Un programa para buscar el panel de administracion usando threads para ser mas rápido y cómodo al usuario.
Una imagen :
(http://doddyhackman.webcindario.com/images/adminfinder10.jpg)
El codigo :
// Admin Finder 1.0
// (C) Doddy Hackman 2016
unit finder;
interface
uses
Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants,
System.Classes, Vcl.Graphics,
Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.ExtCtrls, Vcl.StdCtrls,
Vcl.ComCtrls, idHTTP, OtlThreadPool, OtlComm, OtlTask,
OtlTaskControl, Vcl.Imaging.pngimage;
type
TFormHome = class(TForm)
imgLogo: TImage;
gbEnterConfiguration: TGroupBox;
lblPage: TLabel;
lblThreads: TLabel;
txtPage: TEdit;
txtThreads: TEdit;
udThreads: TUpDown;
gbConsole: TGroupBox;
mmOutput: TMemo;
btnStart: TButton;
btnStop: TButton;
status: TStatusBar;
procedure btnStopClick(Sender: TObject);
procedure btnStartClick(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
FormHome: TFormHome;
implementation
{$R *.dfm}
// Functions
function message_box(title, message_text, type_message: string): string;
begin
if not(title = '') and not(message_text = '') and not(type_message = '') then
begin
try
begin
if (type_message = 'Information') then
begin
MessageBox(FormHome.Handle, PChar(message_text), PChar(title),
MB_ICONINFORMATION);
end
else if (type_message = 'Warning') then
begin
MessageBox(FormHome.Handle, PChar(message_text), PChar(title),
MB_ICONWARNING);
end
else if (type_message = 'Question') then
begin
MessageBox(FormHome.Handle, PChar(message_text), PChar(title),
MB_ICONQUESTION);
end
else if (type_message = 'Error') then
begin
MessageBox(FormHome.Handle, PChar(message_text), PChar(title),
MB_ICONERROR);
end
else
begin
MessageBox(FormHome.Handle, PChar(message_text), PChar(title),
MB_ICONINFORMATION);
end;
Result := '[+] MessageBox : OK';
end;
except
begin
Result := '[-] Error';
end;
end;
end
else
begin
Result := '[-] Error';
end;
end;
function check_page(page: string): boolean;
var
nave: TIdHTTP;
begin
try
begin
nave := TIdHTTP.Create(nil);
nave.Request.UserAgent :=
'Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0';
nave.Get(page);
if nave.ResponseCode = 200 then
begin
Result := True;
end
else
begin
Result := False;
end;
nave.Free();
end;
except
begin
Result := False;
end;
end;
end;
//
procedure TFormHome.btnStartClick(Sender: TObject);
var
i: integer;
path: string;
const
paths: array [1 .. 250] of string = ('admin/admin.asp', 'admin/login.asp',
'admin/index.asp', 'admin/admin.aspx', 'admin/login.aspx',
'admin/index.aspx', 'admin/webmaster.asp', 'admin/webmaster.aspx',
'asp/admin/index.asp', 'asp/admin/index.aspx', 'asp/admin/admin.asp',
'asp/admin/admin.aspx', 'asp/admin/webmaster.asp',
'asp/admin/webmaster.aspx', 'admin/', 'login.asp', 'login.aspx',
'admin.asp', 'admin.aspx', 'webmaster.aspx', 'webmaster.asp',
'login/index.asp', 'login/index.aspx', 'login/login.asp',
'login/login.aspx', 'login/admin.asp', 'login/admin.aspx',
'administracion/index.asp', 'administracion/index.aspx',
'administracion/login.asp', 'administracion/login.aspx',
'administracion/webmaster.asp', 'administracion/webmaster.aspx',
'administracion/admin.asp', 'administracion/admin.aspx', 'php/admin/',
'admin/admin.php', 'admin/index.php', 'admin/login.php', 'admin/system.php',
'admin/ingresar.php', 'admin/administrador.php', 'admin/default.php',
'administracion/', 'administracion/index.php', 'administracion/login.php',
'administracion/ingresar.php', 'administracion/admin.php',
'administration/', 'administration/index.php', 'administration/login.php',
'administrator/index.php', 'administrator/login.php',
'administrator/system.php', 'system/', 'system/login.php', 'admin.php',
'login.php', 'administrador.php', 'administration.php', 'administrator.php',
'admin1.html', 'admin1.php', 'admin2.php', 'admin2.html', 'yonetim.php',
'yonetim.html', 'yonetici.php', 'yonetici.html', 'adm/',
'admin/account.php', 'admin/account.html', 'admin/index.html',
'admin/login.html', 'admin/home.php', 'admin/controlpanel.html',
'admin/controlpanel.php', 'admin.html', 'admin/cp.php', 'admin/cp.html',
'cp.php', 'cp.html', 'administrator/', 'administrator/index.html',
'administrator/login.html', 'administrator/account.html',
