Аналог admin_finder на linux [Архив]

Просмотр полной версии : Аналог admin_finder на linux

julpierto

30.08.2011, 23:07

Автоматический поиск админки под linux, есть ли такая софтина, подскажите кто чем брутит?

vasykas

04.09.2011, 10:12

Автоматический поиск админки под linux, есть ли такая софтина, подскажите кто чем брутит?

Вот этой пользуюсь на линухе (perl)

http://files.mail.ru/UNWNSE

здесь в файл sites добавляешь сайты

а в result собираешь результаты

базу можешь сам добавлять

xek

04.09.2011, 17:05

Решение на PHP

admins_filename, 'r');
$content = fread($handle, filesize($this->admins_filename));
fclose($handle);

if (!empty($content)) {
preg_match_all('/(.*?)\r\n/s', $content, $match);
foreach ($match[1] as $dir) {
$this->admin_dirs[] = $dir;
}
}
}

public function getURL($url)
{
preg_match_all('/(?Phttp:\/\/.*?\/)/s', $url, $match);
$this->links[] = $match['url'][0];
}

public function getLinks()
{
$handle = fopen($this->links_filename, 'r');
$content = fread($handle, filesize($this->links_filename));
fclose($handle);

if (!empty($content)) {
preg_match_all('/(http:\/\/.*?\/)/s', $content, $match);
foreach ($match[1] as $link) {
$this->links[] = $link;
}
}
}

public function getContent($domain, $query)
{
$content = '';

$fp = fsockopen($domain, 80, $errno, $errstr, 30);

if ($fp != false) {
$header = "GET " . $query . " HTTP/1.1\r\n";
$header .= "User-Agent: Opera/9.80 (Windows NT 5.1; U;) Version/11.11\r\n";
$header .= "Host: " . $domain . "\r\n";
$header .= "Connection: Close\r\n\r\n";

fwrite($fp, $header);
while (!feof($fp)) {
$content .= fgets($fp);
}
fclose($fp);

return $content;
}
return false;
}

public function writeToFile($str = '', $option)
{
$handle = fopen($this->found_filename, $option);
fwrite($handle, $str);
fclose($handle);
}

public function brutting()
{
foreach ($this->links as $link)
{
preg_match('/http:\/\/(?P.*)\//s', $link, $match);

$domain = $match['domain'];

foreach ($this->admin_dirs as $dir) {
$content = $this->getContent($domain, '/' . $dir . '/');

if (!empty($content)) {
if (preg_match('/HTTP\/1.[01] (?:200 OK|302 Found|401 Authorization Required)/s', $content)) {
echo 'http://' . $domain . '/' . $dir . '/' . "\r\n";
$this->writeToFile('http://' . $domain . '/' . $dir . '/' . "\r\n", 'a');
}
}
}
}
}

public function __construct($argv)
{
$this->showInfo();
$this->getAdminDirs();

if (count($argv == 2)) {
$this->getURL($argv[1]);
} else {
$this->getLinks();
}
$this->brutting();
}
}

$BrutAdminPanels = new BrutAdminPanels($argv);
?>

directories.txt:

admin
-admin
admin-
_admin
admin_
Admin
_Admin
Admin_
ADMIN
_adm
adm
adm_
a
ad
ads
admins
admincp
admincms
cmsadmin
webadmin
sysadmin
camadmin
admin1
admin2
adminlogin
administrator
_administrator
administrator_
Administrator
_Administrator
Administrator_
administration
administrations
_administrations
administrations_
Administrations
_Administrations
Administrations_
adminpanel
_adminpanel
adminpanel_
AdminPanel
_AdminPanel
AdminPanel_
admindir
Admindir
admin_dir
db-admin
dbadmin
wp-admin
fileadmin
myadmin
panel
Panel
site
login
Login
logins
account
Account
accounting
acct
website
dev
webaccess
user
users
members
access
Access
cms
_cms
CMS
_CMS
controlpanel
ControlPanel
cp
CP
secret
privacy
root
_root
auth
_auth
Auth
authorization
Authorization
secure
webmaster
my
hidden
mng
manage
manager
private

В файл sites.txt ложишь список сайтов которые хочешь просканить.

