Hertürlü Web tabanlı Saldırı Taktik ve Stratejileri
Admin Panel Bulucu Script
Admin Panel Bulucu Script
-
arşivde dursun eyv
-
Phyton 3.2 de çalışmadı, çalışacak şekilde güncelledim. başarılı.
#Created for coded32 and his teamopenfire Eliminated Some bugs from my last code shared here as Guest. #Greets To T.O.F and Indishell #Thanks friends for find bugs and give suggetions #cd direcory/to/code #direcory/to/code>python code.py #improved Error Handling #Find out usefull stuffs from www.teamopenfire.com #"wE aRe gREat inDIans" import http.client import socket import sys try: print ("\t################################################################") print ("\t# www.teamopenfire.com #") print ("\t# ############### ######## ############ #") print ("\t# # # ## ## # # #") print ("\t# ###### ###### ## ## # ######## #") print ("\t# # # ## ## # # #") print ("\t# # # ## ## # ##### #") print ("\t# # # ## ## # ##### #") print ("\t# # # ## ## # # #") print ("\t# # # ## ## # # #") print ("\t# ##### [#] ######## [#] ##### AdminFinder #") print ("\t# #") print ("\t# coded by Ajith KP, Phyton 3.2 Mod by HolyOne (tahribat.com) #") print ("\t# Greets to Coded32 and T.O.F members #") print ("\t################################################################") var1=0 var2=0 php = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/', 'memberadmin/','administratorlogin/','adm/','admin/account.php','admin/index.php','admin/login.php','admin/admin.php','admin/account.php', 'admin_area/admin.php','admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html', 'admin_area/index.php','bb-admin/index.php','bb-admin/login.php','bb-admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html', 'admin/controlpanel.php','admin.php','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html', 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html', 'admin/cp.php','cp.php','administrator/index.php','administrator/login.php','nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php', 'administrator/account.php','administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php', 'bb-admin/index.html','bb-admin/login.html','acceso.php','bb-admin/admin.html','admin/home.html','login.php','modelsearch/login.php','moderator.php','moderator/login.php', 'moderator/admin.php','account.php','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php', 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php','adminarea/index.html','adminarea/admin.html', 'webadmin.php','webadmin/index.php','webadmin/admin.php','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.html', 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html', 'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html', 'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.php','account.html','controlpanel.html','admincontrol.html', 'panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','admin.php','adminarea/index.php', 'adminarea/admin.php','adminarea/login.php','panel-administracion/index.php','panel-administracion/admin.php','modelsearch/index.php', 'modelsearch/admin.php','admincontrol/login.php','adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php','usuarios/login.php', 'adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php'] asp = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/', 'memberadmin/','administratorlogin/','adm/','account.asp','admin/account.asp','admin/index.asp','admin/login.asp','admin/admin.asp', 'admin_area/admin.asp','admin_area/login.asp','admin/account.html','admin/index.html','admin/login.html','admin/admin.html', 'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp','bb-admin/admin.asp', 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html', 'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html', 'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','admincontrol.html','admin_login.html','panel-administracion/login.html', 'admin/home.asp','admin/controlpanel.asp','admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','admin/cp.asp','cp.asp', 'administrator/account.asp','administrator.asp','acceso.asp','login.asp','modelsearch/login.asp','moderator.asp','moderator/login.asp','administrator/login.asp', 'moderator/admin.asp','controlpanel.asp','admin/account.html','adminpanel.html','webadmin.html','pages/admin/admin-login.html','admin/admin-login.html', 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.asp','user.html','admincp/index.asp','admincp/login.asp','admincp/index.html', 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html', 'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html', 'admincontrol/login.html','adm/index.html','adm.html','admincontrol.asp','admin/account.asp','adminpanel.asp','webadmin.asp','webadmin/index.asp', 'webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp','adminLogin.asp', 'admin/adminLogin.asp','home.asp','admin.