Admin Control Painel Finder

overdose

Membro

Registrado em: Oct 2009

Posts: 42
- Share
- Tweet
Font Size

#1

Exploit Admin Control Painel Finder

08-11-2009, 23:30

E ae Galera... eu estava com problemas para achar a area de login de um site ai...
Ai eu encontrei esse exploit *-*
E ele resolveu meus problemas .... :cool:
E muito facil de usar, e so digitar a url e a linguagem do website e pronto ele comeca a procurar e rapidamente ja retorna os resultados da pesquisa.

OBS: Dica de um amigo meu *-*
Da pra atualizar a lista de Dorks, ai melhora o desempenho na hora da busca.

Nome do Exploit : Admin Control Painel Finder v1.0
Linguagem: Perl

Exploit:

#!/usr/bin/perl

##
# By GlaDiaT0R
# Admin Control Panel Finder ___ Version 1
# Home: Darkgh0st.com
##

use HTTP::Request;
use LWP::UserAgent;

system('cls');
system('title Admin Control Panel Finder v1 final I[C]oded by Gladiator from H4ckCr3w.net');

print"\n";
print "-----------------------------------------------\n" ;
print "[*]--Admin Control Panel Finder v 1 --------[*]\n" ;
print "[*]-------------Coded By GlaDiaT0R----------[*]\n" ;
print "[*]-------------From Darkgh0st.com---------[*]\n" ;
print "[*]------------Greetz to Allah--------------[*]\n" ;
print "*******************************************\n " ;
print "\n";

print "~# enter site to scan\n* ex: Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar... ou www.domaine.com/path\n-> ";
$site=<STDIN>;
chomp $site;

print "\n";
print "~ Enter coding language of the website \n* ex: asp, php, cfm\n-> ";
$code=<STDIN>;
chomp($code);

if ( $site !~ /^http:/ ) {
$site = 'http://' . $site;
}
if ( $site !~ /\/$/ ) {
$site = $site . '/';
}
print "\n";

print "->Le site: $site\n";
print "->Source du site: $code\n";
print "->Scan de l'admin control panel en cours...\n\n\n";

if($code eq "asp"){

@path1=('admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','account.asp','admin/account.asp','admin/index.asp','admin/login.asp','admin/admin.asp',
'admin_area/admin.asp','admin_area/login.asp','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp','bb-admin/admin.asp',
'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html',
'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','m odelsearch/login.html','moderator.html',
'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','ad mincontrol.html','admin_login.html','panel-administracion/login.html',
'admin/home.asp','admin/controlpanel.asp','admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','admin/cp.asp','cp.asp',
'administrator/account.asp','administrator.asp','login.asp','mode lsearch/login.asp','moderator.asp','moderator/login.asp','administrator/login.asp',
'moderator/admin.asp','controlpanel.asp','admin/account.html','adminpanel.html','webadmin.html','p ages/admin/admin-login.html','admin/admin-login.html',
'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.asp','user.html','admincp/index.asp','admincp/login.asp','admincp/index.html',
'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html',
'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html',
'admincontrol/login.html','adm/index.html','adm.html','admincontrol.asp','admin/account.asp','adminpanel.asp','webadmin.asp','weba dmin/index.asp',
'webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp','adminLogin.asp',
'admin/adminLogin.asp','home.asp','admin.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp','admin-login.html',
'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp','administrator/index.asp',
'admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2.asp', 'admin2/login.asp','admin2/index.asp','adm/index.asp',
'adm.asp','affiliate.asp','adm_auth.asp','memberad min.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp','siteadmin/login.html'
);

foreach $ways(@path1){

$final=$site.$ways;

my $req=HTTP::Request->new(GET=>$final);
my $ua=LWP::UserAgent->new();
$ua->timeout(30);
my $response=$ua->request($req);

if($response->content =~ /Username/ ||
$response->content =~ /Password/ ||
$response->content =~ /username/ ||
$response->content =~ /password/ ||
$response->content =~ /USERNAME/ ||
$response->content =~ /PASSWORD/ ||
$response->content =~ /Senha/ ||
$response->content =~ /senha/ ||
$response->content =~ /Personal/ ||
$response->content =~ /Usuario/ ||
$response->content =~ /Clave/ ||
$response->content =~ /Usager/ ||
$response->content =~ /usager/ ||
$response->content =~ /Sing/ ||
$response->content =~ /passe/ ||
$response->content =~ /P\/W/ ||
$response->content =~ /Admin Password/
){
print " \n [+] Found -> $final\n\n";
}else{
print "[-] Not Found <- $final\n";
}
}
}

