Simple script para buscar el famoso panel de administracion.
#!usr/bin/perl
#Panel Control 0.3
#Coded By Doddy H
#The arrays are a collection of several I found on the web
my @paneles = (
'admin/admin.asp', 'admin/login.asp',
'admin/index.asp', 'admin/admin.aspx',
'admin/login.aspx', 'admin/index.aspx',
'admin/webmaster.asp', 'admin/webmaster.aspx',
'asp/admin/index.asp', 'asp/admin/index.aspx',
'asp/admin/admin.asp', 'asp/admin/admin.aspx',
'asp/admin/webmaster.asp', 'asp/admin/webmaster.aspx',
'admin/', 'login.asp',
'login.aspx', 'admin.asp',
'admin.aspx', 'webmaster.aspx',
'webmaster.asp', 'login/index.asp',
'login/index.aspx', 'login/login.asp',
'login/login.aspx', 'login/admin.asp',
'login/admin.aspx', 'administracion/index.asp',
'administracion/index.aspx', 'administracion/login.asp',
'administracion/login.aspx', 'administracion/webmaster.asp',
'administracion/webmaster.aspx', 'administracion/admin.asp',
'administracion/admin.aspx', 'php/admin/',
'admin/admin.php', 'admin/index.php',
'admin/login.php', 'admin/system.php',
'admin/ingresar.php', 'admin/administrador.php',
'admin/default.php', 'administracion/',
'administracion/index.php', 'administracion/login.php',
'administracion/ingresar.php', 'administracion/admin.php',
'administration/', 'administration/index.php',
'administration/login.php', 'administrator/index.php',
'administrator/login.php', 'administrator/system.php',
'system/', 'system/login.php',
'admin.php', 'login.php',
'administrador.php', 'administration.php',
'administrator.php', 'admin1.html',
'admin1.php', 'admin2.php',
'admin2.html', 'yonetim.php',
'yonetim.html', 'yonetici.php',
'yonetici.html', 'adm/',
'admin/account.php', 'admin/account.html',
'admin/index.html', 'admin/login.html',
'admin/home.php', 'admin/controlpanel.html',
'admin/controlpanel.php', 'admin.html',
'admin/cp.php', 'admin/cp.html',
'cp.php', 'cp.html',
'administrator/', 'administrator/index.html',
'administrator/login.html', 'administrator/account.html',
'administrator/account.php', 'administrator.html',
'login.html', 'modelsearch/login.php',
'moderator.php', 'moderator.html',
'moderator/login.php', 'moderator/login.html',
'moderator/admin.php', 'moderator/admin.html',
'moderator/', 'account.php',
'account.html', 'controlpanel/',
'controlpanel.php', 'controlpanel.html',
'admincontrol.php', 'admincontrol.html',
'adminpanel.php', 'adminpanel.html',
'admin1.asp', 'admin2.asp',
'yonetim.asp', 'yonetici.asp',
'admin/account.asp', 'admin/home.asp',
'admin/controlpanel.asp', 'admin/cp.asp',
'cp.asp', 'administrator/index.asp',
'administrator/login.asp', 'administrator/account.asp',
'administrator.asp', 'modelsearch/login.asp',
'moderator.asp', 'moderator/login.asp',
'moderator/admin.asp', 'account.asp',
'controlpanel.asp', 'admincontrol.asp',
'adminpanel.asp', 'fileadmin/',
'fileadmin.php', 'fileadmin.asp',
'fileadmin.html', 'administration.html',
'sysadmin.php', 'sysadmin.html',
'phpmyadmin/', 'myadmin/',
'sysadmin.asp', 'sysadmin/',
'ur-admin.asp', 'ur-admin.php',
'ur-admin.html', 'ur-admin/',
'Server.php', 'Server.html',
'Server.asp', 'Server/',
'wp-admin/', 'administr8.php',
'administr8.html', 'administr8/',
'administr8.asp', 'webadmin/',
'webadmin.php', 'webadmin.asp',
'webadmin.html', 'administratie/',
'admins/', 'admins.php',
'admins.asp', 'admins.html',
'administrivia/', 'Database_Administration/',
'WebAdmin/', 'useradmin/',
'sysadmins/', 'admin1/',
'system-administration/', 'administrators/',
'pgadmin/', 'directadmin/',
'staradmin/', 'ServerAdministrator/',
'SysAdmin/', 'administer/',
'LiveUser_Admin/', 'sys-admin/',
'typo3/', 'panel/',
'cpanel/', 'cPanel/',
'cpanel_file/', 'platz_login/',
'rcLogin/', 'blogindex/',
'formslogin/', 'autologin/',
'support_login/', 'meta_login/',
'manuallogin/', 'simpleLogin/',
'loginflat/', 'utility_login/',
'showlogin/', 'memlogin/',
'members/', 'login-redirect/',
'sub-login/', 'wp-login/',
'login1/', 'dir-login/',
'login_db/', 'xlogin/',
'smblogin/', 'customer_login/',
'UserLogin/', 'login-us/',
'acct_login/', 'admin_area/',
'bigadmin/', 'project-admins/',
'phppgadmin/', 'pureadmin/',
'sql-admin/', 'radmind/',
'openvpnadmin/', 'wizmysqladmin/',
'vadmind/', 'ezsqliteadmin/',
'hpwebjetadmin/', 'newsadmin/',
'adminpro/', 'Lotus_Domino_Admin/',
'bbadmin/', 'vmailadmin/',
'Indy_admin/', 'ccp14admin/',
'irc-macadmin/', 'banneradmin/',
'sshadmin/', 'phpldapadmin/',
'macadmin/', 'administratoraccounts/',
'admin4_account/', 'admin4_colon/',
'radmind-1/', 'Super-Admin/',
'AdminTools/', 'cmsadmin/',
'SysAdmin2/', 'globes_admin/',
'cadmins/', 'phpSQLiteAdmin/',
'navSiteAdmin/', 'server_admin_small/',
'logo_sysadmin/', 'server/',
'database_administration/', 'power_user/',
'system_administration/', 'ss_vms_admin_sm/'
);
use LWP::UserAgent;
my $nave = LWP::UserAgent->new();
$nave->agent(
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);
$nave->timeout(5);
head();
print "[+] Page : ";
chomp( my $page = <stdin> );
scan($page);
copyright();
sub scan {
print "\n\n[*] Searching .....\n\n\n";
for my $path (@paneles) {
$code = tomados( $_[0] . "/" . $path );
if ( $code->is_success ) {
$controlt = 1;
print "\a\a[Link] : " . $_[0] . "/" . $path . "\n";
savefile( "admins_logs.txt", $_[0] . "/" . $path );
}
}
if ( $controlt ne 1 ) {
print "[-] Not found anything\n";
}
}
sub head {
print q (
@@@@@ @ @@@@ @
@ @ @ @ @ @ @
@ @ @ @ @ @
@ @ @@@ @ @@ @@@ @ @ @@@ @ @@ @@ @@ @@@ @
@@@@@ @ @@ @ @ @ @ @ @ @ @@ @ @ @ @ @ @
@ @@@@ @ @ @@@@@ @ @ @ @ @ @ @ @ @ @ @
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@ @@@@ @ @ @@@ @ @@@@ @@@ @ @ @ @ @@@ @
);
}
sub copyright {
print "\n\n(C) Doddy Hackman 2012\n\n";
<stdin>;
exit(1);
}
sub tomados {
return $nave->get( $_[0] );
}
sub savefile {
open( SAVE, ">>" . $_[0] );
print SAVE $_[1] . "\n";
close SAVE;
}
#The End ?