Аналог admin_finder на linux

Автоматический поиск админки под linux, есть ли такая софтина, подскажите кто чем брутит?

 

Вот этой пользуюсь на линухе (perl)
http://files.mail.ru/UNWNSE
здесь в файл sites добавляешь сайты
а в result собираешь результаты
базу можешь сам добавлять

 

Решение на PHP

Code:

<?php
class BrutAdminPanels
{
	public $admins_filename = 'directories.txt';
	public $links_filename = 'sites.txt';
	public $found_filename = 'found.txt';
	public $admin_dirs = array();
	public $links = array();
	
	public function showInfo()
	{
		echo '********************************' . "\r\n";
		echo '*                              *' . "\r\n"; 
		echo '* Bruteforce Admin Panels v0.1 *' . "\r\n";
		echo '*                              *' . "\r\n";
		echo '************** [coded by _xtc] *' . "\r\n\r\n";
	}
	
	public function getAdminDirs()
	{
		$handle = fopen($this->admins_filename, 'r');
		$content = fread($handle, filesize($this->admins_filename));
		fclose($handle);

		if (!empty($content)) {
			preg_match_all('/(.*?)\r\n/s', $content, $match);
			foreach ($match[1] as $dir) {
				$this->admin_dirs[] = $dir;
			}
		}
	}
	
	public function getURL($url)
	{
		preg_match_all('/(?P<url>http:\/\/.*?\/)/s', $url, $match);
		$this->links[] = $match['url'][0];
	}
	
	public function getLinks()
	{
		$handle = fopen($this->links_filename, 'r');
		$content = fread($handle, filesize($this->links_filename));
		fclose($handle);

		if (!empty($content)) {
			preg_match_all('/(http:\/\/.*?\/)/s', $content, $match);
			foreach ($match[1] as $link) {
				$this->links[] = $link;
			}
		}
	}
	
	public function getContent($domain, $query) 
	{
		$content = '';

		$fp = fsockopen($domain, 80, $errno, $errstr, 30);
		
		if ($fp != false) {
			$header  = "GET " . $query . " HTTP/1.1\r\n";
			$header .= "User-Agent: Opera/9.80 (Windows NT 5.1; U;) Version/11.11\r\n";
			$header .= "Host: " . $domain . "\r\n";
			$header .= "Connection: Close\r\n\r\n";
		
			fwrite($fp, $header);
			while (!feof($fp)) {
				$content .= fgets($fp);
			}
			fclose($fp);

			return $content;
		} 
		return false;
	}
	
	public function writeToFile($str = '', $option) 
	{
		$handle = fopen($this->found_filename, $option);
		fwrite($handle, $str);
		fclose($handle);
	}
	
	public function brutting()
	{
		foreach ($this->links as $link)
		{
			preg_match('/http:\/\/(?P<domain>.*)\//s', $link, $match);
			
			$domain = $match['domain'];
			
			foreach ($this->admin_dirs as $dir) {
				$content = $this->getContent($domain, '/' . $dir . '/');

				if (!empty($content)) {
					if (preg_match('/HTTP\/1.[01] (?:200 OK|302 Found|401 Authorization Required)/s', $content)) {
						echo 'http://' . $domain . '/' . $dir . '/' . "\r\n";
						$this->writeToFile('http://' . $domain . '/' . $dir . '/' . "\r\n", 'a');
					}
				}
			}
		}
	}
	
	public function __construct($argv)
	{
		$this->showInfo();
		$this->getAdminDirs();
		
		if (count($argv == 2)) {
			$this->getURL($argv[1]);
		} else {
			$this->getLinks();
		}
		$this->brutting();
	}
}

$BrutAdminPanels = new BrutAdminPanels($argv);
?>

directories.txt:

Code:

admin
-admin
admin-
_admin
admin_
Admin
_Admin
Admin_
ADMIN
_adm
adm
adm_
a
ad
ads
admins
admincp
admincms
cmsadmin
webadmin
sysadmin
camadmin
admin1
admin2
adminlogin
administrator
_administrator
administrator_
Administrator
_Administrator
Administrator_
administration
administrations
_administrations
administrations_
Administrations
_Administrations
Administrations_
adminpanel
_adminpanel
adminpanel_
AdminPanel
_AdminPanel
AdminPanel_
admindir
Admindir
admin_dir
db-admin
dbadmin
wp-admin
fileadmin
myadmin
panel
Panel
site
login
Login
logins
account
Account
accounting
acct
website
dev
webaccess
user
users
members
access
Access
cms
_cms
CMS
_CMS
controlpanel
ControlPanel
cp
CP
secret
privacy
root
_root
auth
_auth
Auth
authorization
Authorization
secure
webmaster
my
hidden
mng
manage
manager
private

В файл sites.txt ложишь список сайтов которые хочешь просканить.
Результат будет в файле found.txt.

