Scan with Scan100-1000 for port 554 copy results in a textfile!
Run the exe in cmd and enter the textfile! ;D

Have PhuN

UPDATET!!

PLEASE DO NOT LEECH THE PHP VERSION!!
NEW FILE ALL WHO LEECHED THE OLD LEECH THE NEW!!!
BETTER TARGET DETECTION!!!!

Heres a view of a vulnerablity Server!
212.3.xXx.xXx - CONNECTED! QTSS/4.1.3 (Build/412.45; Platform/MacOSX)
207.188.xXx.xXx - VULNERABLE! RealServer Version 8.0.2.471 (linux-2.0-libc6)
212.4.xXx.xXx - CONNECTED! DSS/4.0 [v410]-Linux

thanks for for this NICE scanner in "exe"

woei indeed easy!
cause i had my first shell today so i'll continue this one

Awesome post dude , your a great member here. Thanks alot for all your coding you have done.

Right on bro thanks for putting time into this and sharing with the rest of us to try..
pretty cool..

big thx!

yeah big tHx dude

i could wrtite something more how great is it but my english is very well

wow very nice dude

cheers for that

I Updatet the exe!
PLEASE DOWNLOAD AGAIN!

What can you say but thx for all ur hard work. Wow, you make it so nice and neat. Thx mate

Big THX to all ya!
Ahm ok i must tell ya something!
If any Vulnerablity is coming up! Ill try to code anything!
And if my code is good and works, then anyone will this code!
Please do not send it to other boards or anything else!
I think thats my "ONE" board where im active!
And if my code is just arround the board!
Weve got more victims!
if everyone got my scanner!
There arent many chances to get Many vulns!

Thanks dude

you RULE BIG TIME

Greetz VV

Nice scanner, good work as always. But real.exe seems to be crashing after only scanning 5 IP's *on my copmputer. Maybe this only happens when it find's a VULNERABLE server, who knows... Just tought I'd let you know.

Maybe it's just me, but if someone else is having the same trouble and knows how to get around it please post something.

-My info-
OS Type: Windows XP SP1
Scanner: Realserver Scanner V2 (exe version)

Thanks in advanced!

Uve got the same Error like me!
THis error isnt fixable! *Cry*
there is exist an other service who runs on port 554!
If u start quering the service with real.exe!
The buffer starts to go higher and higher!
And if the timeout reached he will drop the scan and use the next! ;D
But if ya see anything like this!
[edited by digger]Please do not post IP addresses on the board. Thank you
-----
U can forget it!
Everyone of this Servers are running this DAMN service!
This service let hold ya script for 60seconds -.-

Ahm hello m8s!
I tested my scanner and hacked many servers! Many 100mbit servers
Please do not send this scanner anyone or to any crew!
Use it self
If anyone got anything like this! Then is the bug in 2hours fixed on any machine!!!!
I tested it! it works on linux and Windows!! And works PERFECTLY

this is great thnx allot m8 W00T thnx

Hello

first big thx for the great tool, but ive a problem, i have a IP

it shows - VULNERABLE! RealServer Version 8.0.1.367 (linux-2.0-libc6-i386).
But if i want to connect via netcat i get an error:


E:\>nc -vvv 1xx.1x8.7.x 31337
jabber.real.com [1xx.1x8.7.x] 31337 (?): connection refused
sent 0, rcvd 0: NOTSOCK


What am i doing wrong ?

any chance of a remotely useable version?

Great work BTW!

Big ThX for the Scanner !!


Because i have the same problem , i cant connect with netcat to vicitim port 31337?

Whats the problem?

Yeah the second version of your scanner works great the first hangs always after 5 ips.

tHx

Hijas first at all thx for everything here:)

Mazer you rock, but the scanner doesent work here, it freeeezes after i enter ip.txt
nothing happens at all . I am on winxp pro sp1

Anybody out there with same probs?

Regards
Alamo

Jep the scanner freeze , when the ip dosen´t have a ping!


@maZer can you fix the bug????

