This week only. Pastebin PRO Accounts Christmas Special! Don't miss out!Want more features on Pastebin? Sign Up, it's FREE!

AdminLoginFinder.pl

By: parkdream1 on Feb 22nd, 2012  |  syntax: Perl  |  size: 36.05 KB  |  views: 217  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. #!/usr/bin/perl
  2. ################################################################
  3. #       .___             __          _______       .___        #
  4. #     __| _/____ _______|  | __ ____ \   _  \    __| _/____    #
  5. #    / __ |\__  \\_  __ \  |/ // ___\/  /_\  \  / __ |/ __ \   #
  6. #   / /_/ | / __ \|  | \/    <\  \___\  \_/   \/ /_/ \  ___/   #
  7. #   \____ |(______/__|  |__|_ \\_____>\_____  /\_____|\____\   #
  8. #        \/                  \/             \/                 #
  9. #                   ___________   ______  _  __                #
  10. #                 _/ ___\_  __ \_/ __ \ \/ \/ /                #
  11. #                 \  \___|  | \/\  ___/\     /                 #
  12. #                  \___  >__|    \___  >\/\_/                  #
  13. #      est.2007        \/            \/   forum.darkc0de.com   #
  14. ################################################################
  15. # This is Dual Edition Admin Login Finder .
  16. # This was written for educational purpose and pentest only. Use it at your own risk.
  17. # CODING BY : gunslinger_
  18. # EMAIL     : gunslinger.devilzc0de@gmail.com
  19. # TOOL NAME : AdminLoginFinder.pl
  20. # Version   : 2.0
  21. # Language  : Perl
  22. # Big thanks darkc0de member : d3hydr8, Kopele, icedzomby, VMw4r3 and all member
  23. # Special thanks to devilzc0de crew : mywisdom, petimati, peneter, flyff666, rotlez, 7460, xtr0nic, devil_nongkrong, cruzen and all devilzc0de family
  24. # Author will not be responsible for any damage !!
  25. # Use it with your own risk
  26.  
  27. use Tk;
  28. use HTTP::Request;
  29. use LWP::UserAgent;
  30.  
  31. $Version    = "1.0";
  32. $Programmer = "gunslinger_";
  33. $system="$^O";
  34.  
  35. if ($system eq linux){
  36.         $ClsCR="clear";
  37.         } else {
  38.         $ClsCR="cls";
  39. }
  40.  
  41. system($ClsCR);
  42. print q{
  43.   _______     __            __            ___                   __            _______  __            __              
  44.  |   _   |.--|  |.--------.|__|.-----.   |   |   .-----..-----.|__|.-----.   |   _   ||__|.-----..--|  |.-----..----.
  45.  |.  |   ||  _  ||        ||  ||     |   |.  |   |  _  ||  _  ||  ||     |   |.  |___||  ||     ||  _  ||  -__||   _|
  46.  |.  _   ||_____||__|__|__||__||__|__|   |.  |___|_____||___  ||__||__|__|   |.  __)  |__||__|__||_____||_____||__|  
  47.  |:  |   |                               |:  |   |      |_____|              |:  |                                  
  48.  |::.|:. |                               |::.. . |                           |::.|                                  
  49.  `--- ---'                               `-------'                           `---'                                  
  50.                                                                                                                      
  51.  
  52.   ______                  __     ___ ___                      __                          
  53.  |   _  \  .--.--..---.-.|  |   |   Y   |.-----..----..-----.|__|.-----..-----.            
  54.  |.  |   \ |  |  ||  _  ||  |   |.  |   ||  -__||   _||__ --||  ||  _  ||     | __  __  __
  55.  |.  |    \|_____||___._||__|   |.  |   ||_____||__|  |_____||__||_____||__|__||__||__||__|
  56.  |:  |    /                     |:  |   |                                                  
  57.  |::.. . /                       \:.. ./                                                  
  58.  `------'                         `---'                                                    
  59.                                                                                          Programmer : gunslinger_
  60. };
  61.                                                                                                
  62.                                                              
  63.  
  64. print "\n What do you like \"CLI\" (Command Line Interpreter) or \"GUI\" (Graphic User Interface) Version to use ? \n -> ";
  65.         $Question=<STDIN>;
  66.         chomp $Question;
  67.  
