Scanner de Directorio

Iniciado por ANTRAX, Marzo 31, 2012, 01:31:35 PM

Tema anterior - Siguiente tema

0 Miembros y 1 Visitante están viendo este tema.

Marzo 31, 2012, 01:31:35 PM Ultima modificación: Marzo 14, 2015, 10:17:15 AM por Expermicid
Código: perl
#!/usr/bin/perl


#


#bY boER


use LWP::UserAgent;


my $ua = LWP::UserAgent->new();


$ua->timeout(10);


$ua->agent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801");


unless($ARGV[0]){


OUT("#############################################\n");


OUT("\n Usage: perl $0 website\n");


OUT("\n#############################################\n");


exit(0);


}


if($^O =~ /Win/){


system("cls");


}else{


system("clear");


}


OUT("#############################################\n");


OUT("        Scanner Directory!\n");


OUT("#############################################\n");


OUT(" 200 - OK\n");


OUT(" 401 - Authorization Required\n");


OUT(" 403 - Forbidden\n");


OUT(" 500 - Bad Hostname | Internal Server Error\n");


OUT("#############################################\n");


$webcl = clear($ARGV[0]);


OUT("\n# Scanning: $webcl\n\n");


brute($webcl);


OUT("\n# Scanning Finished\n");


sub brute{


$web = shift;


@paths = ("access","active","adm","admin","_admin","administrator",


"administracion","_administracion","~administracion","administer",


"upload","uploads","~adm","~admin","~administrator","~guest","~mail",


"~operator","~root","~sys","~sysadm","~sysadmin","~test","~user","~www",


"~webmaster","admin_upload","admin_uploadpic","editpassword",


"manager_userinfo","manager_tongji","managerenter","incupfile","inc",


"upfile","admin_index","admin_admin","index_admin","index","admindefault",


"default","manage","login","manage_index","index_manage","admin1",


"admin_login","login_admin","ad_login","ad_manage","count","manager",


"adminlogin","adminuserlogin","adm_login","chklogin","adduser","adminuser",


"admin_user","edituser","adminadduser","adminmember","addmember","adminedit",


"admin_edit","up","upfiles","aadmin","admintab","admin_main","fileadmin",


"databases","includeinc","***","app","apacheasp","apps","archive","archives",


"asp","back","backup","back-up","bak","bakup","bak-up","basic","bea","bin",


"binaries","broken","c","cc","connections","ccs","cache","cgi","fcgi",


"cgibin","cgi-win","class","classes","classified","classifieds","code",


"common","credit","creditcards","cv","cvs","customer","customers",


"CYBERDOCS","CYBERDOCS25","CYBERDOCS31","d","dfiles","data","database",


"db","dbase","dbm","dbms","demo","dev","devel","develop","development",


"doc","docs","docs41","docs51","dms","e","email","downloads","ecommerce",


"ebriefs","error","errors","esales","echannel","esupport","etc","exec",


"executable","executables","extra","extranet","examples","exchange",


"fcgi-bin","functions","feedback","file","files","forum","forums","ftp",


"graphics","galeria","gallery","galerias","guestbook","guests","help",


"hidden","hide","home","homes","htm","html","imagen","images","icons",


"incs","include","includes","interactive","internet","intranet","java",


"javascript","js","jsp","keep","kept","ldap","lib","libs","libraries",


"links","log","logfiles","logs","lightbox2","mail","me","members","mine",


"mirror","mirrors","mp3","mp3s","ms","mssql","ms-sql","music","my","new",


"old","online","order","orders","pages","_pages","pass","passes","passwd",


"password","polls","passwords","perl","personal","personals","php","_php",


"phpincludes","pics","pl","pls","plx","press","priv","private","products",


"production","pub","public","removed","reports","root","sales","save",


"saved","scripts","secret","secrets","security","servlet","servlets",


"soap","soapdocs","source","site","sites","SiteServer","sql","src",


"staff","stats","statistics","ssi","stuff","support","temp","temps","test",


"text","texts","tmp","user","users","var","vb","vbs","vbscript","vbscripts",


"weblogic","www","xcache","xsql","zip","zips","W3SVC","W3SVC3","index.php",


"index.html","phpmyadmin","phpMyAdmin",".bash_history","upload.php",


"upload.asp","uploader.php","uploader.asp","phpinfo.php","_banners",


"_adv","468","88","ads","adv","ban","baners","bann","banner","banners",


"bannerz","be","begun","bn","bnr","cnstats","cnt","phpadsnew","server-status",


"server-info",".server-status",".server-info",".passwd","INSTALL","_vti_log",


"admcgi","_notes","_tmp","_temp","panel","_panel","~panel","upFiles","img",


"es","css","socios","Documentation","INSTALLsetup.php","Upfile","cgi-bin",


"content","secure","mysql","4Dbin","trustscn_pdos","trustscn_pdos1","_vti_bin",


"Connections","_mmServerScripts","bot","imag","lobatos","phpmyadm","Phpmyadmin",


"PhpMyAdmin","PhpGAdmin","PhpInclude","PhpIncludes","phpscripts","PhpScripts",


"_vti_txt","cgi-local","cgis","WS_FTP.LOG","User.php","Upload.php","AlbumDB.php",


"add_comment.php","add_photo.php","admin.php","adm.php","adm.asp","admin.asp","main",


"web","global","globals","uploader","logon","sign","signin","example","update",


"readme","client","clients","cmd","logfile","details","shtml","asa","jsa",


"txt","cfm","sav","nsf","bat","com","exe","dll","reg","tar","tar.gz","tgz",


"o","sh","member","auth","login.php","user.php","admin.php~","members.php",


"members.php~","configuration.php~","config.php~","Setting.php~","Settings.php~",


"Settings_bak.php~","Setting_bak.php~","config-bak.php~","member.php","users.php",


"webadmin.php","webadmin","miembro","miembros","administrador","administration",


"config.php.inc","config.php.inc~","configuration.php.inc","configuration.php.inc~",


"DBConnection.inc","includesDBConnection.inc","includesDBConnection.php.inc");


foreach $path(@paths){


chomp($path);


$code = $ua->get($web . $path)->status_line;


check_code($code,$path);


}


}


sub check_code{


$ncode = shift;


$path = shift;


$wp = $webcl . $path;


if($ncode =~ /200/){


OUT("$wp\t=>\t200 OK\n");


}


if($ncode =~ /401/){


OUT("$wp\t=>\t401 Authorization Required\n");


}


if($ncode =~ /403/){


OUT("$wp\t=>\t403 Forbidden\n");


}


if($ncode =~ /500/){


OUT("$wp\t=>\t500 Internal Server Error\n");


}


}


sub clear{


$website = shift;


if($website !~ /^http/){


$website = 'http://' . $website;


}


if($website !~ /\/$/){


$website.='/';


}


return $website;


}


sub OUT{


$msg = shift;


syswrite STDOUT, "$msg";

}


Autor: Blozzter