Добрый день, форумчане, мне очень нужен скрипт для поиска веб папок\админок на удаленном сервере, желательно на php, хотя сойдет и просто txt файл со списком директорий формата: ... /phpmyadmin/ /admin/ /control/ /a/ /b/ ... Раньше был у меня такой список дир, но к сожалению канул в небытие он вместе со старым жестким диском. Подскажите откуда качнуть или скиньте линк ПМ Заранее спасибо=)
http://forum.antichat.ru/showpost.php?p=3130335&postcount=10 http://forum.xakep.ru/m_1498833/mpage_1/key_Установка%2ccurl%2cdenwer/tm.htm
http://sourceforge.net/projects/dirbuster/ читаем о нем тут https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project
PHP: <?php class BrutAdminPanels { public $admins_filename = 'directories.txt'; public $links_filename = 'vuln.txt'; public $found_filename = 'found.txt'; public $admin_dirs = array(); public $links = array(); public function showInfo() { echo '********************************' . "\r\n"; echo '* *' . "\r\n"; echo '* Bruteforce Admin Panels v0.1 *' . "\r\n"; echo '* *' . "\r\n"; echo '************** [coded by _xtc] *' . "\r\n\r\n"; } public function getAdminDirs() { $handle = fopen($this->admins_filename, 'r'); $content = fread($handle, filesize($this->admins_filename)); fclose($handle); if (!empty($content)) { preg_match_all('/(.*?)\r\n/s', $content, $match); foreach ($match[1] as $dir) { $this->admin_dirs[] = $dir; } } } public function getURL($url) { preg_match_all('/(?P<url>http:\/\/.*?\/)/s', $url, $match); $this->links[] = $match['url'][0]; } public function getLinks() { $handle = fopen($this->links_filename, 'r'); $content = fread($handle, filesize($this->links_filename)); fclose($handle); if (!empty($content)) { preg_match_all('/(http:\/\/.*?\/)/s', $content, $match); foreach ($match[1] as $link) { $this->links[] = $link; } } } public function getContent($domain, $query) { $content = ''; $fp = fsockopen($domain, 80, $errno, $errstr, 30); if ($fp != false) { $header = "GET " . $query . " HTTP/1.1\r\n"; $header .= "User-Agent: Opera/9.80 (Windows NT 5.1; U;) Version/11.11\r\n"; $header .= "Host: " . $domain . "\r\n"; $header .= "Connection: Close\r\n\r\n"; fwrite($fp, $header); while (!feof($fp)) { $content .= fgets($fp); } fclose($fp); return $content; } return false; } public function writeToFile($str = '', $option) { $handle = fopen($this->found_filename, $option); fwrite($handle, $str); fclose($handle); } public function brutting() { foreach ($this->links as $link) { preg_match('/http:\/\/(?P<domain>.*)\//s', $link, $match); $domain = $match['domain']; foreach ($this->admin_dirs as $dir) { $content = $this->getContent($domain, '/' . $dir . '/'); if (!empty($content)) { if (preg_match('/HTTP\/1.[01] (?:200 OK|302 Found|401 Authorization Required)/s', $content)) { echo 'http://' . $domain . '/' . $dir . '/' . "\r\n"; $this->writeToFile('http://' . $domain . '/' . $dir . '/' . "\r\n", 'a'); } } } } } public function __construct($argv) { $this->showInfo(); $this->getAdminDirs(); if (count($argv == 2)) { $this->getURL($argv[1]); } else { $this->getLinks(); } $this->brutting(); } } $BrutAdminPanels = new BrutAdminPanels($argv); ?> Список админок: Code: admin -admin admin- _admin admin_ Admin _Admin Admin_ ADMIN _adm adm adm_ a ad ads admins admincp admincms cmsadmin webadmin sysadmin camadmin admin1 admin2 adminlogin administrator _administrator administrator_ Administrator _Administrator Administrator_ administration administrations _administrations administrations_ Administrations _Administrations Administrations_ adminpanel _adminpanel adminpanel_ AdminPanel _AdminPanel AdminPanel_ admindir Admindir admin_dir db-admin dbadmin wp-admin fileadmin myadmin panel Panel site login Login logins account Account accounting acct website dev webaccess user users members access Access cms _cms CMS _CMS controlpanel ControlPanel cp CP secret privacy root _root auth _auth Auth authorization Authorization secure webmaster my hidden mng manage manager private
