Un script en Perl que sirve como buscador de archivos web , tiene las siguientes opciones :
- Buscar panel de administracion
- Buscar dominios
- Buscar directorios importantes
- Buscar archivos importantes
- Buscar PHP Shells
- Guardar todo en logs
El codigo :
# !usr/bin/perl
# DH Secret Finder 0.8
# (C) Doddy Hackman 2016
# Credits for the arrays :
# Dirs : directory-list-2.3-small.txt - Copyright 2007 James Fisher
# Files : Based in wfuzz-1.4
# Link for Files : https://raw.githubusercontent.com/tuwid/darkc0de-old-stuff/master/wfuzz-1.4/wordlists/common.txt
# Shells : Based in https://github.com/bhavyanshu/Shell-Finder
use LWP::UserAgent;
use Getopt::Long;
use Color::Output;
Color::Output::Init;
GetOptions(
"panels" => \$panels,
"domains" => \$domains,
"dirs" => \$dirs,
"files" => \$files,
"shells" => \$shells,
"url=s" => \$url,
"savefile=s" => \$savefile,
"verbose" => \$verbose
);
head();
if ($panels) {
if($panels && $url) {
search($url,"panel");
} else {
sintax();
}
}
elsif ($domains) {
if($domains && $url) {
search($url,"domain");
} else {
sintax();
}
}
elsif ($dirs) {
if($dirs && $url) {
search($url,"dir");
} else {
sintax();
}
}
elsif ($files) {
if($files && $url) {
search($url,"file");
} else {
sintax();
}
}
elsif ($shells) {
if($shells && $url) {
search($url,"shell");
} else {
sintax();
}
}
else {
sintax();
}
copyright();
# Functions
sub search {
my ($url,$type) = @_;
my $wordlist = "";
my $name = "";
if($type eq "panel") {
$wordlist = "wordlists/panels.txt";
$name = "Panels";
} elsif($type eq "domain") {
$wordlist = "wordlists/domains.txt";
$name = "Domains";
} elsif($type eq "dir") {
$wordlist = "wordlists/directories.txt";
$name = "Directories";
} elsif($type eq "file") {
$wordlist = "wordlists/files.txt";
$name = "Files";
} elsif($type eq "shell") {
$wordlist = "wordlists/shells.txt";
$name = "Shells";
} else {
$wordlist = "wordlists/panels.txt";
$name = "Panels";
}
my $cantidad = 0;
if(-f $wordlist) {
printear_titulo("[+] Loading Wordlist ...\n");
my @wordlist = load_wordlist($wordlist);
printear("\n[+] Wordlist Loaded : ");
print int(@wordlist)." lines\n";
printear_logo("\n[+] Searching $name in $url ...\n\n");
for my $line(@wordlist) {
chomp $line;
my $link = "";
if($type eq "domain") {
$link = $line.".".$url;
} else {
$link = $url."/".$line;
}
if(check_page($link)) {
if($verbose) {
printear("[+] Checking ");
printear_logo("$link : ");
printear_azul("OK\n");
} else {
printear_azul("[+] Link : $link\n");
}
$cantidad++;
if($savefile) {
savefile($savefile,"[+] Link : $link");
}
} else {
if($verbose) {
printear("[+] Checking ");
printear_logo("$link : ");
printear_rojo("FAIL\n");
}
}
}
printear("\n[+] $name Found : ");
print "$cantidad\n";
if($cantidad eq "0") {
printear("\n[-] $name not found\n");
}
if($savefile) {
printear_logo("\n[+] Logs $savefile saved\n");
}
printear_titulo("\n[+] Finished\n");
} else {
printear_rojo("\n[-] Wordlist not exists");
}
}
# More Functions
sub check_page {
my $url = shift;
my $nave = LWP::UserAgent->new(ssl_opts => {verify_hostname => 0,SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE});
$nave->agent("Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0");
$nave->timeout(10);
my $code = $nave->get($url);
if ($code->is_success) {
return 1;
} else {
return 0;
}
}
sub load_wordlist {
my @result;
my @words;
open( FILE, $_[0] );
@words = <FILE>;
close FILE;
for (@words) {
push( @result, $_ );
}
return (@result);
}
sub savefile {
my ($filename,$text) = @_;
open( SAVE, ">>" . $filename );
print SAVE $text . "\n";
close SAVE;
}
sub printear {
cprint( "\x036" . $_[0] . "\x030" );
}
sub printear_logo {
cprint( "\x037" . $_[0] . "\x030" );
}
sub printear_titulo {
cprint( "\x0310" . $_[0] . "\x030" );
}
sub printear_rojo {
cprint( "\x035" . $_[0] . "\x030" );
}
sub printear_azul {
cprint( "\x033" . $_[0] . "\x030" );
}
sub sintax {
printear("[+] Sintax : ");
print "perl $0 <option> <value>\n";
printear("\n[+] Options : \n\n");
print "-panel -url <url> : Find panel administration in the URL\n";
print "-domain -url <url> : Find domains in the URL\n";
print "-dirs -url <url> : Find directories in the URL\n";
print "-files -url <url> : Find files in the URL\n";
print "-shells -url <url> : Find shells in the URL\n";
print "-savefile <filename> : Save results\n";
printear("\n[+] Example : ");
print "perl secret_finder.pl -shells http://localhost/ -savefile results.txt\n";
copyright();
}
sub head {
printear_logo("\n-- == DH Secret Finder 0.8 == --\n\n\n");
}
sub copyright {
printear_logo("\n\n-- == (C) Doddy Hackman 2016 == --\n\n");
exit(1);
}
#The End ?
Si quieren bajar el programa lo pueden hacer de aca :
SourceForge (https://sourceforge.net/projects/dh-secret-finder/).
Github (https://github.com/DoddyHackman/DH_Secret_Finder).
Eso seria todo.
Bastante tiempo ya de conocerte y sigues desarrollando herramientas de calidad.
ok , gracias por comentar JETY.
Gracias!! Seguí desarrollando herramientas como esta