Unconfigured Ad Widget

Collapse

Anúncio

Collapse
No announcement yet.

Admin Panel finder v2.1.4

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Tempo
  • Show
Clear All
new posts
Anterior template Avançar
  • Font Size
    #1

    Perl Admin Panel finder v2.1.4

    Código:
    #!/usr/bin/perl

##
#  By Bosnian Trex
#  Admin Control Panel Finder v2.1.4
# Home: server@root
##

use HTTP::Request;
use LWP::UserAgent;

system('cls');
system('title Admin Control Panel Finder v2.1.4 full by Bosnian 'AmaR' Trex');

print"\n";
print "-----------------------------------------------\n" ;
print "[*]--Admin Control Panel Finder v 2.1.4 --------[*]\n" ;
print "[*]-------------Coding by AmaR a.k.a Bosnian Trex----------[*]\n" ;
print "[*]-------------From Bosnia!---------[*]\n" ;
print "[*]------------Allah Ekber! --------------[*]\n" ;
print "[*]------------Greetz to Shichemt Alen --------------[*]\n" ;
print "*******************************************\n" ;
print "\n";

print "~# enter site to scan\n* ex: www.domaine.com ou www.domaine.com/path\n-> ";
$site=<STDIN>;
chomp $site;

print "\n";
print "~ Enter coding language of the website \n* ex: asp, php, cfm\n-> ";
$code=<STDIN>;
chomp($code);

if ( $site !~ /^http:/ ) {
$site = 'http://' . $site;
}
if ( $site !~ /\/$/ ) {
$site = $site . '/';
}
print "\n";

print "->Le site: $site\n";
print "->Source du site: $code\n";
print "->Scan de l'admin control panel en cours...\n\n\n";

if($code eq "asp"){

@path1=('admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','account.asp','admin/account.asp','admin/index.asp','admin/login.asp','admin/admin.asp',
'admin_area/admin.asp','admin_area/login.asp','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp','bb-admin/admin.asp',
'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html',
'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html',
'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','admincontrol.html','admin_login.html','panel-administracion/login.html',
'admin/home.asp','admin/controlpanel.asp','admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','admin/cp.asp','cp.asp',
'administrator/account.asp','administrator.asp','login.asp','modelsearch/login.asp','moderator.asp','moderator/login.asp','administrator/login.asp',
'moderator/admin.asp','controlpanel.asp','admin/account.html','adminpanel.html','webadmin.html','pages/admin/admin-login.html','admin/admin-login.html',
'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.asp','user.html','admincp/index.asp','admincp/login.asp','admincp/index.html',
'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html',
'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html',
'admincontrol/login.html','adm/index.html','adm.html','admincontrol.asp','admin/account.asp','adminpanel.asp','webadmin.asp','webadmin/index.asp',
'webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp','adminLogin.asp',
'admin/adminLogin.asp','home.asp','admin.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp','admin-login.html',
'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp','administrator/index.asp',
'admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2.asp','admin2/login.asp','admin2/index.asp','adm/index.asp',
'adm.asp','affiliate.asp','adm_auth.asp','memberadmin.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp','siteadmin/login.html'
);

foreach $ways(@path1){

$final=$site.$ways;

my $req=HTTP::Request->new(GET=>$final);
my $ua=LWP::UserAgent->new();
$ua->timeout(30);
my $response=$ua->request($req);

if($response->content =~ /Username/ ||
$response->content =~ /Password/ ||
$response->content =~ /username/ ||
$response->content =~ /password/ ||
$response->content =~ /USERNAME/ ||
$response->content =~ /PASSWORD/ ||
$response->content =~ /Senha/ ||
$response->content =~ /senha/ ||
$response->content =~ /Personal/ ||
$response->content =~ /Usuario/ ||
$response->content =~ /Clave/ ||
$response->content =~ /Usager/ ||
$response->content =~ /usager/ ||
$response->content =~ /Sing/ ||
$response->content =~ /passe/ ||
$response->content =~ /P\/W/ ||
$response->content =~ /Admin Password/
){
print " \n [+] Found -> $final\n\n";
}else{
print "[-] Not Found <- $final\n";
}
}
}