# -------------------------------------------------------
# -------------------test cfm ---------------------------|
# -------------------------------------------------------

if($code eq "cfm"){

@path1=('admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','account.cfm','admin/account.cfm','admin/index.cfm','admin/login.cfm','admin/admin.cfm',
'admin_area/admin.cfm','admin_area/login.cfm','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.cfm','bb-admin/index.cfm','bb-admin/login.cfm','bb-admin/admin.cfm',
'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html',
'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','m odelsearch/login.html','moderator.html',
'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','ad mincontrol.html','admin_login.html','panel-administracion/login.html',
'admin/home.cfm','admin/controlpanel.cfm','admin.cfm','pages/admin/admin-login.cfm','admin/admin-login.cfm','admin-login.cfm','admin/cp.cfm','cp.cfm',
'administrator/account.cfm','administrator.cfm','login.cfm','mode lsearch/login.cfm','moderator.cfm','moderator/login.cfm','administrator/login.cfm',
'moderator/admin.cfm','controlpanel.cfm','admin/account.html','adminpanel.html','webadmin.html','p ages/admin/admin-login.html','admin/admin-login.html',
'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.cfm','user.html','admincp/index.cfm','admincp/login.cfm','admincp/index.html',
'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html',
'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html',
'admincontrol/login.html','adm/index.html','adm.html','admincontrol.cfm','admin/account.cfm','adminpanel.cfm','webadmin.cfm','weba dmin/index.cfm',
'webadmin/admin.cfm','webadmin/login.cfm','admin/admin_login.cfm','admin_login.cfm','panel-administracion/login.cfm','adminLogin.cfm',
'admin/adminLogin.cfm','home.cfm','admin.cfm','adminarea/index.cfm','adminarea/admin.cfm','adminarea/login.cfm','admin-login.html',
'panel-administracion/index.cfm','panel-administracion/admin.cfm','modelsearch/index.cfm','modelsearch/admin.cfm','administrator/index.cfm',
'admincontrol/login.cfm','adm/admloginuser.cfm','admloginuser.cfm','admin2.cfm', 'admin2/login.cfm','admin2/index.cfm','adm/index.cfm',
'adm.cfm','affiliate.cfm','adm_auth.cfm','memberad min.cfm','administratorlogin.cfm','siteadmin/login.cfm','siteadmin/index.cfm','siteadmin/login.html'
);

foreach $ways(@path1){

$final=$site.$ways;

my $req=HTTP::Request->new(GET=>$final);
my $ua=LWP::UserAgent->new();
$ua->timeout(30);
my $response=$ua->request($req);

if($response->content =~ /Username/ ||
$response->content =~ /Password/ ||
$response->content =~ /username/ ||
$response->content =~ /password/ ||
$response->content =~ /USERNAME/ ||
$response->content =~ /PASSWORD/ ||
$response->content =~ /Senha/ ||
$response->content =~ /senha/ ||
$response->content =~ /Personal/ ||
$response->content =~ /Usuario/ ||
$response->content =~ /Clave/ ||
$response->content =~ /Usager/ ||
$response->content =~ /usager/ ||
$response->content =~ /Sing/ ||
$response->content =~ /passe/ ||
$response->content =~ /P\/W/ ||
$response->content =~ /Admin Password/
){
print " \n [+] Found -> $final\n\n";
}else{
print "[-] Not Found <- $final\n";
}
}
}

# -------------------------------------------------------
#--------------------------/test-------------------------|
# -------------------------------------------------------

if($code eq "php"){

@path2=('admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','admin/account.php','admin/index.php','admin/login.php','admin/admin.php','admin/account.php',
'admin_area/admin.php','admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
'admin_area/index.php','bb-admin/index.php','bb-admin/login.php','bb-admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html',
'admin/controlpanel.php','admin.php','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
'admin/cp.php','cp.php','administrator/index.php','administrator/login.php','nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php',
'administrator/account.php','administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php',
'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.php','modelsearch/login.php','moderator.php','moderator/login.php',
'moderator/admin.php','account.php','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php',
'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php','adminarea/index.html','adminarea/admin.html',
'webadmin.php','webadmin/index.php','webadmin/admin.php','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.htm l',
'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','m odelsearch/login.html',
'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.php','account.html','controlpane l.html','admincontrol.html',
'panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','admin.php','adminarea/index.php',
'adminarea/admin.php','adminarea/login.php','panel-administracion/index.php','panel-administracion/admin.php','modelsearch/index.php',
'modelsearch/admin.php','admincontrol/login.php','adm/admloginuser.php','admloginuser.php','admin2.php', 'admin2/login.php','admin2/index.php',
'adm/index.php','adm.php','affiliate.php','adm_auth.php ','memberadmin.php','administratorlogin.php'
);