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp','admin-login.html', 'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp','administrator/index.asp', 'admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2.asp','admin2/login.asp','admin2/index.asp','adm/index.asp', 'adm.asp','affiliate.asp','adm_auth.asp','memberadmin.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp','siteadmin/login.html'] cfm = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/', 'memberadmin/','administratorlogin/','adm/','admin/account.cfm','admin/index.cfm','admin/login.cfm','admin/admin.cfm','admin/account.cfm', 'admin_area/admin.cfm','admin_area/login.cfm','siteadmin/login.cfm','siteadmin/index.cfm','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html', 'admin_area/index.cfm','bb-admin/index.cfm','bb-admin/login.cfm','bb-admin/admin.cfm','admin/home.cfm','admin_area/login.html','admin_area/index.html', 'admin/controlpanel.cfm','admin.cfm','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html', 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html', 'admin/cp.cfm','cp.cfm','administrator/index.cfm','administrator/login.cfm','nsw/admin/login.cfm','webadmin/login.cfm','admin/admin_login.cfm','admin_login.cfm', 'administrator/account.cfm','administrator.cfm','admin_area/admin.html','pages/admin/admin-login.cfm','admin/admin-login.cfm','admin-login.cfm', 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.cfm','modelsearch/login.cfm','moderator.cfm','moderator/login.cfm', 'moderator/admin.cfm','account.cfm','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.cfm','admincontrol.cfm', 'admin/adminLogin.html','acceso.cfm','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.cfm','adminarea/index.html','adminarea/admin.html', 'webadmin.cfm','webadmin/index.cfm','webadmin/admin.cfm','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.cfm','moderator.html', 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html', 'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html', 'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.cfm','account.html','controlpanel.html','admincontrol.html', 'panel-administracion/login.cfm','wp-login.cfm','adminLogin.cfm','admin/adminLogin.cfm','home.cfm','admin.cfm','adminarea/index.cfm', 'adminarea/admin.cfm','adminarea/login.cfm','panel-administracion/index.cfm','panel-administracion/admin.cfm','modelsearch/index.cfm', 'modelsearch/admin.cfm','admincontrol/login.cfm','adm/admloginuser.cfm','admloginuser.cfm','admin2.cfm','admin2/login.cfm','admin2/index.cfm','usuarios/login.cfm', 'adm/index.cfm','adm.cfm','affiliate.cfm','adm_auth.cfm','memberadmin.cfm','administratorlogin.cfm'] js = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/', 'memberadmin/','administratorlogin/','adm/','admin/account.js','admin/index.js','admin/login.js','admin/admin.js','admin/account.js', 'admin_area/admin.js','admin_area/login.js','siteadmin/login.js','siteadmin/index.js','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html', 'admin_area/index.js','bb-admin/index.js','bb-admin/login.js','bb-admin/admin.js','admin/home.js','admin_area/login.html','admin_area/index.html', 'admin/controlpanel.js','admin.js','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html', 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html', 'admin/cp.js','cp.js','administrator/index.js','administrator/login.js','nsw/admin/login.js','webadmin/login.js','admin/admin_login.js','admin_login.js', 'administrator/account.js','administrator.js','admin_area/admin.html','pages/admin/admin-login.js','admin/admin-login.js','admin-login.js', 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.js','modelsearch/login.js','moderator.js','moderator/login.js', 