رفتن به مطلب
انجمن تیم امنیتی گارد ایران

Admin page finder (Multi (


ارسال های توصیه شده

این ادمین فایندر یکی از ادمین فایندر های قوی هست و دارای دیتابیس کاملی بوده و همونطور ه می دونید قابلیت اضافه نمودن نیز داره :

 

.

#!/usr/bin/perl
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#Explo!ter
#explo1ter@verizon.net
#Admin page finder (Multi)
#you can load your admin pages list 
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

@phpPages = (     
                '/admin/home.php/',
                '/admin/controlpanel.php/',
                '/admin/cp.php/',
                '/admin/adminLogin.php/',
                '/admin/admin_login.php/',
                '/admin/controlpanel.php/',
                '/admin/admin-login.php/',
                '/admin-login.php/',
                '/admin/account.php/',
                '/admin/admin.php/',
                '/admin.php/',
                '/admin.php/',
                '/adminitem.php/',
                '/adminitems.php/',
                '/administrator/login.php/',
                '/administrator.php/',
                '/administration.php/',
                '/adminlogin.php/',
                '/admin_area/admin.php/',
                '/admin_area/login.php/',
                '/manager.php/',
                '/letmein.php/',
                '/superuser.php/',
                '/access.php/',
                '/sysadm.php/',
                '/panel.php/',
                '/control.php/',
                '/member.php/',
                '/members.php/',
                '/user.php/',
                '/manage.php/',
                '/management.php/',
                '/signin.php/',
                '/log-in.php/',
                '/log_in.php/',
                '/sign_in.php/',
                '/sign-in.php/',
                '/users.php/',
                '/accounts.php/',
                '/wp-login.php/',
                '/bb-admin/login.php/',
                '/bb-admin/admin.php/',
                '/bb-admin/admin.php/',
                '/administrator/account.php/',
                '/relogin.php/',
                '/relogin.php/',
                '/check.php/',
                '/relogin.php/',
                '/blog/wp-login.php/',
                '/user/admin.php/',
                '/users/admin.php/',
                '/processlogin.php/',
                '/checklogin.php/',
                '/checkuser.php/',
                '/checkadmin.php/',
                '/isadmin.php/',
                '/authenticate.php/',
                '/authentication.php/',
                '/auth.php/',
                '/authuser.php/',
                '/authadmin.php/',
                '/cp.php/',
                '/modelsearch/login.php/',
                '/moderator.php/',
                '/controlpanel.php/',
                '/admincontrol.php/',
                '/adminpanel.php/',
                '/fileadmin.php/',
                '/sysadmin.php/',
                '/admin1.php/',
                '/admin2.php/',
                '/yonetim.php/',
                '/yonetici.php/',
                '/ur-admin.php/',
                '/Server.php/',
                '/administr8.php/',
                '/webadmin.php/',
                '/admins.php/',
                '/adm.php/',
                '/admin_login.php/',
                '/panel-administracion/login.php/',
                '/pages/admin/admin-login.php/',
                '/acceso.php/',
                '/admincp/login.php/',
                '/affiliate.php/',
                '/adm_auth.php/',
                '/memberadmin.php/',
                '/administratorlogin.php/',
                '/administrators.php/',
                '/siteadmin.php/',
                '/vorod.php/',
                '/vorud.php/',
                '/webmaster.php/',
                '/autologin.php/',
                '/userlogin.php/',
                '/admin_area.php/',
                '/cmsadmin.php/',
                '/admin/login.php/',
                '/admin/adminLogin.php/',
                '/moderator.php/',
                '/moderator.php/',
                '/moderator/login.php/',
                '/moderator/admin.php/',
                '/yonetici.php/',
                '/cgi-bin/login.php/',
                '/login1.php/',
                '/login_admin.php/',
                '/login_out/',
                '/login_out.php/',
                '/login_user.php/',
                '/loginsuper.php/',
                '/logout.php/',
                '/super1.php/',
                '/super_index.php/',
                '/super_login.php/',
                '/supermanager.php/',
                '/superman.php/',
                '/superuser.php/',
                '/supervise/Login.php/',
                '/super.php/',
