ADMF 0.3 (скрипт для подбора админки)[Perl]

Код:

#!usr/bin/perl
 
#                      _
#  _ __ ___  ___ _____| |__            _ __ _   _
# | '__| _ \|  _'  _  \  _ \          | '__| | | |
# | | | (_) \ | | | | | (_) )         | |  | '_| |
# |_|  \___._\| |_| |_|____/.DATAPUNK.|_|   \___._\
#
# _ _ _ _ _ _ _ _ _ _ _ _ admf.pl ver 0.3 by ta-kyn
# _ _ _ _ _ _ _ _ _ _admin.txt file by Admin Finder
 
use LWP::UserAgent;
use Getopt::Long;
 
our $targeturl="";
our $proxy="";
our $adminfile="";
 
$options = GetOptions ('targeturl=s'=> \$targeturl, 'proxy'=> \$proxy);
# Если targeturl не введён – вызываем функцию help()
if (!$targeturl) {
   &help(); 
} else {
# А если введен, проверяем что нам там навводили =)
$pattern = qr/^(http\:\/\/)+([a-z0-9\-]+\.)+([a-z]{2,6})$/i;
  if ($targeturl =~ m/$pattern/) {
    $adminfile = "admin.txt";
    if (-s $adminfile) {
      print "\n";
      print "admin.txt found. Size\:", -s $adminfile, "b\n";
      #print "\n";
      &go(); 
      } else {
      print "\n";
      print "ERROR! admin.txt NOT FOUND!";
      print "\n";
      exit; 
    }
  } else {
   print "\n";
   print "ERROR! URL not correct\n";
   &help();
   print "\n";
   exit;
  }
}
 
sub go() {
 
my @list;
my $col = 0;
 
open(ADMINLIST, '<admin.txt') or die("ERROR open file admin.txt $!"); 
flock(ADMINLIST, 2) or die("ERROR! lock file admin.txt $!");
@list=<ADMINLIST>;
chomp (@list);
flock(ADMINLIST, 8) or die("ERROR! unlock file admin.txt $!");
close(ADMINLIST);
 
my $spider = LWP::UserAgent->new();
$spider->agent(&f_agent());
 
print "Start!\n";
 
  if ($proxy) {
  $proxurl = &proxy(); 
  $spider->proxy(['http']=>"http://".$proxurl."/");
  print "Using proxy " . $proxurl ."\n";
  }
 
my $request = HTTP::Request->new(GET => $targeturl);
my $result = $spider->request($request);
 
  if ($result->code() == "500") {
  print "Can't connect to ". $targeturl ."\n";
  exit;
  } else {
 
    for($i=0;$i<@list;$i++) {
    my $request = HTTP::Request->new(GET => $targeturl."\/".$list[$i]."\n");
    my $result = $spider->request($request);
 
    print $targeturl."\/".$list[$i]."\n";
    print $result->status_line()."\n";
    print "\n";
 
      if ($result->code() != "404") {
      $col++;
      open(LOGLIST, '>>admf-log.txt') or die("ERROR open file admf-log.txt $!");
      flock(LOGLIST, 2) or die("ERROR! lock file admf-log.txt $!");
      print LOGLIST "]--------------------->$targeturl\n";
      print LOGLIST "URL: $targeturl/$list[$i]\n";
      print LOGLIST $result->status_line()."\n";
      print LOGLIST "\n";
      flock(LOGLIST, 8) or die("ERROR! unlock file admf-log.txt $!");
      close(LOGLIST);      
      }
    }
 
  if ($col != 0) {
  print "FOUND! Result - file admf-log.txt\n";
  } else {
  print "Sorry, not found =(\n"
  }
 }
 
undef $spider;
undef @list;
}
 
sub proxy() {
 
  my $proxycheck = LWP::UserAgent->new();
  $proxycheck->agent(&f_agent());
 
  open(PROXYLIST, 'proxy.txt') or die ("ERROR open file proxy.txt $!");
  flock(PROXYLIST, 2) or die("ERROR! lock file admin.txt $!");
  @proxylist=<PROXYLIST>;
  chomp (@proxylist);
  flock(PROXYLIST, 8) or die("ERROR! unlock file admin.txt $!");
  close(PROXYLIST);
 
    if (scalar @proxylist == 0) { print "Proxy not found\n";
                                  exit; }
 
    for ($j=0;$j<@proxylist;$j++) {
      my $pr = $proxylist[$j];
      $proxycheck->proxy(['http'] => 'http://'.$pr);
      if ($proxycheck->get('http://ya.ru')->is_success) {return $pr;}
    }
 
  print "Working proxy not found!\n";
  undef $pr;
  undef @proxlist;
  undef $proxycheck;
  exit;
}
 