  68. if( $Question eq "gui" || $Question eq "GUI"){
  69.         &GUI()
  70.         }
  71. if( $Question eq "cli" || $Question eq "CLI"){
  72.         &CLI()
  73.         }
  74. else {
  75.         exit;
  76. }
  77.  
  78. sub GUI(){
  79. $main = MainWindow->new(-bg=>'black', -cursor=> "crosshair", -foreground => "green");
  80. $main -> title("Admin login finder $Version Black Gui Edition");
  81.  
  82. # Yeah i got center..
  83. $main -> geometry("800x750+300+50");
  84.  
  85. $header = $main->Photo(-file=>"alf.gif",
  86.                 -format=>"gif");
  87. $header = $main->Label(-image=>$header,
  88.                 -borderwidth=>0, -width=>1000, -bg=>'#000000')
  89.                 ->pack(-side=>'top');
  90.  
  91. # Lets Bind control key ;)
  92.  
  93. $main ->bind('<Key-Escape>', sub { MsgExitApp(); });
  94.  
  95. # Head text
  96.  
  97. $space1 = $main->Frame(-bg=>'#000000')
  98.                 ->pack(-side=>'top');
  99.  
  100. $MyHead = $space1->Label(-text=>"By $Programmer",
  101.                 -bg=>'black',-foreground=>'#cccccc',
  102.                 -font=>'bold')
  103.                 ->pack(-side=>'top');
  104.  
  105. $Next = $space1->Label(-text=>"",
  106.                 -bg=>'#000000',-foreground=>'#cccccc')
  107.                 ->pack(-side=>'top');
  108.        
  109. $texty2 = $main->Frame(-bg=>'black')
  110.         ->pack(-side=>'top');
  111.  
  112. $texty2->Label(-text=>" Target URL :",-bg=>'black',
  113.                 -foreground=>'#0cff00')
  114.                 ->pack(-side=>'left');
  115.                    
  116. $hostname = $texty2->Entry(-width=>30,
  117.                 -bg=>'black', -foreground=>'#0cff00',
  118.                 -text=>'http://www.devilc0de.com')
  119.                 ->pack(-side=>'left');
  120.  
  121. $space2 = $main->Frame(-bg=>'#000000')
  122.         ->pack(-side=>'top');
  123.  
  124. $Center = $space2->Label(-text=>"",
  125.                 -bg=>'#000000',-foreground=>'#cccccc')
  126.                 ->pack(-side=>'top');
  127.  
  128. #Taking source
  129.  
  130. $frame_c = $main->Frame(-bg=>'black')
  131.                 ->pack(-side=>'top');
  132.  
  133. $frame_c->Label(-text=>" Source :",-bg=>'#000000',
  134.                 -foreground=>'#0cff00')
  135.                 ->pack(-side=>'top');
  136.  
  137. $rdb_m = $frame_c -> Radiobutton(-text=>"Php",
  138.                         -value=>"php",  -variable=>\$source,
  139.                         -bg=>'#000000', -foreground=>'#0cff00',
  140.                         -activebackground=>'#0cfff0')
  141.                         ->pack(-side=>'left');
  142.  
  143. $rdb_f = $frame_c -> Radiobutton(-text=>"Asp",
  144.                         -value=>"asp",-variable=>\$source,
  145.                         -bg=>'#000000', -foreground=>'#0cff00',
  146.                         -activebackground=>'#0cfff0')
  147.                         ->pack(-side=>'left');
  148.  
  149. $rdb_f = $frame_c -> Radiobutton(-text=>"Cfm",
  150.                         -relief=>"raised", -value=>"cfm",
  151.                         -variable=>\$source, -bg=>'#000000',
  152.                         -foreground=>'#0cff00', -activebackground=>'#0cfff0')
  153.                         ->pack(-side=>'left');
  154.  
  155. # Eof Taking source
  156.  
  157. $space3 = $main->Frame(-bg=>'#000000')
  158.         ->pack(-side=>'top');
  159.  
  160. $Next2 = $space3->Label(-text=>"",
  161.                 -bg=>'#000000',-foreground=>'#cccccc')
  162.                 ->pack(-side=>'top');
  163.  
  164. $id2 = $main->Frame(-bg=>'#000000')
  165.         ->pack(-side=>'top');
  166.  