# -------------------------------------------------------
# -------------------test cfm ---------------------------|
# -------------------------------------------------------





if($code eq "cfm"){

@path1=('admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','account.cfm','admin/account.cfm','admin/index.cfm','admin/login.cfm','admin/admin.cfm',
'admin_area/admin.cfm','admin_area/login.cfm','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.cfm','bb-admin/index.cfm','bb-admin/login.cfm','bb-admin/admin.cfm',
'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html',
'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html',
'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','admincontrol.html','admin_login.html','panel-administracion/login.html',
'admin/home.cfm','admin/controlpanel.cfm','admin.cfm','pages/admin/admin-login.cfm','admin/admin-login.cfm','admin-login.cfm','admin/cp.cfm','cp.cfm',
'administrator/account.cfm','administrator.cfm','login.cfm','modelsearch/login.cfm','moderator.cfm','moderator/login.cfm','administrator/login.cfm',
'moderator/admin.cfm','controlpanel.cfm','admin/account.html','adminpanel.html','webadmin.html','pages/admin/admin-login.html','admin/admin-login.html',
'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.cfm','user.html','admincp/index.cfm','admincp/login.cfm','admincp/index.html',
'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html',
'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html',
'admincontrol/login.html','adm/index.html','adm.html','admincontrol.cfm','admin/account.cfm','adminpanel.cfm','webadmin.cfm','webadmin/index.cfm',
'webadmin/admin.cfm','webadmin/login.cfm','admin/admin_login.cfm','admin_login.cfm','panel-administracion/login.cfm','adminLogin.cfm',
'admin/adminLogin.cfm','home.cfm','admin.cfm','adminarea/index.cfm','adminarea/admin.cfm','adminarea/login.cfm','admin-login.html',
'panel-administracion/index.cfm','panel-administracion/admin.cfm','modelsearch/index.cfm','modelsearch/admin.cfm','administrator/index.cfm',
'admincontrol/login.cfm','adm/admloginuser.cfm','admloginuser.cfm','admin2.cfm','admin2/login.cfm','admin2/index.cfm','adm/index.cfm',
'adm.cfm','affiliate.cfm','adm_auth.cfm','memberadmin.cfm','administratorlogin.cfm','siteadmin/login.cfm','siteadmin/index.cfm','siteadmin/login.html'
);

foreach $ways(@path1){

$final=$site.$ways;

my $req=HTTP::Request->new(GET=>$final);
my $ua=LWP::UserAgent->new();
$ua->timeout(30);
my $response=$ua->request($req);

if($response->content =~ /Username/ ||
$response->content =~ /Password/ ||
$response->content =~ /username/ ||
$response->content =~ /password/ ||
$response->content =~ /USERNAME/ ||
$response->content =~ /PASSWORD/ ||
$response->content =~ /Senha/ ||
$response->content =~ /senha/ ||
$response->content =~ /Personal/ ||
$response->content =~ /Usuario/ ||
$response->content =~ /Clave/ ||
$response->content =~ /Usager/ ||
$response->content =~ /usager/ ||
$response->content =~ /Sing/ ||
$response->content =~ /passe/ ||
$response->content =~ /P\/W/ ||
$response->content =~ /Admin Password/
){
print " \n [+] Found -> $final\n\n";
}else{
print "[-] Not Found <- $final\n";
}
}
}