                '/login.php/',
                '/admin.php/',
                '/login.php/',
                '/login.php/',
                '/login.php/',
                '/admin/account.php/',
                '/admin/login.php/',
                '/admin/login.php/',
                '/admin/home.php/',
                '/admin/controlpanel.php/',
                '/admin/controlpanel.php/',
                '/admin/cp.php/',
                '/admin/adminLogin.php/',
                '/admin/adminLogin.php/',
                '/admin/admin_login.php/',
                '/admin/controlpanel.php/',
                '/admin/admin-login.php/',
                '/admin-login.php/',
                '/admin/account.php/',
                '/admin/admin.php/',
                '/admin.php/',
                '/admin.php/',
                '/adminitem.php/',
                '/adminitems.php/',
                '/administrator/login.php/',
                '/administrator.php/',
                '/administration.php/',
                '/adminlogin.php/',
                '/admin_area/admin.php/',
                '/admin_area/login.php/',
                '/manager.php/',
                '/letmein.php/',
                '/superuser.php/',
                '/access.php/',
                '/sysadm.php/',
                '/panel.php/',
                '/control.php/',
                '/member.php/',
                '/members.php/',
                '/user.php/',
                '/manage.php/',
                '/management.php/',
                '/signin.php/',
                '/log-in.php/',
                '/log_in.php/',
                '/sign_in.php/',
                '/sign-in.php/',
                '/users.php/',
                '/accounts.php/',
                '/wp-login.php/',
                '/bb-admin/login.php/',
                '/bb-admin/admin.php/',
                '/bb-admin/admin.php/',
                '/administrator/account.php/',
                '/relogin.php/',
                '/relogin.php/',
                '/check.php/',
                '/relogin.php/',
                '/blog/wp-login.php/',
                '/user/admin.php/',
                '/users/admin.php/',
                '/processlogin.php/',
                '/checklogin.php/',
                '/checkuser.php/',
                '/checkadmin.php/',
                '/isadmin.php/',
                '/authenticate.php/',
                '/authentication.php/',
                '/auth.php/',
                '/authuser.php/',
                '/authadmin.php/',
                '/modelsearch/login.php/',
                '/moderator.php/',
                '/controlpanel.php/',
                '/admincontrol.php/',
                '/adminpanel.php/',
                '/fileadmin.php/',
                '/sysadmin.php/',
                '/admin1.php/',
                '/admin1.php/',
                '/admin1.php/',
                '/admin2.php/',
                '/admin2.php/',
                '/yonetim.php/',
                '/yonetim.php/',
                '/yonetici.php/',
                '/yonetici.php/',
                '/ur-admin.php/',
                '/Server.php/',
                '/wp-admin/',
                '/administr8.php/',
                '/webadmin.php/',
                '/admins.php/',
                '/admin_login.php/',
                '/panel-administracion/login.php/',
                '/pages/admin/admin-login.php/',
                '/acceso.php/',
                '/admincp/login.php/',
                '/affiliate.php/',
                '/adm_auth.php/',
                '/memberadmin.php/',
                '/administratorlogin.php/',
                '/administrators.php/',
                '/siteadmin.php/',
                '/vorod.php/',
                '/vorud.php/',
                '/webmaster.php/',
                '/autologin.php/',
                '/userlogin.php/',
                '/admin_area.php/',
                '/cmsadmin.php/',
                '/admin/login.php/',
                '/admin/adminLogin.php/',
                '/moderator.php/',
                '/moderator.php/',
                '/moderator/login.php/',
                '/moderator/admin.php/',
                '/yonetici.php/',
                '/cgi-bin/login.php/',
                '/login1.php/',
                '/login_admin.php/',
                '/login_out.php/',
                '/login_user.php/',
                '/loginsuper.php/',
                '/logout.php/',
                '/super1.php/',
                '/super_index.php/',
                '/super_login.php/',
                '/supermanager.php/',
                '/superman.php/',
                '/superuser.php/',
                '/supervise/Login.php/',
                '/super.php/',
                '/adm.php/'
   