  167. $scan_start = $id2->Button(-width=>30, -text=>'Start scan',
  168.                 -bg=>'black', -activebackground=>'#0000ff',
  169.                 -foreground=>'#0cff00',-command=>\&start_scan)
  170.                 ->pack(-side=>'left', -pady=>5);
  171.  
  172. $closer = $id2->Button(-width=>30,
  173.                 -text=>'Close', -bg=>'black',
  174.                 -activebackground=>'#0000ff', -foreground=>'#0cff00',
  175.                 -command=>\&MsgExitApp)
  176.         ->pack(-side=>'right', -pady=>5);
  177.  
  178. $MyFoot = $main->Frame(-bg=>'#000000')
  179.                 ->pack(-side=>'top');
  180.  
  181. $End = $MyFoot->Label(-text=>"",
  182.                 -bg=>'black',-foreground=>'#cccccc')
  183.                 ->pack(-side=>'top');
  184.  
  185. $space4 = $main->Frame(-bg=>'#000000',
  186.                 -relief=>'flat')
  187.                 ->pack(-side=>'top');
  188.  
  189. $box = $space4->Scrolled('Text',
  190.                 -bg=>'black', -foreground=>'#0cff00',
  191.                 -width=>100, -height=>30,
  192.                 -scrollbars => 'oe')
  193.                 ->pack(-side=>'top', -pady=>3);
  194.  
  195. $MyFooter = $main->Frame(-bg=>'#000000')
  196.                 ->pack(-side=>'bottom');
  197.  
  198. $Ends = $MyFooter->Label(-text=>"",
  199.                 -bg=>'black',-foreground=>'#cccccc')
  200.                 ->pack(-side=>'bottom');
  201.  
  202. MainLoop;
  203.  
  204. sub MsgExitApp() {
  205.         $response = $main -> messageBox(-message=>"Quit Admin Login Finder ?",
  206.                 -type=>'yesno',-icon=>'question',
  207.                 -bg=>"#000000", -foreground=>'#0cff00',
  208.                 -activebackground=>"red", -title=>"Quit Admin Login Finder");
  209.        
  210.         if( $response eq "Yes" ) {
  211.                 exit;
  212.         } else {
  213.                 $main -> messageBox(-type=>"ok",
  214.                 -message=>"Keep trying...", -bg=>"#000000",
  215.                 -foreground=>'#0cff00', -activebackground=>'#0cff00',
  216.                 -title=>"back 2 program...", -width=>"30");
  217.         }
  218. }
  219.  
  220. sub start_scan(){
  221.  
  222. $targethostname = $hostname  -> get;
  223.  
  224. if ( $targethostname !~ /^http:/ ) {
  225.         $targethostname = 'http://' . $targethostname;
  226.         }
  227. if ( $targethostname !~ /\/$/ ) {
  228.         $targethostname = $targethostname . '/';
  229.         }
  230.  
  231. $box->insert("end","\n");
  232. $box->insert("end","->[+] Target : $targethostname\n");
  233. $box->insert("end","->[+] Basic c0de of the site : $source\n");
  234. $box->insert("end","->[+] Scanning control panel page...\n\n\n");
  235. $main->update;
  236.  
  237. if($source eq "asp"){
  238.  