# -------------------------------------------------------
#--------------------------/test-------------------------|
# -------------------------------------------------------


if($code eq "php"){

@path2=('admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','admin/account.php','admin/index.php','admin/login.php','admin/admin.php','admin/account.php',
'admin_area/admin.php','admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
'admin_area/index.php','bb-admin/index.php','bb-admin/login.php','bb-admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html',
'admin/controlpanel.php','admin.php','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
'admin/cp.php','cp.php','administrator/index.php','administrator/login.php','nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php',
'administrator/account.php','administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php',
'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.php','modelsearch/login.php','moderator.php','moderator/login.php',
'moderator/admin.php','account.php','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php',
'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php','adminarea/index.html','adminarea/admin.html',
'webadmin.php','webadmin/index.php','webadmin/admin.php','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.html',
'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html',
'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.php','account.html','controlpanel.html','admincontrol.html',
'panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','admin.php','adminarea/index.php',
'adminarea/admin.php','adminarea/login.php','panel-administracion/index.php','panel-administracion/admin.php','modelsearch/index.php',
'modelsearch/admin.php','admincontrol/login.php','adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php',
'adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php'
);

foreach $ways(@path2){

$final=$site.$ways;

my $req=HTTP::Request->new(GET=>$final);
my $ua=LWP::UserAgent->new();
$ua->timeout(30);
my $response=$ua->request($req);

if($response->content =~ /Username/ ||
$response->content =~ /Password/ ||
$response->content =~ /username/ ||
$response->content =~ /password/ ||
$response->content =~ /USERNAME/ ||
$response->content =~ /PASSWORD/ ||
$response->content =~ /Senha/ ||
$response->content =~ /senha/ ||
$response->content =~ /Personal/ ||
$response->content =~ /Usuario/ ||
$response->content =~ /Clave/ ||
$response->content =~ /Usager/ ||
$response->content =~ /usager/ ||
$response->content =~ /Sing/ ||
$response->content =~ /passe/ ||
$response->content =~ /P\/W/ ||
$response->content =~ /Admin Password/
){
print " \n [+] Found -> $final\n\n";
}else{
print "[-] Not Found <- $final\n";
}
}
kill("STOP",NULL);
}

    Bom so pra constar, eu não testei estei exploit, então caso não funcione postem aqui, que irei consertar se possivel !

    valeeu galera.
    Tags: finder, php
    • Top
  • Font Size
    #2
    Testado e aprovado... Funfa...

    Obs: Tem um erro na linha 13... deixem ela assim:

    Código PHP:
    system('title Admin Control Panel Finder v2.1.4 full by Bosnian AmaR Trex'); 
    Um dia saio dessa merda... Governo só gosta de vagabundos!
    • Top

    Comment

    • Font Size
      #3
      Jerivá-SQLi + Admin Control Panel Finder v2.1.4

      Veja o vídeo



      Link do Vídeo: youtube.com/watch?v=zyIYHT3acsE


      O vídeo acima demonstra que a versão v2.1.4 do Admin Control Panel Finder não permite realizar busca em sites HTTPS.
      Mas se você entender um pouco de Perl poderá alterar o seu código para rodar em sites HTTPS.

      Como a idéia não é mostrar como alterar o código Perl e sim mostrar como podemos usar o Jerivá-SQLi o qual prove
      suporte HTTPS para o Admin Control Panel Finder.

      Obtenha a última versão do Jerivá-SQLi no site do desenvolvedor: supermafia.org/projetos/Geriva-SQLi/

      Siga o projeto no twitter: @jerivasqli
      • Top

      Comment

      • Font Size
        #4
        Interessante, muito interessante, podemos ir a lem do que a limitação.

        Obrigado

        WCG 147.
        sigpic
        • Top

        Comment

        • Font Size
          #5
          Localizador de Páginas Administrativas - Versão 1.0 em PHP

          Como o pessoal pode ter dificuldade de configurar e/ou instalar o Perl em seus ambientes de teste,
          resolvi escrever uma Versão em PHP baseado no código Perl do Admin Control Panel Finder v2.1.4.