                );
@aspPages = (
     
                '/admin/home.asp/',
                '/admin/controlpanel.asp/',
                '/admin/cp.asp/',
                '/admin/adminLogin.asp/',
                '/admin/admin_login.asp/',
                '/admin/controlpanel.asp/',
                '/admin/admin-login.asp/',
                '/admin-login.asp/',
                '/admin/account.asp/',
                '/admin/admin.asp/',
                '/admin.asp/',
                '/admin.asp/',
                '/adminitem.asp/',
                '/adminitems.asp/',
                '/administrator/login.asp/',
                '/administrator.asp/',
                '/administration.asp/',
                '/adminlogin.asp/',
                '/admin_area/admin.asp/',
                '/admin_area/login.asp/',
                '/manager.asp/',
                '/letmein.asp/',
                '/superuser.asp/',
                '/access.asp/',
                '/sysadm.asp/',
                '/panel.asp/',
                '/control.asp/',
                '/member.asp/',
                '/members.asp/',
                '/user.asp/',
                '/manage.asp/',
                '/management.asp/',
                '/signin.asp/',
                '/log-in.asp/',
                '/log_in.asp/',
                '/sign_in.asp/',
                '/sign-in.asp/',
                '/users.asp/',
                '/accounts.asp/',
                '/wp-login.asp/',
                '/bb-admin/login.asp/',
                '/bb-admin/admin.asp/',
                '/bb-admin/admin.asp/',
                '/administrator/account.asp/',
                '/relogin.asp/',
                '/relogin.asp/',
                '/check.asp/',
                '/relogin.asp/',
                '/blog/wp-login.asp/',
                '/user/admin.asp/',
                '/users/admin.asp/',
                '/processlogin.asp/',
                '/checklogin.asp/',
                '/checkuser.asp/',
                '/checkadmin.asp/',
                '/isadmin.asp/',
                '/authenticate.asp/',
                '/authentication.asp/',
                '/auth.asp/',
                '/authuser.asp/',
                '/authadmin.asp/',
                '/cp.asp/',
                '/modelsearch/login.asp/',
                '/moderator.asp/',
                '/controlpanel.asp/',
                '/admincontrol.asp/',
                '/adminpanel.asp/',
                '/fileadmin.asp/',
                '/sysadmin.asp/',
                '/admin1.asp/',
                '/admin2.asp/',
                '/yonetim.asp/',
                '/yonetici.asp/',
                '/ur-admin.asp/',
                '/Server.asp/',
                '/administr8.asp/',
                '/webadmin.asp/',
                '/admins.asp/',
                '/adm.asp/',
                '/admin_login.asp/',
                '/panel-administracion/login.asp/',
                '/pages/admin/admin-login.asp/',
                '/acceso.asp/',
                '/admincp/login.asp/',
                '/affiliate.asp/',
                '/adm_auth.asp/',
                '/memberadmin.asp/',
                '/administratorlogin.asp/',
                '/administrators.asp/',
                '/siteadmin.asp/',
                '/vorod.asp/',
                '/vorud.asp/',
                '/webmaster.asp/',
                '/autologin.asp/',
                '/userlogin.asp/',
                '/admin_area.asp/',
                '/cmsadmin.asp/',
                '/admin/login.asp/',
                '/admin/adminLogin.asp/',
                '/moderator.asp/',
                '/moderator.asp/',
                '/moderator/login.asp/',
                '/moderator/admin.asp/',
                '/yonetici.asp/',
                '/cgi-bin/login.asp/',
                '/login1.asp/',
                '/login_admin.asp/',
                '/login_out/',
                '/login_out.asp/',
                '/login_user.asp/',
                '/loginsuper.asp/',
                '/logout.asp/',
                '/super1.asp/',
                '/super_index.asp/',
                '/super_login.asp/',
                '/supermanager.asp/',
                '/superman.asp/',
                '/superuser.asp/',
                '/supervise/Login.asp/',
                '/super.asp/',
                '/login.asp/',
                '/admin.asp/',
                '/login.asp/',
                '/login.asp/',
                '/login.asp/',
                '/admin/account.asp/',
                '/admin/login.asp/',