ThX for great work!

aha, nice info m8 i try too ping them now first thx a lot.

adding ping before checking version would be gr8 )

btw gr8 job could u poast linux verison also or linux version = php ?

i have this feeling that this weekend some ppl from this board will route the planet;)

10x M8

What i have done to make it work good is :

I took the realscanv2.php file n the dll n added to the old files that were posted. ( php.exe ) and ran it like this : php.exe realscanv2.php < hit enter > then put in the iplist <ip.txt> hit enter twice and it worked. It hangs for a bit but it starts working. If you are using WIN XP turn off your Error reporting cause every couple seconds you will get a prompt that real.exe has made an error and is shutting down. Other then that its working gr8.

Another tip: i talked to mazer and he advised to watch your tskmanager. Watch for the real.exe sitting in there.. if its sitting and not doin anything .. kill it and keep the scan goin .. it will start flashing in the tskmng on and off, then you know its working properly.

thnx alot dude!! again a nice post! hope ill get some results on this exploit!

I think the Exploit doesn´t work!

Anybody got Shell on Realserver????

Tnx m8 gonna check it out....

after the first IP it hung allready.. .hmmz
still gonna check
Greetz,
Milka

cool
great work m8y!!!
awesome
gonna try it now
sql haxing is quite boring...

i am new over here but i like it already

i am seeying some great stuff over here

awesome job m8

Thanks a lot for that great tool.

Xmen2

dear sir
thank you for ur new program
please i wanna an example about making ip list


oh i know it is newbi request but i hope if u help me sir


thank u again

first you scan with sfind -p 554 and then you just put the scan.txt file in the dir where your scanner is et voila


if oyu look at the ip file you'll just see ip's

for example
65.202.0.10
65.202.2.25
65.202.5.12

etc.

thanks sir it is clear now i have anther something



if i wanna sacan range of ips how can do this?

hmmm i make it how u described it

first exploit it then try to connect via nc, but i get everytime an error:

212.*.*.*: inverse host lookup failed: h_errno 11004: NO_DATA

... connection refused ;(

and hmm the scanner crashes after 6 ips, too ;(

Ahmm! BIG THX 4 posts,

Ok this isnt a exploit, this is a scanner!
He scans just for vulnerablity!
In the exploit research section ull find a remote root exploit!
And YES ive got a shell!
90% of the vulns are hackable!

But u must do it right!
First of all u must exploit it,

THCBAD.exe ip TARGETID

then u must use nc.exe

nc.exe -v IP 31337

I got many shells and it owns!

what is the THCBAD.exe mazer? cant find it anywhere or it was just an example?

oops sorry . it was real.exe. but still crashing all the time


thx for the tool

peace out

ok ill explain the bug!
Thats not my bug!!
There are exist another service who uses port 554 too!
This service will crash ya real.exe
also if u see nothing is moving in script!
Open Task Manager and look at the real.exe (AT PROCESS)
if there isnt anything moving kill the real.exe and the scan will go to next ip

38.*.net [207.*.*.*] 31337 (?) open
sent 0, rcvd 0: NOTSOCK

didnt spawn me a shell...damn

I have the problem that the scanner likes to crash down often and when i try to terminate the process real.exe my windows xp doesn't want it.

i´ve got one shell , because i scann ober 1500 ip´s mhhh!

Because ya all doesnt know how u scan right!

First of all, if u get result from scan500 anything like this

192.168.0.1
192.168.0.2
192.168.0.3
192.168.0.4
192.168.0.5
192.168.0.6
192.168.0.7
192.168.0.8
192.168.0.9
192.168.0.10
192.168.0.11
192.168.0.12
192.168.0.13

U can delete this entrys! While these are servers with the (filtered) up Service who will crash ya script!
Second
if u exploit a server! real ip 0 << for windows
then u must connect with
nc -v ip 31337

I got over 20 shells!!! and they are linux and windows!!!!!!!!!!!!!
one of this is Windows 2003!

maybe it's possible to make a part in the script that makes skip ip's hanigng for more than 5 / 10 seconds... that would be nice

is anyone else having a problem where netcat tells you that port 31337 is open, but refuses to connect to it?

C:\>nc -v 208.x.x.x 31337
ftp.xxxx.com [208.x.x.x] 31337 (?) open

any ideas on how to actually get a shell with this exploit?

make your own .exe with your own shellcode of the windows version of your IP...
or just skip