/* CrAzY ScAn by Asmbeginer.com */
/* cc -o crazy crazy.c          */
/* ./crazy 127.0.0.1            */

#include <fcntl.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <signal.h>
#include <stdio.h>
#include <string.h>
#include <netdb.h>
#include <ctype.h>
#include <arpa/nameser.h>
#include <sys/stat.h>
#include <strings.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/socket.h>

void main(int argc, char *argv[])
{
 int sock;
 struct in_addr addr;
 struct sockaddr_in sin;
 struct hostent *he;
 unsigned long start;
 unsigned long end;
 unsigned long counter;
 char buffer[1024];
 int count=0;
 int ntcheck;
 char ntbuff[1024];
 char *buff[140];    
 

 buff[1] = "GET /cfdocs/zero.cfm HTTP/1.0\n\n";
 buff[2] = "GET /cfdocs/root.cfm HTTP/1.0\n\n";
 buff[3] = "GET /cfdocs/expressions.cfm HTTP/1.0\n\n";
 buff[4] = "GET /cfdocs/TOXIC.CFM HTTP/1.0\n\n";
 buff[5] = "GET /cfdocs/MOLE.CFM  HTTP/1.0\n\n";
 buff[6] = "GET /cfdocs/expeval/exprcalc.cfm HTTP/1.0\n\n";
 buff[7] = "GET /cfdocs/expeval/sendmail.cfm HTTP/1.0\n\n";
 buff[8] = "GET /cfdocs/expeval/eval.cfm HTTP/1.0\n\n";
 buff[9] = "GET /cfdocs/expeval/openfile.cfm HTTP/1.0\n\n";
 buff[10] = "GET /cfdocs/expeval/displayopenedfile.cfm HTTP/1.0\n\n";
 buff[11] = "GET /cfdocs/exampleapp/publish/admin/addcontent.cfm
HTTP/1.0\n\n";
 buff[12] = "GET
/cfdocs/exampleapp/email/getfile.cfm?filename=c:\boot.ini HTTP/1.0\n\n";
 buff[13] = "GET /cfdocs/exampleapp/publish/admin/application.cfm
HTTP/1.0\n\n";
 buff[14] = "GET /cfdocs/exampleapp/email/application.cfm HTTP/1.0\n\n";
 buff[15] = "GET /cfdocs/exampleapp/docs/sourcewindow.cfm HTTP/1.0\n\n";
 buff[16] = "GET /cfdocs/examples/parks/detail.cfm HTTP/1.0\n\n";
 buff[17] = "GET /cfdocs/examples/cvbeans/beaninfo.cfm HTTP/1.0\n\n";
 buff[18] = "GET /cfdocs/cfmlsyntaxcheck.cfm HTTP/1.0\n\n";
 buff[19] = "GET /cfdocs/snippets/viewexample.cfm HTTP/1.0\n\n";
 buff[20] = "GET /cfdocs/snippets/gettempdirectory.cfm HTTP/1.0\n\n";
 buff[21] = "GET /cfdocs/snippets/fileexists.cfm HTTP/1.0\n\n";
 buff[22] = "GET /cfdocs/snippets/evaluate.cfm HTTP/1.0\n\n";
 buff[23] = "GET /cfappman/index.cfm HTTP/1.0\n\n";
 buff[24] = "GET /cfusion/cfapps/forums/forums_.mdb HTTP/1.0\n\n";
 buff[25] = "GET /cfusion/cfapps/security/realm_.mdb HTTP/1.0\n\n";
 buff[26] = "GET /cfusion/cfapps/forums/data/forums.mdb HTTP/1.0\n\n";
 buff[27] = "GET /cfusion/cfapps/security/data/realm.mdb HTTP/1.0\n\n";
 buff[28] = "GET /cfusion/database/cfexamples.mdb HTTP/1.0\n\n";
 buff[29] = "GET /cfusion/database/cfsnippets.mdb HTTP/1.0\n\n";
 buff[30] = "GET /cfusion/database/smpolicy.mdb HTTP/1.0\n\n";
 buff[31] = "GET /cfusion/database/cypress.mdb HTTP/1.0\n\n";
 buff[32] = "GET /DataBase/ HTTP/1.0\n\n";
 buff[33] = "GET /database.nsf/e1466a8590/6048076233?OpenDocument
HTTP/1.0\n\n";
 buff[34] = "GET /database.nsf/e146fa8590/6148076233?EditDocument
HTTP/1.0\n\n";
 buff[35] = "GET /database.nsf/e146fa8590/6148076233?DeleteDocument
HTTP/1.0\n\n";