'moderator/admin.js','account.js','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.js','admincontrol.js', 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.js','adminarea/index.html','adminarea/admin.html', 'webadmin.js','webadmin/index.js','acceso.js','webadmin/admin.js','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.js','moderator.html', 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html', 'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html', 'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.js','account.html','controlpanel.html','admincontrol.html', 'panel-administracion/login.js','wp-login.js','adminLogin.js','admin/adminLogin.js','home.js','admin.js','adminarea/index.js', 'adminarea/admin.js','adminarea/login.js','panel-administracion/index.js','panel-administracion/admin.js','modelsearch/index.js', 'modelsearch/admin.js','admincontrol/login.js','adm/admloginuser.js','admloginuser.js','admin2.js','admin2/login.js','admin2/index.js','usuarios/login.js', 'adm/index.js','adm.js','affiliate.js','adm_auth.js','memberadmin.js','administratorlogin.js'] cgi = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/', 'memberadmin/','administratorlogin/','adm/','admin/account.cgi','admin/index.cgi','admin/login.cgi','admin/admin.cgi','admin/account.cgi', 'admin_area/admin.cgi','admin_area/login.cgi','siteadmin/login.cgi','siteadmin/index.cgi','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html', 'admin_area/index.cgi','bb-admin/index.cgi','bb-admin/login.cgi','bb-admin/admin.cgi','admin/home.cgi','admin_area/login.html','admin_area/index.html', 'admin/controlpanel.cgi','admin.cgi','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html', 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html', 'admin/cp.cgi','cp.cgi','administrator/index.cgi','administrator/login.cgi','nsw/admin/login.cgi','webadmin/login.cgi','admin/admin_login.cgi','admin_login.cgi', 'administrator/account.cgi','administrator.cgi','admin_area/admin.html','pages/admin/admin-login.cgi','admin/admin-login.cgi','admin-login.cgi', 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.cgi','modelsearch/login.cgi','moderator.cgi','moderator/login.cgi', 'moderator/admin.cgi','account.cgi','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.cgi','admincontrol.cgi', 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.cgi','adminarea/index.html','adminarea/admin.html', 'webadmin.cgi','webadmin/index.cgi','acceso.cgi','webadmin/admin.cgi','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.cgi','moderator.html', 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html', 'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html', 'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.cgi','account.html','controlpanel.html','admincontrol.html', 'panel-administracion/login.cgi','wp-login.cgi','adminLogin.cgi','admin/adminLogin.cgi','home.cgi','admin.cgi','adminarea/index.cgi', 'adminarea/admin.cgi','adminarea/login.cgi','panel-administracion/index.cgi','panel-administracion/admin.cgi','modelsearch/index.cgi', 'modelsearch/admin.cgi','admincontrol/login.cgi','adm/admloginuser.cgi','admloginuser.cgi','admin2.cgi','admin2/login.cgi','admin2/index.cgi','usuarios/login.cgi', 'adm/index.cgi','adm.cgi','affiliate.cgi','adm_auth.cgi','memberadmin.cgi','administratorlogin.cgi'] brf = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/', 'memberadmin/','administratorlogin/','adm/','admin/account.brf','admin/index.brf','admin/login.brf','admin/admin.brf','admin/account.brf', 'admin_area/admin.brf','admin_area/login.brf','siteadmin/login.brf','siteadmin/index.brf','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html', 'admin_area/index.brf','bb-admin/index.brf','bb-admin/login.brf','bb-admin/admin.brf','admin/home.brf','admin_area/login.html','admin_area/index.html', 'admin/controlpanel.brf','admin.brf','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html', 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html', 'admin/cp.brf','cp.brf','administrator/index.brf','administrator/login.brf','nsw/admin/login.brf','webadmin/login.brfbrf','admin/admin_login.brf','admin_login.brf', 'administrator/account.brf','administrator.brf','acceso.brf','admin_area/admin.html','pages/admin/admin-login.brf','admin/admin-login.brf','admin-login.brf', 