  239. @path_Asp=('administrator.asp','admin.asp','admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/','private/',
  240. 'memberadmin/','administratorlogin/','adm/','account.asp','admin/account.asp','admin/index.asp','admin/login.asp','admin/admin.asp',
  241. 'admin_area/admin.asp','admin_area/login.asp','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
  242. 'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp','bb-admin/admin.asp',
  243. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html',
  244. 'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html',
  245. 'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','admincontrol.html','admin_login.html','panel-administracion/login.html',
  246. 'admin/home.asp','admin/controlpanel.asp','admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','admin/cp.asp','cp.asp',
  247. 'administrator/account.asp','administrator.asp','login.asp','modelsearch/login.asp','moderator.asp','moderator/login.asp','administrator/login.asp',
  248. 'moderator/admin.asp','controlpanel.asp','admin/account.html','adminpanel.html','webadmin.html','pages/admin/admin-login.html','admin/admin-login.html',
  249. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.asp','user.html','admincp/index.asp','admincp/login.asp','admincp/index.html',
  250. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html',
  251. 'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html',
  252. 'admincontrol/login.html','adm/index.html','adm.html','admincontrol.asp','admin/account.asp','adminpanel.asp','webadmin.asp','webadmin/index.asp',
  253. 'webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp','adminLogin.asp',
  254. 'admin/adminLogin.asp','home.asp','admin.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp','admin-login.html',
  255. 'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp','administrator/index.asp',
  256. 'admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2.asp','admin2/login.asp','admin2/index.asp','adm/index.asp',
  257. 'adm.asp','affiliate.asp','adm_auth.asp','memberadmin.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp','siteadmin/login.html','admin2009.asp',
  258. 'cekadmin.asp','admin2009.asp','logon.asp','secure.asp','securelogon.asp','admiin.asp','secure.asp','secure/index.asp','checkadministrator.asp','administratorlogon.asp',
  259. 'checker,asp','securewebadministrator.asp','testadmin.asp','logonadministratorweb.asp','log.php','secure/','area52.asp','adminzone.asp','oneadmin.asp','zoneadmin.asp',
  260. 'administratoor.asp','checkerinput.asp','account.asp','accountlogon.asp','secureaccount.php','akun.php','control.php','webcontrol/','controlweb/','webcontoller.php',
  261. );
  262.  
  263. foreach $Path(@path_Asp){
  264. $TargetURL=$targethostname.$Path;
  265. my $source=HTTP::Request->new(GET=>$TargetURL);
  266. $UserAgent=LWP::UserAgent->new;
  267. $UserAgent->agent("checking");
  268. $UserAgent->timeout(30);
  269. my $response=$UserAgent->get($TargetURL);
  270. $hasil=$response->status_line;
  271. $box->insert("end","\n[+] $TargetURL \n[!] status => $hasil\n");
  272. $main->update;
  273. my $View_Source=$UserAgent->request($source);
  274.  
  275. if($View_Source->content =~ /Username/ ||
  276.         $View_Source->content =~ /Password/ ||
  277.         $View_Source->content =~ /username/ ||
  278.         $View_Source->content =~ /password/ ||
  279.         $View_Source->content =~ /USERNAME/ ||
  280.         $View_Source->content =~ /PASSWORD/ ||
  281.         $View_Source->content =~ /Senha/ ||
  282.         $View_Source->content =~ /senha/ ||
  283.         $View_Source->content =~ /Personal/ ||
  284.         $View_Source->content =~ /Usuario/ ||
  285.         $View_Source->content =~ /Clave/ ||
  286.         $View_Source->content =~ /Usager/ ||
  287.         $View_Source->content =~ /usager/ ||
  288.         $View_Source->content =~ /Sing/ ||
  289.         $View_Source->content =~ /passe/ ||
  290.         $View_Source->content =~ /P\/W/
  291. ){
  292. $box->insert("end","[!] Admin page Login Possibilities => YES !!\n\n");
  293. $main->update;
  294. }else{
  295. $box->insert("end","[!] Admin page Login Possibilities => NO...\n\n");
  296. $main->update;
  297. }
  298. }
  299. }
  300.  
  301. if($source eq "php"){
  302.  
