[Perl] DH Secret Finder 0.8

BigBear · Enero 22, 2017, 09:36:42 AM

Un script en Perl que sirve como buscador de archivos web , tiene las siguientes opciones :

Buscar panel de administracion
Buscar dominios
Buscar directorios importantes
Buscar archivos importantes
Buscar PHP Shells

Guardar todo en logs

El codigo :

Código: perl


# !usr/bin/perl
# DH Secret Finder 0.8
# (C) Doddy Hackman 2016
# Credits for the arrays : 
# Dirs : directory-list-2.3-small.txt - Copyright 2007 James Fisher
# Files : Based in wfuzz-1.4
# Link for Files : https://raw.githubusercontent.com/tuwid/darkc0de-old-stuff/master/wfuzz-1.4/wordlists/common.txt
# Shells : Based in https://github.com/bhavyanshu/Shell-Finder

use LWP::UserAgent;
use Getopt::Long;
use Color::Output;
Color::Output::Init;

GetOptions(
	"panels"   => \$panels,
	"domains"   => \$domains,
    "dirs"  => \$dirs,
    "files"   => \$files,
    "shells"   => \$shells,
	"url=s"   => \$url,
    "savefile=s"  => \$savefile,
    "verbose"  => \$verbose
);

head();

if ($panels) {
	if($panels && $url) {
		search($url,"panel");
	} else {
		sintax();
	}	
}
elsif ($domains) {
	if($domains && $url) {
		search($url,"domain");
	} else {
		sintax();
	}
}
elsif ($dirs) {
	if($dirs && $url) {
		search($url,"dir");
	} else {
		sintax();
	}
}
elsif ($files) {
	if($files && $url) {
		search($url,"file");
	} else {
		sintax();
	}
}
elsif ($shells) {
	if($shells && $url) {
		search($url,"shell");
	} else {
		sintax();
	}
}
else {
    sintax();
}

copyright();

# Functions

sub search {
	my ($url,$type) = @_;
	
	my $wordlist = "";
	my $name = "";
	
	if($type eq "panel") {
		$wordlist = "wordlists/panels.txt";
		$name = "Panels";
	} elsif($type eq "domain") {
		$wordlist = "wordlists/domains.txt";
		$name = "Domains";
	} elsif($type eq "dir") {
		$wordlist = "wordlists/directories.txt";
		$name = "Directories";
	} elsif($type eq "file") {
		$wordlist = "wordlists/files.txt";
		$name = "Files";
	} elsif($type eq "shell") {
		$wordlist = "wordlists/shells.txt";
		$name = "Shells";
	} else {
		$wordlist = "wordlists/panels.txt";
		$name = "Panels";
	}
	
	my $cantidad = 0;
	
	if(-f $wordlist) {
		printear_titulo("[+] Loading Wordlist ...\n");
		my @wordlist = load_wordlist($wordlist);
		printear("\n[+] Wordlist Loaded : ");
		print int(@wordlist)." lines\n";
		printear_logo("\n[+] Searching $name in $url ...\n\n");
		for my $line(@wordlist) {
			chomp $line;
			my $link = "";
			if($type eq "domain") {
				$link = $line.".".$url;
			} else {
				$link = $url."/".$line;
			}
			if(check_page($link)) {
				if($verbose) {
					printear("[+] Checking ");
					printear_logo("$link : ");
					printear_azul("OK\n");
				} else {
					printear_azul("[+] Link : $link\n");
				}
				$cantidad++;
				if($savefile) {
					savefile($savefile,"[+] Link : $link");
				}
			} else {
				if($verbose) {
					printear("[+] Checking ");
					printear_logo("$link : ");
					printear_rojo("FAIL\n");
				}
			}
		}
		printear("\n[+] $name Found : ");
		print "$cantidad\n";
		if($cantidad eq "0") {
			printear("\n[-] $name not found\n");
		}
		if($savefile) {
			printear_logo("\n[+] Logs $savefile saved\n");
		}
		printear_titulo("\n[+] Finished\n");
	} else {
		printear_rojo("\n[-] Wordlist not exists");
	}
}

# More Functions

sub check_page {
	my $url = shift;
	my $nave = LWP::UserAgent->new(ssl_opts => {verify_hostname => 0,SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE});
	$nave->agent("Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0");
	$nave->timeout(10);	
	my $code = $nave->get($url);
	if ($code->is_success) {
		return 1;
	} else {
		return 0;
	}
}

sub load_wordlist {
    my @result;
    my @words;
    open( FILE, $_[0] );
    @words = <FILE>;
    close FILE;
    for (@words) {
        push( @result, $_ );
    }
    return (@result);
}

sub savefile {
	my ($filename,$text) = @_;
	open( SAVE, ">>" . $filename );
	print SAVE $text . "\n";
	close SAVE;
}

sub printear {
    cprint( "\x036" . $_[0] . "\x030" );
}

sub printear_logo {
    cprint( "\x037" . $_[0] . "\x030" );
}

sub printear_titulo {
    cprint( "\x0310" . $_[0] . "\x030" );
}

sub printear_rojo {
    cprint( "\x035" . $_[0] . "\x030" );
}

sub printear_azul {
    cprint( "\x033" . $_[0] . "\x030" );
}

sub sintax {
    printear("[+] Sintax : ");
    print "perl $0 <option> <value>\n";
    printear("\n[+] Options : \n\n");
    print "-panel -url <url> : Find panel administration in the URL\n";
    print "-domain -url <url> : Find domains in the URL\n";
    print "-dirs -url <url> : Find directories in the URL\n";
    print "-files -url <url> : Find files in the URL\n";
	print "-shells -url <url> : Find shells in the URL\n";
	print "-savefile <filename> : Save results\n";
    printear("\n[+] Example : ");
    print "perl secret_finder.pl -shells http://localhost/ -savefile results.txt\n";
    copyright();
}

sub head {
    printear_logo("\n-- == DH Secret Finder 0.8 == --\n\n\n");
}

sub copyright {
    printear_logo("\n\n-- == (C) Doddy Hackman 2016 == --\n\n");
    exit(1);
}

#The End ?

Si quieren bajar el programa lo pueden hacer de aca :

You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login.
You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login.

Eso seria todo.

JETY · Enero 22, 2017, 09:55:02 PM

Bastante tiempo ya de conocerte y sigues desarrollando herramientas de calidad.

BigBear · Febrero 09, 2017, 08:40:05 PM

ok , gracias por comentar JETY.

Leo_Al · Febrero 09, 2017, 09:24:32 PM

Gracias!! Seguí desarrollando herramientas como esta

[Perl] DH Secret Finder 0.8

BigBear

Enero 22, 2017, 09:36:42 AM

JETY

Enero 22, 2017, 09:55:02 PM #1

BigBear

Febrero 09, 2017, 08:40:05 PM #2

Leo_Al

Febrero 09, 2017, 09:24:32 PM #3