 buff[36] = "GET /domcfg.nsf/?open HTTP/1.0\n\n";
 buff[37] = "GET /domcfg.nsf/URLRedirect/?OpenForm. HTTP/1.0\n\n";
 buff[38] = "GET /domcfg.nsf/ HTTP/1.0\n\n";
 buff[39] = "GET /domlog.nsf/ HTTP/1.0\n\n";
 buff[40] = "GET /log.nsf/  HTTP/1.0\n\n";
 buff[41] = "GET /catalog.nsf/ HTTP/1.0\n\n";
 buff[42] = "GET /names.nsf/   HTTP/1.0\n\n";
 buff[43] = "GET /database.nsf/ HTTP/1.0\n\n";
 buff[44] = "GET /today.nsf/   HTTP/1.0\n\n";
 buff[45] = "GET /cgi-bin/cgi-lib.pl  HTTP/1.0\n\n";
 buff[46] = "GET /cgi-bin/imagemap.c  HTTP/1.0\n\n";
 buff[47] = "GET /cgi-bin/imagemap.exe HTTP/1.0\n\n";
 buff[48] = "GET /cgi-bin/minimal.exe  HTTP/1.0\n\n";
 buff[49] = "GET /cgi-bin/redir.exe    HTTP/1.0\n\n";
 buff[50] = "GET /cgi-bin/stats.prg    HTTP/1.0\n\n";
 buff[51] = "GET /cgi-bin/statsconfig HTTP/1.0\n\n";
 buff[52] = "GET /cgi-bin/visadmin.exe HTTP/1.0\n\n";
 buff[53] = "GET /cgi-bin/visitor.exe  HTTP/1.0\n\n";
 buff[54] = "GET /cgi-bin/htmldocs     HTTP/1.0\n\n";
 buff[55] = "GET /cgi-bin/logs          HTTP/1.0\n\n";
 buff[56] = "GET /scripts/    HTTP/1.0\n\n";
 buff[57] = "GET /Default.asp HTTP/1.0\n\n";
 buff[58] = "GET /_vti_bin  HTTP/1.0\n\n";
 buff[59] = "GET /_vti_bin/_vti_adm HTTP/1.0\n\n";
 buff[60] = "GET /_vti_bin/_vti_aut HTTP/1.0\n\n";
 buff[61] = "GET /srchadm  HTTP/1.0\n\n";
 buff[62] = "GET /iisadmin   HTTP/1.0\n\n";
 buff[63] = "GET /_AuthChangeUrl? HTTP/1.0\n\n";
 buff[64] = "GET /_vti_inf.html HTTP/1.0\n\n";
 buff[65] = "GET /?PageServices HTTP/1.0\n\n";
 buff[66] = "GET /html/?PageServices  HTTP/1.0\n\n";
 buff[67] = "GET /scripts/cpshost.dll HTTP/1.0\n\n";
 buff[68] = "GET /scripts/uploadn.asp HTTP/1.0\n\n";
 buff[69] = "GET /scripts/uploadx.asp HTTP/1.0\n\n";
 buff[70] = "GET /scripts/upload.asp  HTTP/1.0\n\n";
 buff[71] = "GET /scripts/repost.asp  HTTP/1.0\n\n";
 buff[72] = "GET /scripts/postinfo.asp HTTP/1.0\n\n";
 buff[73] = "GET /scripts/run.exe HTTP/1.0\n\n";
 buff[74] = "GET /scripts/iisadmin/bdir.htr HTTP/1.0\n\n";
 buff[75] = "GET /scripts/iisadmin/samples/ctgestb.htx HTTP/1.0\n\n";
 buff[76] = "GET /scripts/iisadmin/samples/ctgestb.idc HTTP/1.0\n\n";
 buff[77] = "GET /scripts/iisadmin/samples/details.htx HTTP/1.0\n\n";
 buff[78] = "GET /scripts/iisadmin/samples/details.idc HTTP/1.0\n\n";
 buff[79] = "GET /scripts/iisadmin/samples/query.htx HTTP/1.0\n\n";
 buff[80] = "GET /scripts/iisadmin/samples/query.idc HTTP/1.0\n\n";
 buff[81] = "GET /scripts/iisadmin/samples/register.htx HTTP/1.0\n\n";
 buff[82] = "GET /scripts/iisadmin/samples/register.idc HTTP/1.0\n\n";
 buff[83] = "GET /scripts/iisadmin/samples/sample.htx HTTP/1.0\n\n";
 buff[84] = "GET /scripts/iisadmin/samples/sample.idc HTTP/1.0\n\n";
 buff[85] = "GET /scripts/iisadmin/samples/sample2.htx HTTP/1.0\n\n";
 buff[86] = "GET /scripts/iisadmin/samples/viewbook.htx HTTP/1.0\n\n";
 buff[87] = "GET /scripts/iisadmin/samples/viewbook.idc HTTP/1.0\n\n";
 buff[88] = "GET /scripts/iisadmin/tools/ct.htx HTTP/1.0\n\n";