          Código PHP:
          <?php
                        @ini_set("max_execution_time",0);
                        $site_alvo "";
                        $linguagem_site "1";
                        $time_out "30";

                        $ta_strings_adm "Username
          Password
          username
          password
          USERNAME
          PASSWORD
          Senha
          senha
          Personal
          Usuario
          Clave
          Usager
          usager
          Sing
          passe
          P/W
          Admin Password"          ;

              if(isset(          $_POST["Submit"]))
              {
                            $site_alvo $_POST["site_alvo"];
                            $time_out $_POST["time_out"];

                  if ( !          preg_match("/\/$/",$site_alvo,$res) ) 
                            $site_alvo .= "/";

                            $linguagem_site $_POST["linguagem_site"];
                            $ta_strings_adm $_POST["ta_strings_adm"];
              }
          ?>
          <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
          <html xmlns="http://www.w3.org/1999/xhtml">
          <head>
          <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
          <title>Localizador de Páginas Administrativas - Versão 1.0</title>
          </head>

          <body>
          <p>Baseado no <strong>Admin Control Panel Finder v2.1.4 full by Bosnian AmaR Trex</strong></p>
          <p><em>Versão PHP escrita por Fidqsi - 24/05/2011 </em> - www.supermafia.org
          </p>
          <form id="form1" name="form1" method="post" action="painel.php">
            <label>
            Site alvo
            <input name="site_alvo" type="text" size="45" value="<?php echo $site_alvo;?>"/>
            </label>
            <label>
            Linguagem do Site 
            <select name="linguagem_site">
              <option value="1"<?php if ($linguagem_site == 1) echo "selected=\"selected\"";?>>Todas</option>
              <option value="2"<?php if ($linguagem_site == 2) echo "selected=\"selected\"";?>>php</option>
              <option value="3"<?php if ($linguagem_site == 3) echo "selected=\"selected\"";?>>asp</option>
              <option value="4"<?php if ($linguagem_site == 4) echo "selected=\"selected\"";?>>cfm</option>
            </select>
            <br />
            <br />
            Timeout
            <input name="time_out" type="text" value="<?php echo $time_out;?>" />
            <br />
            <br />
            Strings de possíveis páginas  de administração <br />
            <textarea name="ta_strings_adm" cols="50" rows="5" id="ta_strings_adm"><?php echo $ta_strings_adm?></textarea>
            <br />
            <br />
            <input type="submit" name="Submit" value="Procurar" />  <input type="submit" name="Reset" value="Reset" /> 
            </label>
          </form>
          <p><br />
            <?php

                        if($site_alvo != "/")
              {
              if(isset(          $_POST["Submit"]))
              {
                  
                            $lista_linguagens = array("1"=>"php,asp,cfm""2"=>"php""3"=>"asp""4"=>"cfm");
                  
                            $lista = array("account.{ext}","account.html","adm.{ext}","adm.html","adm/","adm/admloginuser.{ext}","adm/index.{ext}","adm/index.html","adm_auth.{ext}","admin.{ext}","admin.{ext}","admin.html","admin/","admin/account.{ext}","admin/account.{ext}","admin/account.html","admin/account.html","admin/admin.{ext}","admin/admin.html","admin/admin_login.{ext}","admin/admin_login.html","admin/adminLogin.{ext}","admin/admin-login.{ext}","admin/adminLogin.html","admin/adminLogin.html","admin/admin-login.html","admin/controlpanel.{ext}","admin/controlpanel.html","admin/cp.{ext}","admin/cp.html","admin/home.{ext}","admin/home.html","admin/index.{ext}","admin/index.html","admin/login.{ext}","admin/login.html","admin_area/","admin_area/admin.{ext}","admin_area/admin.html","admin_area/index.{ext}","admin_area/index.html","admin_area/login.{ext}","admin_area/login.html","admin_login.{ext}","admin_login.html","admin2.{ext}","admin2/index.{ext}","admin2/login.{ext}","adminarea/","adminarea/admin.{ext}","adminarea/admin.html","adminarea/index.{ext}","adminarea/index.html","adminarea/login.{ext}","adminarea/login.html","admincontrol.{ext}","admincontrol.html","admincontrol/login.{ext}","admincontrol/login.html","admincp/index.{ext}","admincp/index.html","admincp/login.{ext}","administrator.{ext}","administrator.html","administrator/","administrator/account.{ext}","administrator/account.html","administrator/index.{ext}","administrator/index.html","administrator/login.{ext}","administrator/login.html","administratorlogin.{ext}","administratorlogin/","adminLogin.{ext}","admin-login.{ext}","adminLogin.html","admin-login.html","adminLogin/","adminpanel.{ext}","adminpanel.html","admloginuser.{ext}","affiliate.{ext}","bb-admin/","bb-admin/admin.{ext}","bb-admin/admin.html","bb-admin/index.{ext}","bb-admin/index.html","bb-admin/login.{ext}","bb-admin/login.html","controlpanel.{ext}","controlpanel.html","cp.{ext}","cp.html","home.{ext}","home.html","instadmin/","login.{ext}","login.html","memberadmin.{ext}","memberadmin/","modelsearch/admin.{ext}","modelsearch/admin.html","modelsearch/index.{ext}","modelsearch/index.html","modelsearch/login.{ext}","modelsearch/login.html","moderator.{ext}","moderator.html","moderator/","moderator/admin.{ext}","moderator/admin.html","moderator/login.{ext}","moderator/login.html","pages/admin/admin-login.{ext}","pages/admin/admin-login.html","panel-administracion/","panel-administracion/admin.{ext}","panel-administracion/admin.html","panel-administracion/index.{ext}","panel-administracion/index.html","panel-administracion/login.{ext}","panel-administracion/login.html","siteadmin/index.{ext}","siteadmin/login.{ext}","siteadmin/login.html","user.{ext}","user.html","webadmin.{ext}","webadmin.html","webadmin/","webadmin/admin.{ext}","webadmin/admin.html","webadmin/index.{ext}","webadmin/index.html","webadmin/login.{ext}","webadmin/login.html");