Результат будет в файле found.txt.

julpierto

04.09.2011, 20:13

Ок, пасибо! попробую и ту и другую. На пхп все понятно и просто, на перле тоже хорошо

Вот список админок, подлиннее:

admin1.php

admin1.html

admin2.php

admin2.html

yonetim.php

yonetim.html

yonetici.php

yonetici.html

adm/

admin/

admin/account.php

admin/account.html

admin/index.php

admin/index.html

admin/login.php

admin/admin_login.php

admin/login.html

admin/home.php

admin/controlpanel.html

admin/controlpanel.php

admin.php

admin.html

admin/cp.php

admin/cp.html

cp.php

cp.html

administrator/

administrator/index.html

administrator/index.php

administrator/login.html

administrator/login.php

administrator/account.html

administrator/account.php

administrator.php

administrator.html

login.php

login.html

modelsearch/login.php

moderator.php

moderator.html

moderator/login.php

moderator/login.html

moderator/admin.php

moderator/admin.html

moderator/

account.php

account.html

controlpanel/

controlpanel.php

controlpanel.html

admincontrol.php

admincontrol.html

adminpanel.php

adminpanel.html

admin1.asp

admin2.asp

yonetim.asp

yonetici.asp

admin/account.asp

admin/index.asp

admin/login.asp

admin/home.asp

admin/controlpanel.asp

admin.asp

admin/cp.asp

cp.asp

administrator/index.asp

administrator/login.asp

administrator/account.asp

administrator.asp

login.asp

modelsearch/login.asp

moderator.asp

moderator/login.asp

moderator/admin.asp

account.asp

controlpanel.asp

admincontrol.asp

adminpanel.asp

fileadmin/

fileadmin.php

fileadmin.asp

fileadmin.html

administration/

administration.php

administration.html

sysadmin.php

sysadmin.html

phpmyadmin/

myadmin/

sysadmin.asp

sysadmin/

ur-admin.asp

ur-admin.php

ur-admin.html

ur-admin/

Server.php

Server.html

Server.asp

Server/

wp-admin/

administr8.php

administr8.html

administr8/

administr8.asp

webadmin/

webadmin.php

webadmin.asp

webadmin.html

administratie/

admins/

admins.php

admins.asp

admins.html

administrivia/

Database_Administration/

WebAdmin/

useradmin/

sysadmins/

admin1/

system-administration/

administrators/

pgadmin/

directadmin/

staradmin/

ServerAdministrator/

SysAdmin/

administer/

LiveUser_Admin/

sys-admin/

typo3/

panel/

cpanel/

cPanel/

cpanel_file/

platz_login/

rcLogin/

blogindex/

formslogin/

autologin/

support_login/

meta_login/

manuallogin/

simpleLogin/

loginflat/

utility_login/

showlogin/

memlogin/

members/

login-redirect/

sub-login/

wp-login/

login1/

dir-login/

login_db/

xlogin/

smblogin/

customer_login/

UserLogin/

login-us/

acct_login/

admin_area/

bigadmin/

project-admins/

phppgadmin/

pureadmin/

sql-admin/

radmind/

openvpnadmin/

wizmysqladmin/

vadmind/

ezsqliteadmin/

hpwebjetadmin/

newsadmin/

adminpro/

Lotus_Domino_Admin/

bbadmin/

vmailadmin/

Indy_admin/

ccp14admin/

irc-macadmin/

banneradmin/

sshadmin/

phpldapadmin/

macadmin/

administratoraccounts/

admin4_account/

admin4_colon/

radmind-1/

Super-Admin/

AdminTools/

cmsadmin/

SysAdmin2/

globes_admin/

cadmins/

phpSQLiteAdmin/

navSiteAdmin/

server_admin_small/

logo_sysadmin/

server/

database_administration/

power_user/

system_administration/

ss_vms_admin_sm/admin/account.html/admin/index.php

admin/login.php/admin/login.html

Amministrazione/

ccms/

ccms/index.php

ccms/login.php

configuration/

configure/

maintenance/

ss_vms_admin_sm/admin1.php

webmaster/

websvn/

wp-login.php

priv/

private/

private.html

private.php

priv8/