  303. @path_Php=('administrator.php','admin.php','admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
  304. 'memberadmin/','administratorlogin/','adm/','admin/account.php','admin/index.php','admin/login.php','admin/admin.php','admin/account.php',
  305. 'admin_area/admin.php','admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html','admin/index.html',
  306. 'admin login.html','admin/admin.html',
  307. 'admin_area/index.php','bb-admin/index.php','bb-admin/login.php','bb-admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html',
  308. 'admin/controlpanel.php','admin.php','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
  309. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
  310. 'admin/cp.php','cp.php','administrator/index.php','administrator/login.php','nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php',
  311. 'administrator/account.php','administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php',
  312. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.php','modelsearch/login.php','moderator.php','moderator/login.php',
  313. 'moderator/admin.php','account.php','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php',
  314. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php','adminarea/index.html','adminarea/admin.html',
  315. 'webadmin.php','webadmin/index.php','webadmin/admin.php','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.html',
  316. 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html',
  317. 'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
  318. 'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.php','account.html','controlpanel.html','admincontrol.html',
  319. 'panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','secureadmin.php','adminarea/index.php',
  320. 'adminarea/admin.php','adminarea/login.php','panel-administracion/index.php','panel-administracion/admin.php','modelsearch/index.php',
  321. 'modelsearch/admin.php','admincontrol/login.php','adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php',
  322. 'adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php','secureadmin.php','secureadmin/','verysecure.php','securelogon.php',
  323. 'admin2009.php','webadministration/','webadministrasi.php','admininput.php','secure.php','secureadministration.php','phpmyadmin/','sosecure.php','hardfound.php',
  324. 'dificultadmin.php/','administracion/','root.php','locked.php','locked/','adminnn.php','adminsitus.php','adminsitus/','adminsite/','adminsite.php','administratorsite/',
  325. 'adminpageonly/','adminonly.php','admin-site.php','admin-site/','administratorsite.php','usersite.php','maintenance.php','reconstruct.php','pageadmin.php','usersdatabase.php',
  326. 'databaseuser.php','databaseusers/','webdatalogin.php','dataadministration.php','homeadmin/','fjk.php','database.php','database/','dataweb/','qwerty.php','account.php',
  327. 'account.php','testaccount.php','accountlogon.php','account2009/','accountlogin.php','webaccount.php','databaseuserlogin.php','databaseadministration/','database.php',
  328. 'loggon.php','myadmin.php','webadmin.php','checkadmin.php','homeweb.php','webhome.php','adminarea.php','logonpanel.php','loginwebadmin.php'    
  329. );
  330.  
  331. foreach $Path(@path_Php){
  332. $TargetURL=$targethostname.$Path;
  333. my $source=HTTP::Request->new(GET=>$TargetURL);
  334. $UserAgent=LWP::UserAgent->new;
  335. $UserAgent->agent("checking");
  336. $UserAgent->timeout(30);
  337. my $response=$UserAgent->get($TargetURL);
  338. $hasil=$response->status_line;
  339. $box->insert("end","\n[+] $TargetURL \n[!] status => $hasil\n");
  340. $main->update;
  341. my $View_Source=$UserAgent->request($source);
  342.  
  343. if($View_Source->content =~ /Username/ ||
  344.         $View_Source->content =~ /Password/ ||
  345.         $View_Source->content =~ /username/ ||
  346.         $View_Source->content =~ /password/ ||
  347.         $View_Source->content =~ /USERNAME/ ||
  348.         $View_Source->content =~ /PASSWORD/ ||
  349.         $View_Source->content =~ /Senha/ ||
  350.         $View_Source->content =~ /senha/ ||
  351.         $View_Source->content =~ /Personal/ ||
  352.         $View_Source->content =~ /Usuario/ ||
  353.         $View_Source->content =~ /Clave/ ||
  354.         $View_Source->content =~ /Usager/ ||
  355.         $View_Source->content =~ /usager/ ||
  356.         $View_Source->content =~ /Sing/ ||
  357.         $View_Source->content =~ /passe/ ||
  358.         $View_Source->content =~ /P\/W/
  359. ){
  360. $box->insert("end","[!] Admin page Login Possibilities => YES !!\n\n");
  361. $main->update;
  362. }else{
  363. $box->insert("end","[!] Admin page Login Possibilities => NO...\n\n");
  364. $main->update;
  365. }
  366. }
  367. }
  368.  