sub f_agent {
my @agent = qw(Opera/9.15 Opera/9.12 Opera/8.60b IE/4.0 IE/5.0 IE/6.0 IE/7.0 Mozilla/4.0 Mozilla/5.0);
return $agent[rand scalar @agent];
}
 
sub help() {
print "\n";
print "<------------------------[admf.pl]------------------------>\n";
print "Usage:\n";
print "--targeturl=URL target site\n";
print "for use proxy add flag. file: proxy.txt (ip:port): --proxy\n";
print "Example:\n";
print "admf.pl --targeturl=http://xxx.com --proxy\n";
print "<--------------------------------------------------------->\n";
print "\n";
}
 
undef $targeturl;
undef $proxy;
undef $adminfile;
 
__END__

admin.txt

Код:

admin1.php
admin1.html
admin2.php
admin2.html
yonetim.php
yonetim.html
yonetici.php
yonetici.html
adm/
admin/
admin/account.php
admin/account.html
admin/index.php
admin/index.html
admin/login.php
admin/login.html
admin/home.php
admin/controlpanel.html
admin/controlpanel.php
admin.php
admin.html
admin/cp.php
admin/cp.html
cp.php
cp.html
administrator/
administrator/index.html
administrator/index.php
administrator/login.html
administrator/login.php
administrator/account.html
administrator/account.php
administrator.php
administrator.html
login.php
login.html
login/
modelsearch/login.php
moderator.php
moderator.html
moderator/login.php
moderator/login.html
moderator/admin.php
moderator/admin.html
moderator/
account.php
account.html
controlpanel/
controlpanel.php
controlpanel.html
admincontrol.php
admincontrol.html
adminpanel.php
adminpanel.html
admin1.asp
admin2.asp
yonetim.asp
yonetici.asp
admin/account.asp
admin/index.asp
admin/login.asp
admin/home.asp
admin/controlpanel.asp
admin.asp
admin/cp.asp
cp.asp
administrator/index.asp
administrator/login.asp
administrator/account.asp
administrator.asp
login.asp
modelsearch/login.asp
moderator.asp
moderator/login.asp
moderator/admin.asp
account.asp
controlpanel.asp
admincontrol.asp
adminpanel.asp
fileadmin/
fileadmin.php
fileadmin.asp
fileadmin.html
administration/
administration.php
administration.html
sysadmin.php
sysadmin.html
phpmyadmin/
myadmin/
sysadmin.asp
sysadmin/
ur-admin.asp
ur-admin.php
ur-admin.html
ur-admin/
Server.php
Server.html
Server.asp
Server/
wp-admin/
administr8.php
administr8.html
administr8/
administr8.asp
webadmin/
webadmin.php
webadmin.asp
webadmin.html
administratie/
admins/
admins.php
admins.asp
admins.html
administrivia/
Database_Administration/
WebAdmin/
useradmin/
sysadmins/
admin1/
system-administration/
administrators/
pgadmin/
directadmin/
staradmin/
ServerAdministrator/
SysAdmin/
administer/
LiveUser_Admin/
sys-admin/
typo3/
panel/
cpanel/
cPanel/
cpanel_file/
platz_login/
rcLogin/
blogindex/
formslogin/
autologin/
support_login/
meta_login/
manuallogin/
simpleLogin/
loginflat/
utility_login/
showlogin/
memlogin/
members/
login-redirect/
sub-login/
wp-login/
login1/
dir-login/
login_db/
xlogin/
smblogin/
customer_login/
UserLogin/
login-us/
acct_login/
admin_area/
bigadmin/
project-admins/
phppgadmin/
pureadmin/
sql-admin/
radmind/
openvpnadmin/
wizmysqladmin/
vadmind/
ezsqliteadmin/
hpwebjetadmin/
newsadmin/
adminpro/
Lotus_Domino_Admin/
bbadmin/
vmailadmin/
Indy_admin/
ccp14admin/
irc-macadmin/
banneradmin/
sshadmin/
phpldapadmin/
macadmin/
administratoraccounts/
admin4_account/
admin4_colon/
radmind-1/
Super-Admin/
AdminTools/
cmsadmin/
SysAdmin2/
globes_admin/
cadmins/
phpSQLiteAdmin/
navSiteAdmin/
server_admin_small/
logo_sysadmin/
server/
database_administration/
power_user/
system_administration/
ss_vms_admin_sm/

Инструкция взлома - Это пособия для безопасности!

Меню навигации

Пользовательские ссылки

Объявление

Информация о пользователе

ADMF 0.3 (скрипт для подбора админки)[Perl]

Сообщений 1 страница 1 из 1

Поделиться12011-08-27 12:20:56