                '/admin/login.asp/',
                '/admin/home.asp/',
                '/admin/controlpanel.asp/',
                '/admin/controlpanel.asp/',
                '/admin/cp.asp/',
                '/admin/adminLogin.asp/',
                '/admin/adminLogin.asp/',
                '/admin/admin_login.asp/',
                '/admin/controlpanel.asp/',
                '/admin/admin-login.asp/',
                '/admin-login.asp/',
                '/admin/account.asp/',
                '/admin/admin.asp/',
                '/admin.asp/',
                '/admin.asp/',
                '/adminitem.asp/',
                '/adminitems.asp/',
                '/administrator/login.asp/',
                '/administrator.asp/',
                '/administration.asp/',
                '/adminlogin.asp/',
                '/admin_area/admin.asp/',
                '/admin_area/login.asp/',
                '/manager.asp/',
                '/letmein.asp/',
                '/superuser.asp/',
                '/access.asp/',
                '/sysadm.asp/',
                '/panel.asp/',
                '/control.asp/',
                '/member.asp/',
                '/members.asp/',
                '/user.asp/',
                '/manage.asp/',
                '/management.asp/',
                '/signin.asp/',
                '/log-in.asp/',
                '/log_in.asp/',
                '/sign_in.asp/',
                '/sign-in.asp/',
                '/users.asp/',
                '/accounts.asp/',
                '/wp-login.asp/',
                '/bb-admin/login.asp/',
                '/bb-admin/admin.asp/',
                '/bb-admin/admin.asp/',
                '/administrator/account.asp/',
                '/relogin.asp/',
                '/relogin.asp/',
                '/check.asp/',
                '/relogin.asp/',
                '/blog/wp-login.asp/',
                '/user/admin.asp/',
                '/users/admin.asp/',
                '/processlogin.asp/',
                '/checklogin.asp/',
                '/checkuser.asp/',
                '/checkadmin.asp/',
                '/isadmin.asp/',
                '/authenticate.asp/',
                '/authentication.asp/',
                '/auth.asp/',
                '/authuser.asp/',
                '/authadmin.asp/',
                '/modelsearch/login.asp/',
                '/moderator.asp/',
                '/controlpanel.asp/',
                '/admincontrol.asp/',
                '/adminpanel.asp/',
                '/fileadmin.asp/',
                '/sysadmin.asp/',
                '/admin1.asp/',
                '/admin1.asp/',
                '/admin1.asp/',
                '/admin2.asp/',
                '/admin2.asp/',
                '/yonetim.asp/',
                '/yonetim.asp/',
                '/yonetici.asp/',
                '/yonetici.asp/',
                '/ur-admin.asp/',
                '/Server.asp/',
                '/wp-admin/',
                '/administr8.asp/',
                '/webadmin.asp/',
                '/admins.asp/',
                '/admin_login.asp/',
                '/panel-administracion/login.asp/',
                '/pages/admin/admin-login.asp/',
                '/acceso.asp/',
                '/admincp/login.asp/',
                '/affiliate.asp/',
                '/adm_auth.asp/',
                '/memberadmin.asp/',
                '/administratorlogin.asp/',
                '/administrators.asp/',
                '/siteadmin.asp/',
                '/vorod.asp/',
                '/vorud.asp/',
                '/webmaster.asp/',
                '/autologin.asp/',
                '/userlogin.asp/',
                '/admin_area.asp/',
                '/cmsadmin.asp/',
                '/admin/login.asp/',
                '/admin/adminLogin.asp/',
                '/moderator.asp/',
                '/moderator.asp/',
                '/moderator/login.asp/',
                '/moderator/admin.asp/',
                '/yonetici.asp/',
                '/cgi-bin/login.asp/',
                '/login1.asp/',
                '/login_admin.asp/',
                '/login_out.asp/',
                '/login_user.asp/',
                '/loginsuper.asp/',
                '/logout.asp/',
                '/super1.asp/',
                '/super_index.asp/',
                '/super_login.asp/',
                '/supermanager.asp/',
                '/superman.asp/',
                '/superuser.asp/',
                '/supervise/Login.asp/',
                '/super.asp/',
                '/adm.asp/'
   