  369. if($source eq "cfm"){
  370. @path_Cfm=('administrator.cfm','admin.php','admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
  371. 'memberadmin/','administratorlogin/','adm/','account.cfm','admin/account.cfm','admin/index.cfm','admin/login.cfm','admin/admin.cfm',
  372. 'admin_area/admin.cfm','admin_area/login.cfm','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
  373. 'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.cfm','bb-admin/index.cfm','bb-admin/login.cfm','bb-admin/admin.cfm',
  374. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html',
  375. 'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html',
  376. 'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','admincontrol.html','admin_login.html','panel-administracion/login.html',
  377. 'admin/home.cfm','admin/controlpanel.cfm','admin.cfm','pages/admin/admin-login.cfm','admin/admin-login.cfm','admin-login.cfm','admin/cp.cfm','cp.cfm',
  378. 'administrator/account.cfm','administrator.cfm','login.cfm','modelsearch/login.cfm','moderator.cfm','moderator/login.cfm','administrator/login.cfm',
  379. 'moderator/admin.cfm','controlpanel.cfm','admin/account.html','adminpanel.html','webadmin.html','pages/admin/admin-login.html','admin/admin-login.html',
  380. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.cfm','user.html','admincp/index.cfm','admincp/login.cfm','admincp/index.html',
  381. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html',
  382. 'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html',
  383. 'admincontrol/login.html','adm/index.html','adm.html','admincontrol.cfm','admin/account.cfm','adminpanel.cfm','webadmin.cfm','webadmin/index.cfm',
  384. 'webadmin/admin.cfm','webadmin/login.cfm','admin/admin_login.cfm','admin_login.cfm','panel-administracion/login.cfm','adminLogin.cfm',
  385. 'admin/adminLogin.cfm','home.cfm','admin.cfm','adminarea/index.cfm','adminarea/admin.cfm','adminarea/login.cfm','admin-login.html',
  386. 'panel-administracion/index.cfm','panel-administracion/admin.cfm','modelsearch/index.cfm','modelsearch/admin.cfm','administrator/index.cfm',
  387. 'admincontrol/login.cfm','adm/admloginuser.cfm','admloginuser.cfm','admin2.cfm','admin2/login.cfm','admin2/index.cfm','adm/index.cfm',
  388. 'adm.cfm','affiliate.cfm','adm_auth.cfm','memberadmin.cfm','administratorlogin.cfm','siteadmin/login.cfm','siteadmin/index.cfm','siteadmin/login.html'
  389. );
  390.  
  391. foreach $Path(@path_Cfm){
  392. my $source=HTTP::Request->new(GET=>$TargetURL);
  393. $UserAgent=LWP::UserAgent->new;
  394. $UserAgent->agent("checking");
  395. $UserAgent->timeout(30);
  396. my $response=$UserAgent->get($TargetURL);
  397. $hasil=$response->status_line;
  398. $box->insert("end","\n[+] $TargetURL \n[!] status => $hasil\n");
  399. $main->update;
  400. my $View_Source=$UserAgent->request($source);
  401.  
  402. if($View_Source->content =~ /Username/ ||
  403.         $View_Source->content =~ /Password/ ||
  404.         $View_Source->content =~ /username/ ||
  405.         $View_Source->content =~ /password/ ||
  406.         $View_Source->content =~ /USERNAME/ ||
  407.         $View_Source->content =~ /PASSWORD/ ||
  408.         $View_Source->content =~ /Senha/ ||
  409.         $View_Source->content =~ /senha/ ||
  410.         $View_Source->content =~ /Personal/ ||
  411.         $View_Source->content =~ /Usuario/ ||
  412.         $View_Source->content =~ /Clave/ ||
  413.         $View_Source->content =~ /Usager/ ||
  414.         $View_Source->content =~ /usager/ ||
  415.         $View_Source->content =~ /Sing/ ||
  416.         $View_Source->content =~ /passe/ ||
  417.         $View_Source->content =~ /P\/W/
  418. ){
  419. $box->insert("end","[!] Admin page Login Possibilities => YES !!\n\n");
  420. $main->update;
  421. }else{
  422. $box->insert("end","[!] Admin page Login Possibilities => NO...\n\n");
  423. $main->update;
  424. }
  425. }
  426. }
  427. }
  428.  
  429. sub CLI(){
  430. system($ClsCR);
  431. system('title Admin Control Panel Finder.....');
  432. print"\n";
  433. print "\t+=======================================+\n";
  434. print "\t+ Control Panel Finder                  +\n";
  435. print "\t+ Command Line Interpreter (CLI) Edition+\n";
  436. print "\t+ Version 2.0                          +\n";
  437. print "\t+ Programmer : gunslinger_              +\n";
  438. print "\t+=======================================+\n";
  439. print "\n";;
  440.  
  441. print " Input site address \n ex: \"www.target.com\" or \"http://www.target.com/path\"\n -> ";
  442. $targethostname=<STDIN>;
  443. chomp $targethostname;
  444.  
  445. print "\n";
  446. print " Input basic c0de of the site \n ex : \"asp\" or \"php\" or \"cfm\" \n -> ";
  447. $source=<STDIN>;
  448. chomp($source);
  449.  
  450. if ( $targethostname !~ /^http:/ ) {
  451.         $targethostname = 'http://' . $targethostname;
  452.         }
  453. if ( $targethostname !~ /\/$/ ) {
  454.         $targethostname = $targethostname . '/';
  455.         }
  456.  
