Herramienta que busca la ubicacion del phpmyadmin mediante un array que contiene los nombres de directorios mas comunes. Tambien se le pueden agregar mas.
Código: php
<html>
<title>0x3a PMA Finder</title>
<style type="text/css">
body{
background: #000;
color: #FFF;
}
a:visited{
color:#FFF;
text-decoration: none;
}
a:link{
color:#FFF;
text-decoration: none;
}
a:hover{
color:#FF0000;
text-decoration: blink;
}
input,option{
font-family: verdana, sans-serif;
font-size: 16pt;
border: gray 2px solid;
}
#links{
margin:0 auto;
width:860px;
border-color: #E8E8E8;
text-align: right;
}
</style>
<body>
<div id="links">
<center>
<img src="http://www.0x3a.com.ar/img/logo.png"/><br/>
<form action ="" method="post">
URL : <input type ="text" name="site"/>
<input type = "submit" value="PWN!" />
</form>
<?php
/**
*
*
* @author Daniel Godoy
* @copyright 2011
* @Site www.0x3a.com.ar www.remoteexecution.com.ar www.delincuentedital.com.ar
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*
**/
$site = $_POST['site'];
$list = array('/phpMyAdmin/', '/phpmyadmin/','/PMA/','/pma/','/admin/','/dbadmin/','/mysql/', '/myadmin/', '/phpmyadmin2/','/phpMyAdmin2/', '/phpMyAdmin-2/',
'/php-my-admin/','/phpMyAdmin-2.2.3/', '/phpMyAdmin-2.2.6/', '/phpMyAdmin-2.5.1/', '/phpMyAdmin-2.5.4/', '/phpMyAdmin-2.5.5-rc1/',
'/phpMyAdmin-2.5.5-rc2/', '/phpMyAdmin-2.5.5/', '/phpMyAdmin-2.5.5-pl1/', '/phpMyAdmin-2.5.6-rc1/', '/phpMyAdmin-2.5.6-rc2/', '/phpMyAdmin-2.5.6/',
'/phpMyAdmin-2.5.7/', '/phpMyAdmin-2.5.7-pl1/', '/phpMyAdmin-2.6.0-alpha/', '/phpMyAdmin-2.6.0-alpha2/', '/phpMyAdmin-2.6.0-beta1/',
'/phpMyAdmin-2.6.0-beta2/', '/phpMyAdmin-2.6.0-rc1/', '/phpMyAdmin-2.6.0-rc2/', '/phpMyAdmin-2.6.0-rc3/','/phpMyAdmin-2.6.0/',
'/phpMyAdmin-2.6.0-pl1/', '/phpMyAdmin-2.6.0-pl2/', '/phpMyAdmin-2.6.0-pl3/', '/phpMyAdmin-2.6.1-rc1/', '/phpMyAdmin-2.6.1-rc2/',
'/phpMyAdmin-2.6.1/', '/phpMyAdmin-2.6.1-pl1/', '/phpMyAdmin-2.6.1-pl2/', '/phpMyAdmin-2.6.1-pl3/','/phpMyAdmin-2.6.2-rc1/',
'/phpMyAdmin-2.6.2-beta1/', '/phpMyAdmin-2.6.2-rc1/', '/phpMyAdmin-2.6.2/', '/phpMyAdmin-2.6.2-pl1/', '/phpMyAdmin-2.6.3/',
'/phpMyAdmin-2.6.3-rc1/', '/phpMyAdmin-2.6.3/', '/phpMyAdmin-2.6.3-pl1/', '/phpMyAdmin-2.6.4-rc1/', '/phpMyAdmin-2.6.4-pl1/',
'/phpMyAdmin-2.6.4-pl2/', '/phpMyAdmin-2.6.4-pl3/', '/phpMyAdmin-2.6.4-pl4/', '/phpMyAdmin-2.6.4/', '/phpMyAdmin-2.7.0-beta1/',
'/phpMyAdmin-2.7.0-rc1/', '/phpMyAdmin-2.7.0-pl1/', '/phpMyAdmin-2.7.0-pl2/', '/phpMyAdmin-2.7.0/', '/phpMyAdmin-2.8.0-beta1/',
'/phpMyAdmin-2.8.0-rc1/', '/phpMyAdmin-2.8.0-rc2/', '/phpMyAdmin-2.8.0/', '/phpMyAdmin-2.8.0.1/', '/phpMyAdmin-2.8.0.2/', '/phpMyAdmin-2.8.0.3/',
'/phpMyAdmin-2.8.0.4/', '/phpMyAdmin-2.8.1-rc1/', '/phpMyAdmin-2.8.1/', '/phpMyAdmin-2.8.2/', '/sqlmanager/', '/mysqlmanager/', '/p/m/a/',
'/PMA2005/', '/pma2005/', '/phpmanager/', '/php-myadmin/', '/phpmy-admin/', '/webadmin/', '/sqlweb/', '/websql/', '/webdb/', '/mysqladmin/',
'/mysql-admin/','/mya/',
);
if(isset($site)){
foreach($list as $path => $test) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_URL, $site.$test);
$result = curl_exec($ch);
curl_close($ch);
if (preg_match("/200 OK/", $result)){
flush();
echo '<br/>[!] <a href="'.$site.$test.'" target="_blank">'.$site.$test.'</a>';
ob_flush();
}
else if (preg_match("/401 Unauthorized/", $result)) {
flush();
echo '<br/> [!]<a href="'.$site.$test.'" target="_blank">'.$site.$test.'</a>';
ob_flush();
}
}
}
?>
</center>
</div>
</body>
</html>