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.brf','modelsearch/login.brf','moderator.brf','moderator/login.brf', 'moderator/admin.brf','account.brf','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.brf','admincontrol.brf', 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.brf','adminarea/index.html','adminarea/admin.html', 'webadmin.brf','webadmin/index.brf','webadmin/admin.brf','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.brf','moderator.html', 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html', 'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html', 'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.brf','account.html','controlpanel.html','admincontrol.html', 'panel-administracion/login.brf','wp-login.brf','adminLogin.brf','admin/adminLogin.brf','home.brf','admin.brf','adminarea/index.brf', 'adminarea/admin.brf','adminarea/login.brf','panel-administracion/index.brf','panel-administracion/admin.brf','modelsearch/index.brf', 'modelsearch/admin.brf','admincontrol/login.brf','adm/admloginuser.brf','admloginuser.brf','admin2.brf','admin2/login.brf','admin2/index.brf','usuarios/login.brf', 'adm/index.brf','adm.brf','affiliate.brf','adm_auth.brf','memberadmin.brf','administratorlogin.brf'] try: site = input("Web Site for Scan?: ") site = site.replace("http://","") print ("\tChecking website " + site + "...") conn = http.client.HTTPConnection(site) conn.connect() print ("\t[$] Yes... Server is Online.") except (http.client.HTTPResponse, socket.error) as Exit: input("\t [!] Oops Error occured, Server offline or invalid URL") exit() print ("Enter site source code:") print ("1 PHP") print ("2 ASP") print ("3 CFM") print ("4 JS") print ("5 CGI") print ("6 BRF") print ("\nPress 1 and 'Enter key' for Select PHP\n") code=input("> ") print ("CODE="+code) if code=="1": print("\t [+] Scanning " + site + "...\n\n") for admin in php: admin = admin.replace("\n","") admin = "/" + admin host = site + admin print ("\t [#] Checking " + host + "...") connection = http.client.HTTPConnection(site) connection.request("GET",admin) response = connection.getresponse() var2 = var2 + 1 if response.status == 200: var1 = var1 + 1 print ("%s %s" % ( "\n\n>>>" + host, "Admin page found!")) input("Press enter to continue scanning.\n") elif response.status == 404: var2 = var2 elif response.status == 302: print ("%s %s" % ("\n>>>" + host, "Possible admin page (302 - Redirect)")) else: print ("%s %s %s" % (host, " Interesting response:", response.status)) connection.close() print("\n\nCompleted \n") print (var1, " Admin pages found") print (var2, " total pages scanned") input("[/] The Game Over; Press Enter to Exit") if code=="2": print("\t [+] Scanning " + site + "...\n\n") for admin in asp: admin = admin.replace("\n","") admin = "/" + admin host = site + admin print ("\t [#] Checking " + host + "...") connection = http.client.HTTPConnection(site) connection.request("GET",admin) response = connection.getresponse() var2 = var2 + 1 if response.status == 200: var1 = var1 + 1 print ("%s %s" % ( "\n\n>>>" + host, "Admin page found!")) input("Press enter to continue scanning.\n") elif response.status == 404: var2 = var2 elif response.status == 302: print ("%s %s" % ("\n>>>" + host, "Possible admin page (302 - Redirect)")) else: print ("%s %s %s" % (host, " Interesting response:", response.status)) connection.close() print("\n\nCompleted \n") print (var1, " Admin pages found") print (var2, " total pages scanned") input("The Game Over; Press Enter to Exit") if code=="3": print("\t [+] Scanning " + site + "...\n\n") for admin in cfm: admin = admin.replace("\n","") admin = "/" + admin host = site + admin print ("\t [#] Checking " + host + "...") connection = http.client.HTTPConnection(site) connection.request("GET",admin) response = connection.getresponse() var2 = var2 + 1 if response.status == 200: var1 = var1 + 1 print ("%s %s" % ( "\n\n>>>" + host, "Admin page found!")) input("Press enter to continue scanning.\n") elif response.status == 404: var2 = var2 elif response.status == 302: print ("%s %s" % ("\n>>>" + host, "Possible admin page (302 - Redirect)")) else: print ("%s %s %s" % (host, " Interesting response:", response.status)) connection.close() print("\n\nCompleted \n") print( var1, " Admin pages found") print (var2, " total pages scanned") input("The Game Over; Press Enter to Exit") if code=="4": print("\t [+] Scanning " + site + "...