  457. print "\n";
  458. print "->[+] Target : $targethostname\n";
  459. print "->[+] Basic c0de of the site : $source\n";
  460. print "->[+] Scanning control panel page...\n\n\n";
  461.  
  462. if($source eq "asp"){
  463.  
  464. @path_Asp=('administrator.asp','admin.asp','admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/','private/',
  465. 'memberadmin/','administratorlogin/','adm/','account.asp','admin/account.asp','admin/index.asp','admin/login.asp','admin/admin.asp',
  466. 'admin_area/admin.asp','admin_area/login.asp','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
  467. 'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp','bb-admin/admin.asp',
  468. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html',
  469. 'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html',
  470. 'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','admincontrol.html','admin_login.html','panel-administracion/login.html',
  471. 'admin/home.asp','admin/controlpanel.asp','admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','admin/cp.asp','cp.asp',
  472. 'administrator/account.asp','administrator.asp','login.asp','modelsearch/login.asp','moderator.asp','moderator/login.asp','administrator/login.asp',
  473. 'moderator/admin.asp','controlpanel.asp','admin/account.html','adminpanel.html','webadmin.html','pages/admin/admin-login.html','admin/admin-login.html',
  474. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.asp','user.html','admincp/index.asp','admincp/login.asp','admincp/index.html',
  475. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html',
  476. 'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html',
  477. 'admincontrol/login.html','adm/index.html','adm.html','admincontrol.asp','admin/account.asp','adminpanel.asp','webadmin.asp','webadmin/index.asp',
  478. 'webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp','adminLogin.asp',
  479. 'admin/adminLogin.asp','home.asp','admin.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp','admin-login.html',
  480. 'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp','administrator/index.asp',
  481. 'admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2.asp','admin2/login.asp','admin2/index.asp','adm/index.asp',
  482. 'adm.asp','affiliate.asp','adm_auth.asp','memberadmin.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp','siteadmin/login.html','admin2009.asp',
  483. 'cekadmin.asp','admin2009.asp','logon.asp','secure.asp','securelogon.asp','admiin.asp','secure.asp','secure/index.asp','checkadministrator.asp','administratorlogon.asp',
  484. 'checker,asp','securewebadministrator.asp','testadmin.asp','logonadministratorweb.asp','log.php','secure/','area52.asp','adminzone.asp','oneadmin.asp','zoneadmin.asp',
  485. 'administratoor.asp','checkerinput.asp','account.asp','accountlogon.asp','secureaccount.php','akun.php','control.php','webcontrol/','controlweb/','webcontoller.php',
  486. );
  487.  
  488. foreach $Path(@path_Asp){
  489. $TargetURL=$targethostname.$Path;
  490. my $source=HTTP::Request->new(GET=>$TargetURL);
  491. $UserAgent=LWP::UserAgent->new;
  492. $UserAgent->agent("checking");
  493. $UserAgent->timeout(30);
  494. my $response=$UserAgent->get($TargetURL);
  495. $hasil=$response->status_line;
  496. print "\n[+] $TargetURL \n[!] status => $hasil\n";
  497. my $View_Source=$UserAgent->request($source);
  498.  
  499. if($View_Source->content =~ /Username/ ||
  500.         $View_Source->content =~ /Password/ ||
  501.         $View_Source->content =~ /username/ ||
  502.         $View_Source->content =~ /password/ ||
  503.         $View_Source->content =~ /USERNAME/ ||
  504.         $View_Source->content =~ /PASSWORD/ ||
  505.         $View_Source->content =~ /Senha/ ||
  506.         $View_Source->content =~ /senha/ ||
  507.         $View_Source->content =~ /Personal/ ||
  508.         $View_Source->content =~ /Usuario/ ||
  509.         $View_Source->content =~ /Clave/ ||
  510.         $View_Source->content =~ /Usager/ ||
  511.         $View_Source->content =~ /usager/ ||
  512.         $View_Source->content =~ /Sing/ ||
  513.         $View_Source->content =~ /passe/ ||
  514.         $View_Source->content =~ /P\/W/
  515. ){
  516. print "[!] Admin page Login Possibilities => YES !!\n\n";
  517. }else{
  518. print "[!] Admin page Login Possibilities => NO...\n\n";
  519. }
  520. }
  521. }
  522.  
