[Perl] DH Secret Finder 0.8

Un script en Perl que sirve como buscador de archivos web , tiene las siguientes opciones :

• Buscar panel de administracion
• Buscar dominios
• Buscar directorios importantes
• Buscar archivos importantes
• Buscar PHP Shells
• Guardar todo en logs

El codigo :

# !usr/bin/perl
# DH Secret Finder 0.8
# (C) Doddy Hackman 2016
# Credits for the arrays :
# Dirs : directory-list-2.3-small.txt - Copyright 2007 James Fisher
# Files : Based in wfuzz-1.4
# Link for Files : https://raw.githubusercontent.com/tuwid/darkc0de-old-stuff/master/wfuzz-1.4/wordlists/common.txt
# Shells : Based in https://github.com/bhavyanshu/Shell-Finder

use LWP::UserAgent;
use Getopt::Long;
use Color::Output;
Color::Output::Init;

GetOptions(
"panels"   => \$panels,
"domains"   => \$domains,
    "dirs"  => \$dirs,
    "files"   => \$files,
    "shells"   => \$shells,
"url=s"   => \$url,
    "savefile=s"  => \$savefile,
    "verbose"  => \$verbose
);

head();

if ($panels) {
if($panels && $url) {
search($url,"panel");
} else {
sintax();
}
}
elsif ($domains) {
if($domains && $url) {
search($url,"domain");
} else {
sintax();
}
}
elsif ($dirs) {
if($dirs && $url) {
search($url,"dir");
} else {
sintax();
}
}
elsif ($files) {
if($files && $url) {
search($url,"file");
} else {
sintax();
}
}
elsif ($shells) {
if($shells && $url) {
search($url,"shell");
} else {
sintax();
}
}
else {
    sintax();
}

copyright();

# Functions

sub search {
my ($url,$type) = @_;

my $wordlist = "";
my $name = "";

if($type eq "panel") {
$wordlist = "wordlists/panels.txt";
$name = "Panels";
} elsif($type eq "domain") {
$wordlist = "wordlists/domains.txt";
$name = "Domains";
} elsif($type eq "dir") {
$wordlist = "wordlists/directories.txt";
$name = "Directories";
} elsif($type eq "file") {
$wordlist = "wordlists/files.txt";
$name = "Files";
} elsif($type eq "shell") {
$wordlist = "wordlists/shells.txt";
$name = "Shells";
} else {
$wordlist = "wordlists/panels.txt";
$name = "Panels";
}

my $cantidad = 0;

if(-f $wordlist) {
printear_titulo("[+] Loading Wordlist ...\n");
my @wordlist = load_wordlist($wordlist);
printear("\n[+] Wordlist Loaded : ");
print int(@wordlist)." lines\n";
printear_logo("\n[+] Searching $name in $url ...\n\n");
for my $line(@wordlist) {
chomp $line;
my $link = "";
if($type eq "domain") {
$link = $line.".".$url;
} else {
$link = $url."/".$line;
}
if(check_page($link)) {
if($verbose) {
printear("[+] Checking ");
printear_logo("$link : ");
printear_azul("OK\n");
} else {
printear_azul("[+] Link : $link\n");
}
$cantidad++;
if($savefile) {
savefile($savefile,"[+] Link : $link");
}
} else {
if($verbose) {
printear("[+] Checking ");
printear_logo("$link : ");
printear_rojo("FAIL\n");
}
}
}
printear("\n[+] $name Found : ");
print "$cantidad\n";
if($cantidad eq "0") {
printear("\n[-] $name not found\n");
}
if($savefile) {
printear_logo("\n[+] Logs $savefile saved\n");
}
printear_titulo("\n[+] Finished\n");
} else {
printear_rojo("\n[-] Wordlist not exists");
}
}

# More Functions

sub check_page {
my $url = shift;
my $nave = LWP::UserAgent->new(ssl_opts => {verify_hostname => 0,SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE});
$nave->agent("Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0");
$nave->timeout(10);
my $code = $nave->get($url);
if ($code->is_success) {
return 1;
} else {
return 0;
}
}

sub load_wordlist {
    my @result;
    my @words;
    open( FILE, $_[0] );
    @words = <FILE>;
    close FILE;
    for (@words) {
        push( @result, $_ );
    }
    return (@result);
}

sub savefile {
my ($filename,$text) = @_;
open( SAVE, ">>" . $filename );
print SAVE $text . "\n";
close SAVE;
}

sub printear {
    cprint( "\x036" . $_[0] . "\x030" );
}

sub printear_logo {
    cprint( "\x037" . $_[0] . "\x030" );
}

sub printear_titulo {
    cprint( "\x0310" . $_[0] . "\x030" );
}

sub printear_rojo {
    cprint( "\x035" . $_[0] . "\x030" );
}

sub printear_azul {
    cprint( "\x033" . $_[0] . "\x030" );
}

sub sintax {
    printear("[+] Sintax : ");
    print "perl $0 <option> <value>\n";
    printear("\n[+] Options : \n\n");
    print "-panel -url <url> : Find panel administration in the URL\n";
    print "-domain -url <url> : Find domains in the URL\n";
    print "-dirs -url <url> : Find directories in the URL\n";
    print "-files -url <url> : Find files in the URL\n";
print "-shells -url <url> : Find shells in the URL\n";
print "-savefile <filename> : Save results\n";
    printear("\n[+] Example : ");
    print "perl secret_finder.pl -shells http://localhost/ -savefile results.txt\n";
    copyright();
}

sub head {
    printear_logo("\n-- == DH Secret Finder 0.8 == --\n\n\n");
}

sub copyright {
    printear_logo("\n\n-- == (C) Doddy Hackman 2016 == --\n\n");
    exit(1);
}

#The End ?

Si quieren bajar el programa lo pueden hacer de aca :

SourceForge.
Github.

Eso seria todo.

Bastante tiempo ya de conocerte y sigues desarrollando herramientas de calidad.

ok , gracias por comentar JETY.

Gracias!! Seguí desarrollando herramientas como esta