 

Ок, пасибо! попробую и ту и другую. На пхп все понятно и просто, на перле тоже хорошо
Вот список админок, подлиннее:

Code:

admin1.php

admin1.html

admin2.php

admin2.html

yonetim.php

yonetim.html

yonetici.php

yonetici.html

adm/

admin/

admin/account.php

admin/account.html

admin/index.php

admin/index.html

admin/login.php

admin/admin_login.php

admin/login.html

admin/home.php

admin/controlpanel.html

admin/controlpanel.php

admin.php

admin.html

admin/cp.php

admin/cp.html

cp.php

cp.html

administrator/

administrator/index.html

administrator/index.php

administrator/login.html

administrator/login.php

administrator/account.html

administrator/account.php

administrator.php

administrator.html

login.php

login.html

modelsearch/login.php

moderator.php

moderator.html

moderator/login.php

moderator/login.html

moderator/admin.php

moderator/admin.html

moderator/

account.php

account.html

controlpanel/

controlpanel.php

controlpanel.html

admincontrol.php

admincontrol.html

adminpanel.php

adminpanel.html

admin1.asp

admin2.asp

yonetim.asp

yonetici.asp

admin/account.asp

admin/index.asp

admin/login.asp

admin/home.asp

admin/controlpanel.asp

admin.asp

admin/cp.asp

cp.asp

administrator/index.asp

administrator/login.asp

administrator/account.asp

administrator.asp

login.asp

modelsearch/login.asp

moderator.asp

moderator/login.asp

moderator/admin.asp

account.asp

controlpanel.asp

admincontrol.asp

adminpanel.asp

fileadmin/

fileadmin.php

fileadmin.asp

fileadmin.html

administration/

administration.php

administration.html

sysadmin.php

sysadmin.html

phpmyadmin/

myadmin/

sysadmin.asp

sysadmin/

ur-admin.asp

ur-admin.php

ur-admin.html

ur-admin/

Server.php

Server.html

Server.asp

Server/

wp-admin/

administr8.php

administr8.html

administr8/

administr8.asp

webadmin/

webadmin.php

webadmin.asp

webadmin.html

administratie/

admins/

admins.php

admins.asp

admins.html

administrivia/

Database_Administration/

WebAdmin/

useradmin/

sysadmins/

admin1/

system-administration/

administrators/

pgadmin/

directadmin/

staradmin/

ServerAdministrator/

SysAdmin/

administer/

LiveUser_Admin/

sys-admin/

typo3/

panel/

cpanel/

cPanel/

cpanel_file/

platz_login/

rcLogin/

blogindex/

formslogin/

autologin/

support_login/

meta_login/

manuallogin/

simpleLogin/

loginflat/

utility_login/

showlogin/

memlogin/

members/

login-redirect/

sub-login/

wp-login/

login1/

dir-login/

login_db/

xlogin/

smblogin/

customer_login/

UserLogin/

login-us/

acct_login/

admin_area/

bigadmin/

project-admins/

phppgadmin/

pureadmin/

sql-admin/

radmind/

openvpnadmin/

wizmysqladmin/

vadmind/

ezsqliteadmin/

hpwebjetadmin/

newsadmin/

adminpro/

Lotus_Domino_Admin/

bbadmin/

vmailadmin/

Indy_admin/

ccp14admin/

irc-macadmin/

banneradmin/

sshadmin/

phpldapadmin/

macadmin/

administratoraccounts/

admin4_account/

admin4_colon/

radmind-1/

Super-Admin/

AdminTools/

cmsadmin/

SysAdmin2/

globes_admin/

cadmins/

phpSQLiteAdmin/

navSiteAdmin/

server_admin_small/

logo_sysadmin/

server/

database_administration/

power_user/

system_administration/

ss_vms_admin_sm/admin/account.html/admin/index.php

admin/login.php/admin/login.html

Amministrazione/

ccms/

ccms/index.php

ccms/login.php

configuration/

configure/

maintenance/

ss_vms_admin_sm/admin1.php

webmaster/

websvn/

wp-login.php

priv/

private/

private.html

private.php

priv8/