 buff[89] = "GET /scripts/iisadmin/tools/ctss.idc HTTP/1.0\n\n";
 buff[90] = "GET /scripts/iisadmin/tools/dsnform.exe HTTP/1.0\n\n";
 buff[91] = "GET /scripts/iisadmin/tools/getdrvrs.exe HTTP/1.0\n\n";
 buff[92] = "GET /scripts/iisadmin/tools/mkilog.exe HTTP/1.0\n\n";
 buff[93] = "GET /scripts/iisadmin/tools/newdsn.exe HTTP/1.0\n\n";
 buff[94] = "GET /IISADMPWD/achg.htr HTTP/1.0\n\n";
 buff[95] = "GET /IISADMPWD/aexp.htr HTTP/1.0\n\n";
 buff[96] = "GET /IISADMPWD/aexp2.htr HTTP/1.0\n\n";
 buff[97] = "GET /IISADMPWD/aexp2b.htr HTTP/1.0\n\n";
 buff[98] = "GET /IISADMPWD/aexp3.htr HTTP/1.0\n\n";
 buff[99] = "GET /IISADMPWD/aexp4.htr HTTP/1.0\n\n";
 buff[100] = "GET /IISADMPWD/aexp4b.htr HTTP/1.0\n\n";
 buff[101] = "GET /IISADMPWD/anot.htr  HTTP/1.0\n\n";
 buff[102] = "GET /IISADMPWD/anot3.htr HTTP/1.0\n\n";
 buff[103] = "GET /_vti_pvt/writeto.cnf HTTP/1.0\n\n";
 buff[104] = "GET /_vti_pvt/svcacl.cnf HTTP/1.0\n\n";
 buff[105] = "GET /_vti_pvt/services.cnf HTTP/1.0\n\n";
 buff[106] = "GET /_vti_pvt/service.stp  HTTP/1.0\n\n";
 buff[107] = "GET /_vti_pvt/service.cnf  HTTP/1.0\n\n";
 buff[108] = "GET /_vti_pvt/access.cnf   HTTP/1.0\n\n";
 buff[109] = "GET /_private/registrations.txt HTTP/1.0\n\n";
 buff[110] = "GET /_private/registrations.htm HTTP/1.0\n\n";
 buff[111] = "GET /_private/register.txt  HTTP/1.0\n\n";
 buff[112] = "GET /_private/register.htm  HTTP/1.0\n\n";
 buff[113] = "GET /_private/orders.txt  HTTP/1.0\n\n";
 buff[114] = "GET /_private/orders.htm  HTTP/1.0\n\n";
 buff[115] = "GET /_private/form_results.htm HTTP/1.0\n\n";
 buff[116] = "GET /_private/form_results.txt HTTP/1.0\n\n";
 buff[117] = "GET /admisapi/fpadmin.htm HTTP/1.0\n\n";
 buff[118] = "GET /scripts/Fpadmcgi.exe HTTP/1.0\n\n";
 buff[119] = "GET /_vti_bin/shtml.dll HTTP/1.0\n\n";
 buff[120] = "GET /_vti_bin/_vti_aut/author.dll HTTP/1.0\n\n";
 buff[121] = "GET /_vti_bin/_vti_adm/admin.dll  HTTP/1.0\n\n";
 buff[122] = "GET /msads/Samples/selector/showcode.asp HTTP/1.0\n\n";
 buff[123] = "GET /scripts/perl? HTTP/1.0\n\n";
 buff[124] = "GET /scripts/proxy/w3proxy.dll HTTP/1.0\n\n";
 buff[125] = "GET /iissamples/sdk/asp/docs/codebrws.asp HTTP/1.0\n\n";
 buff[126] = "GET /iissamples/exair/howitworks/codebrws.asp
HTTP/1.0\n\n";
 buff[127] = "GET /scripts/CGImail.exe HTTP/1.0\n\n";
 buff[128] = "GET /AdvWorks/equipment/catalog_type.asp HTTP/1.0\n\n";
 buff[129] = "GET /scripts/iisadmin/default.htm HTTP/1.0\n\n";
 buff[130] = "GET /msadc/samples/adctest.asp HTTP/1.0\n\n";
 buff[131] = "GET /msadc/msadcs.dll HTTP/1.0\n\n";
 buff[132] = "GET /adsamples/config/site.csc HTTP/1.0\n\n";
 buff[133] = "GET /scripts/../../cmd.exe HTTP/1.0\n\n";
 buff[134] = "GET /scripts/cpshost.dll HTTP/1.0\n\n";
 buff[135] = "GET /scripts/convert.bas HTTP/1.0\n\n";
 buff[136] = "GET .html/...... HTTP/1.0\n\n";
 buff[137] = "GET /publisher/ HTTP/1.0\n\n";
 buff[138] = "GET ..../Windows/Admin.pwl HTTP/1.0\n\n";
 buff[139] = "GET ....../......ida/con HTTP/1.0\n\n";