'administrator/account.php', 'administrator.html', 'login.html',
'modelsearch/login.php', 'moderator.php', 'moderator.html',
'moderator/login.php', 'moderator/login.html', 'moderator/admin.php',
'moderator/admin.html', 'moderator/', 'account.php', 'account.html',
'controlpanel/', 'controlpanel.php', 'controlpanel.html',
'admincontrol.php', 'admincontrol.html', 'adminpanel.php',
'adminpanel.html', 'admin1.asp', 'admin2.asp', 'yonetim.asp',
'yonetici.asp', 'admin/account.asp', 'admin/home.asp',
'admin/controlpanel.asp', 'admin/cp.asp', 'cp.asp',
'administrator/index.asp', 'administrator/login.asp',
'administrator/account.asp', 'administrator.asp', 'modelsearch/login.asp',
'moderator.asp', 'moderator/login.asp', 'moderator/admin.asp',
'account.asp', 'controlpanel.asp', 'admincontrol.asp', 'adminpanel.asp',
'fileadmin/', 'fileadmin.php', 'fileadmin.asp', 'fileadmin.html',
'administration.html', 'sysadmin.php', 'sysadmin.html', 'phpmyadmin/',
'myadmin/', 'sysadmin.asp', 'sysadmin/', 'ur-admin.asp', 'ur-admin.php',
'ur-admin.html', 'ur-admin/', 'Server.php', 'Server.html', 'Server.asp',
'Server/', 'wpadmin/', 'administr8.php', 'administr8.html', 'administr8/',
'administr8.asp', 'webadmin/', 'webadmin.php', 'webadmin.asp',
'webadmin.html', 'administratie/', 'admins/', 'admins.php', 'admins.asp',
'admins.html', 'administrivia/', 'Database_Administration/', 'WebAdmin/',
'useradmin/', 'sysadmins/', 'admin1/', 'systemadministration/',
'administrators/', 'pgadmin/', 'directadmin/', 'staradmin/',
'ServerAdministrator/', 'SysAdmin/', 'administer/', 'LiveUser_Admin/',
'sysadmin/', 'typo3/', 'panel/', 'cpanel/', 'cPanel/', 'cpanel_file/',
'platz_login/', 'rcLogin/', 'blogindex/', 'formslogin/', 'autologin/',
'support_login/', 'meta_login/', 'manuallogin/', 'simpleLogin/',
'loginflat/', 'utility_login/', 'showlogin/', 'memlogin/', 'members/',
'login-redirect/', 'sublogin/', 'wplogin/', 'login1/', 'dirlogin/',
'login_db/', 'xlogin/', 'smblogin/', 'customer_login/', 'UserLogin/',
'loginus/', 'acct_login/', 'admin_area/', 'bigadmin/', 'project-admins/',
'phppgadmin/', 'pureadmin/', 'sqladmin/', 'radmind/', 'openvpnadmin/',
'wizmysqladmin/', 'vadmind/', 'ezsqliteadmin/', 'hpwebjetadmin/',
'newsadmin/', 'adminpro/', 'Lotus_Domino_Admin/', 'bbadmin/', 'vmailadmin/',
'Indy_admin/', 'ccp14admin/', 'irc-macadmin/', 'banneradmin/', 'sshadmin/',
'phpldapadmin/', 'macadmin/', 'administratoraccounts/', 'admin4_account/',
'admin4_colon/', 'radmind1/', 'SuperAdmin/', 'AdminTools/', 'cmsadmin/',
'SysAdmin2/', 'globes_admin/', 'cadmins/', 'phpSQLiteAdmin/',
'navSiteAdmin/', 'server_admin_small/', 'logo_sysadmin/', 'server/',
'database_administration/', 'power_user/', 'system_administration/',
'ss_vms_admin_sm/');
begin
if not(txtPage.Text = '') and not(txtThreads.Text = '') then
begin
GlobalOmniThreadPool.MaxExecuting := StrToInt(txtThreads.Text) *
System.CPUCount;
status.Panels[0].Text := '[+] Scanning ...';
FormHome.Update;
for i := Low(paths) to High(paths) do
begin
Application.ProcessMessages;
path := txtPage.Text + '/' + paths[i];
CreateTask(
procedure(const task: IOmniTask)
var
path_to_load: string;
begin
path_to_load := task.Param['path'].AsString;
status.Panels[0].Text := 'Checking : ' + path_to_load + ' ...';
FormHome.Update;
if (check_page(path_to_load)) then
begin
mmOutput.Lines.Add(path_to_load);
end;
end).SetParameter('path', path).Unobserved.Schedule;
end;
while GlobalOmniThreadPool.CountExecuting +
GlobalOmniThreadPool.CountQueued > 0 do
begin
Application.ProcessMessages;
end;
status.Panels[0].Text := '[+] Finished';
FormHome.Update;
message_box('Admin Finder 1.0', 'Scan Finished', 'Information');
end
else
begin
message_box('Admin Finder 1.0', 'Complete the configuration', 'Warning');
end;
end;
procedure TFormHome.btnStopClick(Sender: TObject);
begin
GlobalOmniThreadPool.CancelAll;
status.Panels[0].Text := '[+] Stopped';
FormHome.Update;
message_box('Admin Finder 1.0', 'Scan Stopped', 'Information');
end;
end.
// The End ?
Si quieren bajar el programa y el proyecto con el codigo fuente lo pueden hacer desde aca :
SourceForge (https://sourceforge.net/projects/admin-finder/).
Eso seria todo.