                  foreach(          $lista as $chave => $valor)
                  {
                      if(          strpos($valor"{ext}"))
                      {
                          foreach(           explode(",",$lista_linguagens[$linguagem_site]) as $chave_ling => $valor_ling)
                          {
                                      $url $site_alvo str_replace("{ext}"$valor_ling$valor); 
                                      $html navegar($url,5);
                                      processa_resultado($url$html$ta_strings_adm);
                          }
                      }
                      else
                      {
                                      $url $site_alvo $valor
                                      $html navegar($url,5);
                                      processa_resultado($url$html$ta_strings_adm);
                      }            
                  }

              }
              }
              else
              {
                  echo           "Informe uma URL Válida!";
              }
          function           processa_resultado($url$html$detecta)
          {
                          $detecta explode("\r\n"$detecta);
                
                foreach(          $detecta as $chave => $valor)
                              $detecta[$chave] = troca_especias_preg_match($valor);
                  
                          $expressao "/".implode("|",$detecta)."/";
                  
                if (          preg_match($expressao$html /*$html[$rnd]*/$result))
                    echo           "{$url}<br>";
          }

          function           troca_especias_preg_match($str)
          {
           return(           str_replace(array("(",")","*",".","?","/","|"), array("\(","\)","\*","\.","\?","\/","\|"), $str) );
          }
              
          function           navegar($url,$timeout=30)
          {
                        $ch curl_init($url);
                        curl_setopt($chCURLOPT_TIMEOUT$timeout);
                        curl_setopt($chCURLOPT_HEADER1);
                        curl_setopt($chCURLOPT_VERBOSE1);
                        curl_setopt($chCURLOPT_RETURNTRANSFER1);
                        $result curl_exec($ch);
                        $info curl_getinfo($ch);
                        curl_close($ch);  
              return (          substr($result$info['header_size'], strlen($result))); 
          }
              
          ?>
          </p>
          </body>
          </html>
          Last edited by praTes; 25-05-2011, 23:43.
          • Top

          Comment

          • Font Size
            #6
            Não sei se fiz algo errado, mas aqui não deu. Mesmo assim, obrigado.

            • Top

            Comment

            • Font Size
              #7
              Se na versão em php tiver o bug de acentos troque o utf-8 pelo iso-8859-1 que os bugs dos acentos vai ser corrigido.
              • Top

              Comment

              Anterior template Avançar
              X
              Working...
              X