Scaner de Directorios

Iniciado por @ed33x, Enero 27, 2011, 08:55:45 PM

Tema anterior - Siguiente tema

0 Miembros y 1 Visitante están viendo este tema.

Imprimir
Ir Abajo Páginas1
Acciones del Usuario
Enero 27, 2011, 08:55:45 PM Ultima modificación: Marzo 14, 2015, 09:56:27 AM por Expermicid
Código: perl
#!/usr/bin/perl

#

#bY boER

use LWP::UserAgent;

my $ua = LWP::UserAgent->new();

$ua->timeout(10);

$ua->agent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801");

unless($ARGV[0]){

	OUT("#############################################\n");

	OUT("\n Usage: perl $0 website\n");

	OUT("\n#############################################\n");

	exit(0);

}

if($^O =~ /Win/){

	system("cls");

}else{

	system("clear");

}

OUT("#############################################\n");

OUT("        Scanner Directory!\n");

OUT("#############################################\n");

OUT(" 200 - OK\n");

OUT(" 401 - Authorization Required\n");

OUT(" 403 - Forbidden\n");

OUT(" 500 - Bad Hostname | Internal Server Error\n");

OUT("#############################################\n");

$webcl = clear($ARGV[0]);

OUT("\n# Scanning: $webcl\n\n");

brute($webcl);

OUT("\n# Scanning Finished\n");

sub brute{

	$web = shift;

	@paths = ("access","active","adm","admin","_admin","administrator",

	"administracion","_administracion","~administracion","administer",

	"upload","uploads","~adm","~admin","~administrator","~guest","~mail",

	"~operator","~root","~sys","~sysadm","~sysadmin","~test","~user","~www",

	"~webmaster","admin_upload","admin_uploadpic","editpassword",

	"manager_userinfo","manager_tongji","managerenter","incupfile","inc",

	"upfile","admin_index","admin_admin","index_admin","index","admindefault",

	"default","manage","login","manage_index","index_manage","admin1",

	"admin_login","login_admin","ad_login","ad_manage","count","manager",

	"adminlogin","adminuserlogin","adm_login","chklogin","adduser","adminuser",

	"admin_user","edituser","adminadduser","adminmember","addmember","adminedit",

	"admin_edit","up","upfiles","aadmin","admintab","admin_main","fileadmin",

	"databases","includeinc","***","app","apacheasp","apps","archive","archives",

	"asp","back","backup","back-up","bak","bakup","bak-up","basic","bea","bin",

	"binaries","broken","c","cc","connections","ccs","cache","cgi","fcgi",

	"cgibin","cgi-win","class","classes","classified","classifieds","code",

	"common","credit","creditcards","cv","cvs","customer","customers",

	"CYBERDOCS","CYBERDOCS25","CYBERDOCS31","d","dfiles","data","database",

	"db","dbase","dbm","dbms","demo","dev","devel","develop","development",

	"doc","docs","docs41","docs51","dms","e","email","downloads","ecommerce",

	"ebriefs","error","errors","esales","echannel","esupport","etc","exec",

	"executable","executables","extra","extranet","examples","exchange",

	"fcgi-bin","functions","feedback","file","files","forum","forums","ftp",

	"graphics","galeria","gallery","galerias","guestbook","guests","help",

	"hidden","hide","home","homes","htm","html","imagen","images","icons",

	"incs","include","includes","interactive","internet","intranet","java",

	"javascript","js","jsp","keep","kept","ldap","lib","libs","libraries",

	"links","log","logfiles","logs","lightbox2","mail","me","members","mine",

	"mirror","mirrors","mp3","mp3s","ms","mssql","ms-sql","music","my","new",

	"old","online","order","orders","pages","_pages","pass","passes","passwd",

	"password","polls","passwords","perl","personal","personals","php","_php",

	"phpincludes","pics","pl","pls","plx","press","priv","private","products",

	"production","pub","public","removed","reports","root","sales","save",

	"saved","scripts","secret","secrets","security","servlet","servlets",

	"soap","soapdocs","source","site","sites","SiteServer","sql","src",

	"staff","stats","statistics","ssi","stuff","support","temp","temps","test",

	"text","texts","tmp","user","users","var","vb","vbs","vbscript","vbscripts",

	"weblogic","www","xcache","xsql","zip","zips","W3SVC","W3SVC3","index.php",

	"index.html","phpmyadmin","phpMyAdmin",".bash_history","upload.php",

	"upload.asp","uploader.php","uploader.asp","phpinfo.php","_banners",

	"_adv","468","88","ads","adv","ban","baners","bann","banner","banners",

	"bannerz","be","begun","bn","bnr","cnstats","cnt","phpadsnew","server-status",

	"server-info",".server-status",".server-info",".passwd","INSTALL","_vti_log",

	"admcgi","_notes","_tmp","_temp","panel","_panel","~panel","upFiles","img",

	"es","css","socios","Documentation","INSTALLsetup.php","Upfile","cgi-bin",

	"content","secure","mysql","4Dbin","trustscn_pdos","trustscn_pdos1","_vti_bin",

	"Connections","_mmServerScripts","bot","imag","lobatos","phpmyadm","Phpmyadmin",

	"PhpMyAdmin","PhpGAdmin","PhpInclude","PhpIncludes","phpscripts","PhpScripts",

	"_vti_txt","cgi-local","cgis","WS_FTP.LOG","User.php","Upload.php","AlbumDB.php",

	"add_comment.php","add_photo.php","admin.php","adm.php","adm.asp","admin.asp","main",

	"web","global","globals","uploader","logon","sign","signin","example","update",

	"readme","client","clients","cmd","logfile","details","shtml","asa","jsa",

	"txt","cfm","sav","nsf","bat","com","exe","dll","reg","tar","tar.gz","tgz",

	"o","sh","member","auth","login.php","user.php","admin.php~","members.php",

	"members.php~","configuration.php~","config.php~","Setting.php~","Settings.php~",

	"Settings_bak.php~","Setting_bak.php~","config-bak.php~","member.php","users.php",

	"webadmin.php","webadmin","miembro","miembros","administrador","administration",

	"config.php.inc","config.php.inc~","configuration.php.inc","configuration.php.inc~",

	"DBConnection.inc","includesDBConnection.inc","includesDBConnection.php.inc");

	foreach $path(@paths){

		chomp($path);

		$code = $ua->get($web . $path)->status_line;

		check_code($code,$path);

	}

}

sub check_code{

	$ncode = shift;

	$path = shift;

	$wp = $webcl . $path;

	if($ncode =~ /200/){

		OUT("$wp\t=>\t200 OK\n");

	}

	if($ncode =~ /401/){

		OUT("$wp\t=>\t401 Authorization Required\n");

	}

	if($ncode =~ /403/){

		OUT("$wp\t=>\t403 Forbidden\n");

	}

	if($ncode =~ /500/){

		OUT("$wp\t=>\t500 Internal Server Error\n");

	}

}

sub clear{

	$website = shift;

	if($website !~ /^http/){

		$website = 'http://' . $website;

	}

	if($website !~ /\/$/){

		$website.='/';

	}

	return $website;

}

sub OUT{

	$msg = shift;

	syswrite STDOUT, "$msg";

}
Me cambie de messenger ahora es: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or LoginYou are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login
Imprimir
Ir Arriba Páginas1
Acciones del Usuario