 if (argc>2)
   {
   printf("\nusage : %s host ",argv[0]); 
   exit(0);
   }


 if ((he=gethostbyname(argv[1])) == NULL)
   {
   herror("gethostbyname");
   exit(0);
   }


 start=inet_addr(argv[1]);
 counter=ntohl(start);

   sock=socket(AF_INET, SOCK_STREAM, 0);
   bcopy(he->h_addr, (char *)&sin.sin_addr, he->h_length);
   sin.sin_family=AF_INET;
   sin.sin_port=htons(80);

  if (connect(sock, (struct sockaddr*)&sin, sizeof(sin))!=0)
     {
     perror("connect");
     }

while(count++ < 140)   
   {
   sock=socket(AF_INET, SOCK_STREAM, 0);
   bcopy(he->h_addr, (char *)&sin.sin_addr, he->h_length);
   sin.sin_family=AF_INET;
   sin.sin_port=htons(80);
   if (connect(sock, (struct sockaddr*)&sin, sizeof(sin))!=0)
     {
     perror("connect");
     }
  
  
   for(ntcheck=0; ntcheck < 1024; ntcheck++)

      {
      ntbuff[ntcheck] = '\0';
      } 

   send(sock, buff[count],strlen(buff[count]),0);
   recv(sock,ntbuff, sizeof(ntbuff),0);
   
   close(sock);
   
}
 }