                );


if (@ARGV != 4 && @ARGV != 3)
{
    die(&useage()."\n");
}

$methOpt = $ARGV[0];
$pageOpt = $ARGV[1];
if (defined($ARGV[3]))
{
    $pageAddr = $ARGV[3];
    open(FP,"$pageAddr") or die ("Can't open $pageAddr \n");
    @pageLists = <FP>;
    close(FP);
}elsif ($pageOpt eq "-p")
{
    @pageLists = @phpPages;
}elsif($pageOpt eq "-a")
{
    @pageLists = @aspPages;
}
else
{
    die(&useage."\n");
}
   $/ ="\n";
   chomp(@pageLists);
   
if($methOpt eq "-s")
{
    &single();
}elsif($methOpt eq "-m")
{
    &multi();
}else

{
    die(&useage()."\n");
}





sub useage
{
    print "-----------------------------------------------------\n".
          "Useage : perl af.pl -MethodOption -AdminPageOption -Value [PageLists] \n".
          "Ex1 : perl af.pl -m -p domains.txt myadminpage.txt\n".
          "Ex2 : perl af.pl -m -p domains.txt\n".
          "-----------------------------------------------------\n".
          "-MethodOption\n".
          "\t Single Domain -s\n".
          "\t Multi Domain -m\n".
          "-AdminPageOption\n".
          "\t PHP -p\n".
          "\t ASP -a\n\n\n";
}



sub single
{
   $domain = &get_clear_domain($ARGV[2]);


   foreach $page(@pageLists)
   {
       $page = "/".$page if($page !~ /^\//);
       syswrite STDOUT,"Checking $domain$page\n";
       syswrite STDOUT,"#F : $domain$page\n\n" if(&is_page_exists($domain,$page));
       

        
   }
        

    
}




sub multi
{
    $domains = $ARGV[2];
    open(FP,"$domains") or die ("Can't open $domains");
    @domains = <FP>;
    close(FP);
    $/ = "\n";
    chomp(@domains);
    foreach $domain(@domains)
    {  
            syswrite STDOUT,"\n\n---$domain---\n";
            foreach $page(@pageLists)
            {
                $page = "/".$page if($page !~ /^\//);
                syswrite STDOUT,"Checking $domain$page\n";
                syswrite STDOUT,"#F : $domain$page\n\n" if(&is_page_exists(&get_clear_domain($domain),$page));
                
         
                 
            }
            syswrite STDOUT,"\n";
            
        
    }
}

sub get_pack_addr
{
     ($domain) = @_;
     
     $ip = gethostbyname($domain);
     $port = 80;
     $packAddr = pack("Sna4x8",2,$port,$ip);
     return $packAddr;
     
}

sub get_clear_domain
{
    ($domain) = @_;
     $domain =~ s/^http:\/\///;
     $domain =~ s/\/$//;
     return $domain;
}

sub is_page_exists
{
        
       ($domain,$page) = @_;
        $proto = getprotobyname("tcp");
        $header ="GET $page HTTP/1.1\r\n".
                "Host: $domain\r\n".
                "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0\r\n".
                "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n".
                "Referer: http://$domain$page\r\n".
                "Connection: keep-alive\r\n".
                "Connection: close\r\n\r\n";
        socket(TCP_SOCK,2,1,$proto);
        #bind(TCP_SOCK,$packCAddr) || die ("cant bind $!\n");
        connect(TCP_SOCK,&get_pack_addr($domain))|| die("Can't connect : $! .\n");
        send(TCP_SOCK,"$header", 0);
        recv(TCP_SOCK,$result,15,0);
        if ($result =~ /200/)
        {
            return 1;
        }
        else
        {
            return 0;
        }
        close(TCP_SOCK);
}

AdminFinder.rar

لینک به دیدگاه
به اشتراک گذاری در سایت های دیگر

برای ارسال دیدگاه یک حساب کاربری ایجاد کنید یا وارد حساب خود شوید

برای اینکه بتوانید دیدگاهی ارسال کنید نیاز دارید که کاربر سایت شوید

ایجاد یک حساب کاربری

برای حساب کاربری جدید در سایت ما ثبت نام کنید. عضویت خیلی ساده است !

ثبت نام یک حساب کاربری جدید

ورود به حساب کاربری

دارای حساب کاربری هستید؟ از اینجا وارد شوید

ورود به حساب کاربری

انجمن تیم امنیتی گارد ایران

تیم امنیتی گارد ایران یک گروه مستقل است که قوانین آن با خط مشی جمهوری اسلامی ایران مغایرت ندارد. تیم امنیتی گارد ایران از سال 1393 فعالیت خود را آغاز کرد و هدف این تیم تامین امنیت سایت ها و سرورهای ایرانی است. تیم ما همیشه برای دفاع از مرزهای سایبری سرزمین عزیزمان ایران آماده است.

شبکه های اجتماعی

×
×
  • اضافه کردن...