\n\n") for admin in js: admin = admin.replace("\n","") admin = "/" + admin host = site + admin print ("\t [#] Checking " + host + "...") connection = http.client.HTTPConnection(site) connection.request("GET",admin) response = connection.getresponse() var2 = var2 + 1 if response.status == 200: var1 = var1 + 1 print ("%s %s" % ( "\n\n>>>" + host, "Admin page found!")) input("Press enter to continue scanning.\n") elif response.status == 404: var2 = var2 elif response.status == 302: print ("%s %s" % ("\n>>>" + host, "Possible admin page (302 - Redirect)")) else: print ("%s %s %s" % (host, " Interesting response:", response.status)) connection.close() print("\n\nCompleted \n") print( var1, " Admin pages found") print (var2, " total pages scanned") input("The Game Over; Press Enter to Exit") if code=="5": print("\t [+] Scanning " + site + "...\n\n") for admin in cgi: admin = admin.replace("\n","") admin = "/" + admin host = site + admin print ("\t [#] Checking " + host + "...") connection = http.client.HTTPConnection(site) connection.request("GET",admin) response = connection.getresponse() var2 = var2 + 1 if response.status == 200: var1 = var1 + 1 print ("%s %s" % ( "\n\n>>>" + host, "Admin page found!")) input("Press enter to continue scanning.\n") elif response.status == 404: var2 = var2 elif response.status == 302: print ("%s %s" % ("\n>>>" + host, "Possible admin page (302 - Redirect)")) else: print ("%s %s %s" % (host, " Interesting response:", response.status)) connection.close() print("\n\nCompleted \n") print (var1, " Admin pages found") print (var2, " total pages scanned") input("The Game Over; Press Enter to Exit") if code=="6": print("\t [+] Scanning " + site + "...\n\n") for admin in brf: admin = admin.replace("\n","") admin = "/" + admin host = site + admin print ("\t [#] Checking " + host + "...") connection = http.client.HTTPConnection(site) connection.request("GET",admin) response = connection.getresponse() var2 = var2 + 1 if response.status == 200: var1 = var1 + 1 print ("%s %s" % ( "\n\n>>>" + host, "Admin page found!")) input("Press enter to continue scanning.\n") elif response.status == 404: var2 = var2 elif response.status == 302: print ("%s %s" % ("\n>>>" + host, "Possible admin page (302 - Redirect)")) else: print ("%s %s %s" % (host, " Interesting response:", response.status)) connection.close() print("\n\nCompleted \n") print (var1, " Admin pages found") print (var2, " total pages scanned") input("The Game Over; Press Enter to Exit") except (Exception ): print ("\n\t[!] Session Cancelled; Error occured. Check internet settings") except (KeyboardInterrupt, SystemExit): print ("\n\t[!] Session cancelled")
-
Madem öyle bende php de bi şeyler kodlıyım one minute :))
-
Referans vermeden lütfen kendi bloglarınızda paylaşmayınız :))
Erotikpanda nın yazsı gibi öyle yapanın pipisi düşsün :))
<?php
function fls(){
ob_end_flush();
//ob_flush();
flush();
ob_start();
}echo "Erdem Uzun Tarafından Tahribat.com Camiası için kodlanmıştır. Referans vermeden c/p yok--> Tbt profil linki olabilir, yapmayanın pipisi düşsün";
$siteadi = $_GET["siteadi"]; // hangi sitenin admin paneli arayacaksınız... Örnek : http://www.ornek.com şeklinde sonunda slash olmadan yollayınız.
if($siteadi==""){
die("site adı boş gelemez");
}
if(stristr($siteadi,"safakmatik") or stristr($siteadi,"tahribat"))
{
die("Oldu Gülüm Saygılarla :Pp");
}
function adminpanelibul($tamlink) {$chi = curl_init();
curl_setopt($chi, CURLOPT_HEADER,false);
curl_setopt($chi, CURLOPT_RETURNTRANSFER,true);
curl_setopt($chi, CURLOPT_SSL_VERIFYPEER,false);
curl_setopt($chi, CURLOPT_SSL_VERIFYHOST,false);
curl_setopt($chi, CURLOPT_FOLLOWLOCATION,true);
curl_setopt($chi, CURLOPT_TIMEOUT, 30);
curl_setopt($chi, CURLOPT_USERAGENT,$_SERVER['HTTP_USER_AGENT']);
curl_setopt($chi, CURLOPT_REFERER, 'http://www.google.com.tr');
curl_setopt($chi, CURLOPT_URL,$tamlink);
$html = curl_exec( $chi );
$httpcodeal = curl_getinfo($chi);
echo "<a href=\"$tamlink\" target=\"_blank\">$tamlink</a> -->";
if(stristr($html,"404"))
{
echo "Bu sayfa içerisinde 404 kelimesi var bu değil konrol etmiyorum <br> "; fls();
}else{
if($httpcodeal["http_code"] ="200"){ // Admin Paneli bulundu...
echo '<font color="red"> Bulundu !!! </font> Http Code : '.$httpcodeal["http_code"] .'<br>';fls();
// die("Admin Paneli Bulundu Gerisine Gerek Yok");
}elseif($httpcodeal["http_code"] ="404"){ // Böyle bir sayfa yok yani bulunamadı
echo "Bu sayda deil Http Code : ".$httpcodeal["http_code"]."<br>";fls();
}elseif(($httpcodeal["http_code"] ="302") or ($httpcodeal["http_code"] ="301")){ // Yönlendirme var
echo '<font color="blue">Bu sayda olabilir ama 302 yada 301 yönlendirme yemiş Http Code : '.$httpcodeal["http_code"].'</font><br>';fls();
}else{
echo 'Http code : '.$httpcodeal.' Google dan bakarsın....<br>';fls();
}
}
fls();
curl_close($chi);
}$liste = array("admin/", "administrator/", "admin1/", "admin2/", "admin3/", "admin4/", "admin5/", "usuarios/", "usuario/", "moderator/", "webadmin/", "adminarea/", "bb-admin/", "adminLogin/", "admin_area/", "panel-administracion/", "instadmin/", "memberadmin/", "administratorlogin/", "adm/", "admin/account.php", "admin/index.php", "admin/login.php", "admin/admin.php", "admin_area/admin.php", "admin_area/login.php", "siteadmin/login.php", "siteadmin/index.php", "siteadmin/login.html", "admin/account.html", "admin/index.html", "admin/login.html", "admin/admin.html", "admin_area/index.php", "bb-admin/index.php", "bb-admin/login.php", "bb-admin/admin.php", "admin/home.php", "admin_area/login.html", "admin_area/index.html", "admin/controlpanel.php", "admin.php", "admincp/index.asp", "admincp/login.asp", "admincp/index.html", "adminpanel.html", "webadmin.html", "webadmin/index.html", "webadmin/admin.html", "webadmin/login.html", "admin/admin_login.html", "admin_login.html", "panel-administracion/login.html", "admin/cp.php", "cp.php", "administrator/index.php", "administrator/login.php", "nsw/admin/login.php", "webadmin/login.php", "admin/admin_login.php", "admin_login.php", "administrator/account.php", "administrator.php", "admin_area/admin.html", "pages/admin/admin-login.php", "admin/admin-login.php", "admin-login.php", "bb-admin/index.html", "bb-admin/login.html", "acceso.php", "bb-admin/admin.html", "admin/home.html", "login.php", "modelsearch/login.php", "moderator.php", "moderator/login.php", "moderator/admin.php", "account.php", "pages/admin/admin-login.html", "admin/admin-login.html", "admin-login.html", "controlpanel.php", "admincontrol.php", "admin/adminLogin.html", "adminLogin.html", "home.html", "rcjakar/admin/login.php", "adminarea/index.html", "adminarea/admin.html", "webadmin.php", "webadmin/index.php", "webadmin/admin.php", "admin/controlpanel.html", "admin.html", "admin/cp.html", "cp.html", "adminpanel.php", "moderator.html", "administrator/index.html", "administrator/login.html", "user.html", "administrator/account.html", "administrator.html", "login.html", "modelsearch/login.html", "moderator/login.html", "adminarea/login.html", "panel-administracion/index.html", "panel-administracion/admin.html", "modelsearch/index.html", "modelsearch/admin.html", "admincontrol/login.html", "adm/index.html", "adm.html", "moderator/admin.html", "user.php", "account.html", "controlpanel.html", "admincontrol.html", "panel-administracion/login.php", "wp-login.php", "adminLogin.php", "admin/adminLogin.php", "home.php", "adminarea/index.php", "adminarea/admin.php", "adminarea/login.php", "panel-administracion/index.php", "panel-administracion/admin.php", "modelsearch/index.php", "modelsearch/admin.php", "admincontrol/login.php", "adm/admloginuser.php", "admloginuser.php", "admin2.php", "admin2/login.php", "admin2/index.php", "usuarios/login.php", "adm/index.php", "adm.php", "affiliate.php", "adm_auth.php", "memberadmin.php", "administratorlogin.php", "account.asp", "admin/account.asp", "admin/index.asp", "admin/login.asp", "admin/admin.asp", "admin_area/admin.asp", "admin_area/login.asp", "admin_area/index.asp", "bb-admin/index.asp", "bb-admin/login.asp", "bb-admin/admin.asp", "admin/home.asp", "admin/controlpanel.asp", "admin.asp", "pages/admin/admin-login.asp", "admin/admin-login.asp", "admin-login.asp", "admin/cp.asp", "cp.asp", "administrator/account.asp", "administrator.asp", "acceso.asp", "login.asp", "modelsearch/login.asp", "moderator.asp", "moderator/login.asp", "administrator/login.asp", "moderator/admin.asp", "controlpanel.asp", "user.asp", "admincontrol.asp", "adminpanel.asp", "webadmin.asp", "webadmin/index.asp", "webadmin/admin.asp", "webadmin/login.asp", "admin/admin_login.asp", "admin_login.asp", "panel-administracion/login.asp", "adminLogin.asp", "admin/adminLogin.asp", "home.asp", "adminarea/index.asp", "adminarea/admin.asp", "adminarea/login.asp", "panel-administracion/index.asp", "panel-administracion/admin.asp", "modelsearch/index.asp", "modelsearch/admin.asp", "administrator/index.asp", "admincontrol/login.asp", "adm/admloginuser.asp", "admloginuser.asp", "admin2.asp", "admin2/login.asp", "admin2/index.asp", "adm/index.asp", "adm.asp", "affiliate.asp", "adm_auth.asp", "memberadmin.asp", "administratorlogin.asp", "siteadmin/login.asp", "siteadmin/index.asp", "admin/account.cfm", "admin/index.cfm", "admin/login.cfm", "admin/admin.cfm", "admin_area/admin.cfm", "admin_area/login.cfm", "siteadmin/login.cfm", "siteadmin/index.cfm", "admin_area/index.cfm", "bb-admin/index.cfm", "bb-admin/login.cfm", "bb-admin/admin.cfm", "admin/home.cfm", "admin/controlpanel.cfm", "admin.cfm", "admin/cp.cfm", "cp.cfm", "administrator/index.cfm", "administrator/login.cfm", "nsw/admin/login.cfm", "webadmin/login.cfm", "admin/admin_login.cfm", "admin_login.cfm", "administrator/account.cfm", "administrator.cfm", "pages/admin/admin-login.cfm", "admin/admin-login.cfm", "admin-login.cfm", "login.cfm", "modelsearch/login.cfm", "moderator.cfm", "moderator/login.cfm", "moderator/admin.cfm", "account.cfm", "controlpanel.cfm", "admincontrol.cfm", "acceso.cfm", "rcjakar/admin/login.cfm", "webadmin.cfm", "webadmin/index.cfm", "webadmin/admin.cfm", "adminpanel.cfm", "user.cfm", "panel-administracion/login.cfm", "wp-login.cfm", "adminLogin.cfm", "admin/adminLogin.cfm", "home.cfm", "adminarea/index.cfm", "adminarea/admin.cfm", "adminarea/login.cfm", "panel-administracion/index.cfm", "panel-administracion/admin.cfm", "modelsearch/index.cfm", "modelsearch/admin.cfm", "admincontrol/login.cfm", "adm/admloginuser.cfm", "admloginuser.cfm", "admin2.cfm", "admin2/login.cfm", "admin2/index.cfm", "usuarios/login.cfm", "adm/index.cfm", "adm.cfm", "affiliate.cfm", "adm_auth.cfm", "memberadmin.cfm", "administratorlogin.cfm", "admin/account.js", "admin/index.js", "admin/login.js", "admin/admin.js", "admin_area/admin.js", "admin_area/login.js", "siteadmin/login.js", "siteadmin/index.js", "admin_area/index.js", "bb-admin/index.js", "bb-admin/login.js", "bb-admin/admin.js", "admin/home.js", "admin/controlpanel.js", "admin.js", "admin/cp.js", "cp.js", "administrator/index.js", "administrator/login.js", "nsw/admin/login.js", "webadmin/login.js", "admin/admin_login.js", "admin_login.js", "administrator/account.js", "administrator.js", "pages/admin/admin-login.js", "admin/admin-login.js", "admin-login.js", "login.js", "modelsearch/login.js", "moderator.js", "moderator/login.js", "moderator/admin.js", "account.js", "controlpanel.js", "admincontrol.js", "rcjakar/admin/login.js", "webadmin.js", "webadmin/index.js", "acceso.js", "webadmin/admin.js", "adminpanel.js", "user.js", "panel-administracion/login.js", "wp-login.js", "adminLogin.js", "admin/adminLogin.js", "home.js", "adminarea/index.js", "adminarea/admin.js", "adminarea/login.js", "panel-administracion/index.js", "panel-administracion/admin.js", "modelsearch/index.js", "modelsearch/admin.js", "admincontrol/login.js", "adm/admloginuser.js", "admloginuser.js", "admin2.js", "admin2/login.js", "admin2/index.js", "usuarios/login.js", "adm/index.js", "adm.js", "affiliate.js", "adm_auth.js", "memberadmin.js", "administratorlogin.js", "admin/account.cgi", "admin/index.cgi", "admin/login.cgi", "admin/admin.cgi", "admin_area/admin.cgi", "admin_area/login.cgi", "siteadmin/login.cgi", "siteadmin/index.cgi", "admin_area/index.cgi", "bb-admin/index.cgi", "bb-admin/login.cgi", "bb-admin/admin.cgi", "admin/home.cgi", "admin/controlpanel.cgi", "admin.cgi", "admin/cp.cgi", "cp.cgi", "administrator/index.cgi", "administrator/login.cgi", "nsw/admin/login.cgi", "webadmin/login.cgi", "admin/admin_login.cgi", "admin_login.cgi", "administrator/account.cgi", "administrator.cgi", "pages/admin/admin-login.cgi", "admin/admin-login.cgi", "admin-login.cgi", "login.cgi", "modelsearch/login.cgi", "moderator.cgi", "moderator/login.cgi", "moderator/admin.cgi", "account.cgi", "controlpanel.cgi", "admincontrol.cgi", "rcjakar/admin/login.cgi", "webadmin.cgi", "webadmin/index.cgi", "acceso.cgi", "webadmin/admin.cgi", "adminpanel.cgi", "user.cgi", "panel-administracion/login.cgi", "wp-login.cgi", "adminLogin.cgi", "admin/adminLogin.cgi", "home.cgi", "adminarea/index.cgi", "adminarea/admin.cgi", "adminarea/login.cgi", "panel-administracion/index.cgi", "panel-administracion/admin.cgi", "modelsearch/index.cgi", "modelsearch/admin.cgi", "admincontrol/login.cgi", "adm/admloginuser.cgi", "admloginuser.cgi", "admin2.cgi", "admin2/login.cgi", "admin2/index.cgi", "usuarios/login.cgi", "adm/index.cgi", "adm.cgi", "affiliate.cgi", "adm_auth.cgi", "memberadmin.cgi", "administratorlogin.cgi", "admin/account.brf", "admin/index.brf", "admin/login.brf", "admin/admin.brf", "admin_area/admin.brf", "admin_area/login.brf", "siteadmin/login.brf", "siteadmin/index.brf", "admin_area/index.brf", "bb-admin/index.brf", "bb-admin/login.brf", "bb-admin/admin.brf", "admin/home.brf", "admin/controlpanel.brf", "admin.brf", "admin/cp.brf", "cp.brf", "administrator/index.brf", "administrator/login.brf", "nsw/admin/login.brf", "webadmin/login.brfbrf", "admin/admin_login.brf", "admin_login.brf", "administrator/account.brf", "administrator.brf", "acceso.brf", "pages/admin/admin-login.brf", "admin/admin-login.brf", "admin-login.brf", "login.brf", "modelsearch/login.brf", "moderator.brf", "moderator/login.brf", "moderator/admin.brf", "account.brf", "controlpanel.brf", "admincontrol.brf", "rcjakar/admin/login.brf", "webadmin.brf", "webadmin/index.brf", "webadmin/admin.brf", "adminpanel.brf", "user.brf", "panel-administracion/login.brf", "wp-login.brf", "adminLogin.brf", "admin/adminLogin.brf", "home.brf", "adminarea/index.brf", "adminarea/admin.brf", "adminarea/login.brf", "panel-administracion/index.brf", "panel-administracion/admin.brf", "modelsearch/index.brf", "modelsearch/admin.brf", "admincontrol/login.brf", "adm/admloginuser.brf", "admloginuser.brf", "admin2.brf", "admin2/login.brf", "admin2/index.brf", "usuarios/login.brf", "adm/index.brf", "adm.brf", "affiliate.brf", "adm_auth.brf", "memberadmin.brf", "administratorlogin.brf");
$len = count($liste);
for ($i = 0; $i < $len; $i++) {
$panelyolu = trim($liste[$i]);
$panellinkyolu= $siteadi."/".$panelyolu;
adminpanelibul($panellinkyolu);
}
?>Ayrıca download linki : http://www.safakmatik.com/panelara/index.rar
Not : ben bu kodları yazı dosyasına ekledikten sonra html yaptım bi ara yapmamla avira ötmeye başladı.
Aynı şekilde kendi server ıma attım, çalıştıramadım server büyük ihtimalle içindeki bazı aranma dizinlerini okuduğundan forbidden hatası aldım.
Siz local serverlarınızda rahat bir şekilde kullanabilirsiniz.
Saygılarımla,
Erdem UZUN