foreach $ways(@path2){

$final=$site.$ways;

my $req=HTTP::Request->new(GET=>$final);
my $ua=LWP::UserAgent->new();
$ua->timeout(30);
my $response=$ua->request($req);

if($response->content =~ /Username/ ||
$response->content =~ /Password/ ||
$response->content =~ /username/ ||
$response->content =~ /password/ ||
$response->content =~ /USERNAME/ ||
$response->content =~ /PASSWORD/ ||
$response->content =~ /Senha/ ||
$response->content =~ /senha/ ||
$response->content =~ /Personal/ ||
$response->content =~ /Usuario/ ||
$response->content =~ /Clave/ ||
$response->content =~ /Usager/ ||
$response->content =~ /usager/ ||
$response->content =~ /Sing/ ||
$response->content =~ /passe/ ||
$response->content =~ /P\/W/ ||
$response->content =~ /Admin Password/
){
print " \n [+] Found -> $final\n\n";
}else{
print "[-] Not Found <- $final\n";
}
}
kill("STOP",NULL);
}

##
# By GlaDiaT0R
##

Copie, Cole e salve com estenção .pl

Enjoy!

Last edited by bolinhaxp; 08-12-2009, 12:48.
Tags: Nenhum(a)

Top
hall9000

Membro

Registrado em: Sep 2009

Posts: 3
- Share
- Tweet
Font Size

#2

09-11-2009, 00:00

valeu ai mano funcionou direitinho
Top
Comment
Arch Enemy

Membro

Registrado em: Oct 2009

Posts: 346
- Share
- Tweet
Font Size

#3

09-11-2009, 14:26

Muito bom, só falta vê se ele tem mais string q o Admin Finder

sigpic

Gostou do meu tópico, seja um bom e educado garoto e dê Obrigado!
MSN: thunderyuster@hotmail.com
Top
Comment
Slek

Membro

Registrado em: Sep 2009

Posts: 134
- Share
- Tweet
Font Size

#4

10-11-2009, 05:28

peguei vlw aprender a usar agora

Segurança no Brasil é uma total aberração,helicóptero é derrubado por favelado,e seu site admin é ownado
Top
Comment
H4ck3r4lp

Hacker

Registrado em: Jul 2009

Posts: 1006
- Share
- Tweet
Font Size

#5

11-11-2009, 01:39

vou dar uma olhada aqui .. to ownando o pentagono aqui e o admin finder nao achou a pag do admin ..
o jeito é explorar mesmo

Nao Participa ainda ?
* Comunidade Elite Defacer

Elite Defacer
Hackeralp - 5ubZer0 - $cr34m()
Top
Comment
D3C0T4G

Membro

Registrado em: Jul 2009

Posts: 560
- Share
- Tweet
Font Size

#6

13-11-2009, 07:47

Postado Originalmente por Diogo Flores Ver Post

vou dar uma olhada aqui .. to ownando o pentagono aqui e o admin finder nao achou a pag do admin ..
o jeito é explorar mesmo

kkkkkkkkk

Vo testa ve se funfa mesmo ;D
Top
Comment
Snape

Membro

Registrado em: Nov 2009

Posts: 105
- Share
- Tweet
Font Size

#7

20-11-2009, 23:08

Opa, vlw ai cara!!
Isso vai ser util pra mim que esqueci tudo de Deface
xD

Idade não Significa NADA!
Top
Comment
r0t3d

Membro

Registrado em: Oct 2009

Posts: 61
- Share
- Tweet
Font Size

#8

21-11-2009, 01:01

Valleu funfou de boua aki

Flws..zZ'
Top
Comment
H4ck3r4lp

Hacker

Registrado em: Jul 2009

Posts: 1006
- Share
- Tweet
Font Size

#9

21-11-2009, 01:48

Pra mim nao funcionou ....
ja usei diversas vezes e nao funcionou .. aff
testei em site com pag de admin "login.php"
e nao funfou !
realmente pra mim isso nao presta !

Nao Participa ainda ?
* Comunidade Elite Defacer

Elite Defacer
Hackeralp - 5ubZer0 - $cr34m()
Top
Comment
=[ DiLLuViUM ]=

Hacker

Registrado em: Jul 2009

Posts: 213
- Share
- Tweet
Font Size

#10

22-11-2009, 20:39

muito bom mano .. vlw aew
Top
Comment
marllon360

Membro

Registrado em: Dec 2010

Posts: 5
- Share
- Tweet
Font Size

#11

12-05-2012, 22:52

vlw mano muito bom
Top
Comment

Anterior template Avançar

Unconfigured Ad Widget

Anúncio

Exploit Admin Control Painel Finder

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment