http://www.palapastudio.com/~stxsummi
----------------------------------------
W00t !!! found possible user: cocorost
Check this out:http://www.palapastudio.com/~cocorost
----------------------------------------
W00t !!! found possible user: egodrive
Check this out:http://www.palapastudio.com/~egodrive
----------------------------------------
W00t !!! found possible user: agesmart
Check this out:http://www.palapastudio.com/~agesmart
----------------------------------------
W00t !!! found possible user: destilac
Check this out:http://www.palapastudio.com/~destilac
----------------------------------------
W00t !!! found possible user: mediaban
Check this out:http://www.palapastudio.com/~mediaban
----------------------------------------
W00t !!! found possible user: gestionb
Check this out:http://www.palapastudio.com/~gestionb
----------------------------------------
W00t !!! found possible user: tw6cn

Check this out:http://www.palapastudio.com/~tw6cn

----------------------------------------
W00t !!! found possible user: imolacar
Check this out:http://www.palapastudio.com/~imolacar
----------------------------------------
W00t !!! found possible user: conimpex
Check this out:http://www.palapastudio.com/~conimpex
----------------------------------------
W00t !!! found possible user: asikomus
Check this out:http://www.palapastudio.com/~asikomus
----------------------------------------
W00t !!! found possible user: karatesa
Check this out:http://www.palapastudio.com/~karatesa
----------------------------------------
W00t !!! found possible user: buyastro
Check this out:http://www.palapastudio.com/~buyastro
----------------------------------------
W00t !!! found possible user: alwelaya
Check this out:http://www.palapastudio.com/~alwelaya
----------------------------------------
W00t !!! found possible user: jokemast
Check this out:http://www.palapastudio.com/~jokemast
----------------------------------------
W00t !!! found possible user: fantasyc
Check this out:http://www.palapastudio.com/~fantasyc
----------------------------------------
W00t !!! found possible user: lilamitr
Check this out:http://www.palapastudio.com/~lilamitr
----------------------------------------
W00t !!! found possible user: wraorgpk
Check this out:http://www.palapastudio.com/~wraorgpk
----------------------------------------
W00t !!! found possible user: renartfi
Check this out:http://www.palapastudio.com/~renartfi
----------------------------------------
W00t !!! found possible user: awtohost
Check this out:http://www.palapastudio.com/~awtohost
----------------------------------------
W00t !!! found possible user: baumulle
Check this out:http://www.palapastudio.com/~baumulle
----------------------------------------
W00t !!! found possible user: apunkawo
Check this out:http://www.palapastudio.com/~apunkawo
----------------------------------------
W00t !!! found possible user: hostingn
Check this out:http://www.palapastudio.com/~hostingn
----------------------------------------
W00t !!! found possible user: facetint
Check this out:http://www.palapastudio.com/~facetint
----------------------------------------
W00t !!! found possible user: mycustom
Check this out:http://www.palapastudio.com/~mycustom
----------------------------------------
W00t !!! found possible user: alternat
Check this out:http://www.palapastudio.com/~alternat
----------------------------------------
W00t !!! found possible user: kuwait2d
Check this out:http://www.palapastudio.com/~kuwait2d
----------------------------------------
W00t !!! found possible user: snetindi
Check this out:http://www.palapastudio.com/~snetindi
----------------------------------------
W00t !!! found possible user: getgotec
Check this out:http://www.palapastudio.com/~getgotec
----------------------------------------
W00t !!! found possible user: khaslomb
Check this out:http://www.palapastudio.com/~khaslomb
----------------------------------------
W00t !!! found possible user: soccerfu
Check this out:http://www.palapastudio.com/~soccerfu
----------------------------------------
W00t !!! found possible user: balitrad
Check this out:http://www.palapastudio.com/~balitrad
----------------------------------------
W00t !!! found possible user: getgopix
Check this out:http://www.palapastudio.com/~getgopix
----------------------------------------
W00t !!! found possible user: paisleyc
Check this out:http://www.palapastudio.com/~paisleyc
----------------------------------------
W00t !!! found possible user: goiashos
Check this out:http://www.palapastudio.com/~goiashos
----------------------------------------
W00t !!! found possible user: i3hnet

Check this out:http://www.palapastudio.com/~i3hnet

----------------------------------------
W00t !!! found possible user: dasimpla
Check this out:http://www.palapastudio.com/~dasimpla
----------------------------------------
W00t !!! found possible user: buahmera
Check this out:http://www.palapastudio.com/~buahmera

So we may decide these are username(s) on that server:
buahmera,dasimpla, i3hnet, goiashos, paisleyc,and so on...bla bla bla oopssss so many user(s) we got!!!

So let's try to scan this server to find what service(s) are running:



Ok seems like the easy way is using:
21/tcp open ftp PureFTPd

u may use ftp dict attack by gunslinger :

http://www.darkc0de.com/others/ftpbrute.py

(dont's forget to prepare word list(s))

note:
from the scanning we also see some other daemon(s) information, u may try to find whether there are already found bug(s) or sploit(s)
try to googling,it's better if u find a non famous daemon then try to find the source code from the vendor and analyze the source code line by line






Additional Note(s):
1. If darkjumper looks stuck after a long scan try to press: ctrl+c
2. If u feel that the scanning is enough, you may press ctrl+z to stop it
3. To see scanning result(s) u may read darkjumperlog.txt -> here's the log of your scan

[wenkhairu]

wow that must be great dude, thanks for share :)

[el_nino]

i lup u full om

Top Markotop

Nice Share

[mywisdom]

thank u my brotha .. i loph u all
girl(s) won't be able to disturb our mind. We're free !!! free our mind!!!!

[chaer.newbie]

waaaaaaah......

belom nyicip ane yg ni om dom
hahaha

[ian182]

izin mempelajari om.salut deh buat om dom dom

[wahyu_devilzc0de™]

Assalamu'alaikum..

terima kasih mas dom, paket sudah saya download tadi malem..
mudah lancar saya njalaninnya...

Wassalamu'alaikum...

[ketek]

mantab om dom,,, great job, sadis om..

[ToFoLogic]

wah keren bgt... ijin sedot om wisdom...
thx 4 share...

[kiddies]

wow...nice...we can use userenum....