  523. if($source eq "php"){
  524.  
  525. @path_Php=('administrator.php','admin.php','admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
  526. 'memberadmin/','administratorlogin/','adm/','admin/account.php','admin/index.php','admin/login.php','admin/admin.php','admin/account.php',
  527. 'admin_area/admin.php','admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html','admin/index.html',
  528. 'admin login.html','admin/admin.html',
  529. 'admin_area/index.php','bb-admin/index.php','bb-admin/login.php','bb-admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html',
  530. 'admin/controlpanel.php','admin.php','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
  531. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
  532. 'admin/cp.php','cp.php','administrator/index.php','administrator/login.php','nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php',
  533. 'administrator/account.php','administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php',
  534. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.php','modelsearch/login.php','moderator.php','moderator/login.php',
  535. 'moderator/admin.php','account.php','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php',
  536. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php','adminarea/index.html','adminarea/admin.html',
  537. 'webadmin.php','webadmin/index.php','webadmin/admin.php','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.html',
  538. 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html',
  539. 'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
  540. 'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.php','account.html','controlpanel.html','admincontrol.html',
  541. 'panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','secureadmin.php','adminarea/index.php',
  542. 'adminarea/admin.php','adminarea/login.php','panel-administracion/index.php','panel-administracion/admin.php','modelsearch/index.php',
  543. 'modelsearch/admin.php','admincontrol/login.php','adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php',
  544. 'adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php','secureadmin.php','secureadmin/','verysecure.php','securelogon.php',
  545. 'admin2009.php','webadministration/','webadministrasi.php','admininput.php','secure.php','secureadministration.php','phpmyadmin/','sosecure.php','hardfound.php',
  546. 'dificultadmin.php/','administracion/','root.php','locked.php','locked/','adminnn.php','adminsitus.php','adminsitus/','adminsite/','adminsite.php','administratorsite/',
  547. 'adminpageonly/','adminonly.php','admin-site.php','admin-site/','administratorsite.php','usersite.php','maintenance.php','reconstruct.php','pageadmin.php','usersdatabase.php',
  548. 'databaseuser.php','databaseusers/','webdatalogin.php','dataadministration.php','homeadmin/','fjk.php','database.php','database/','dataweb/','qwerty.php','account.php',
  549. 'account.php','testaccount.php','accountlogon.php','account2009/','accountlogin.php','webaccount.php','databaseuserlogin.php','databaseadministration/','database.php',
  550. 'loggon.php','myadmin.php','webadmin.php','checkadmin.php','homeweb.php','webhome.php','adminarea.php','logonpanel.php','loginwebadmin.php'    
  551. );
  552.  
  553.  
  554.  
  555. foreach $Path(@path_Php){
  556. $TargetURL=$targethostname.$Path;
  557. my $source=HTTP::Request->new(GET=>$TargetURL);
  558. $UserAgent=LWP::UserAgent->new;
  559. $UserAgent->agent("checking");
  560. $UserAgent->timeout(30);
  561. my $response=$UserAgent->get($TargetURL);
  562. $hasil=$response->status_line;
  563. print "\n[+] $TargetURL \n[!] status => $hasil\n";
  564. my $View_Source=$UserAgent->request($source);
  565.  
  566. if($View_Source->content =~ /Username/ ||
  567.         $View_Source->content =~ /Password/ ||
  568.         $View_Source->content =~ /username/ ||
  569.         $View_Source->content =~ /password/ ||
  570.         $View_Source->content =~ /USERNAME/ ||
  571.         $View_Source->content =~ /PASSWORD/ ||
  572.         $View_Source->content =~ /Senha/ ||
  573.         $View_Source->content =~ /senha/ ||
  574.         $View_Source->content =~ /Personal/ ||
  575.         $View_Source->content =~ /Usuario/ ||
  576.         $View_Source->content =~ /Clave/ ||
  577.         $View_Source->content =~ /Usager/ ||
  578.         $View_Source->content =~ /usager/ ||
  579.         $View_Source->content =~ /Sing/ ||
  580.         $View_Source->content =~ /passe/ ||
  581.         $View_Source->content =~ /P\/W/
  582. ){
  583. print "[!] Admin page Login Possibilities => YES !!\n\n";
  584. }else{
  585. print "[!] Admin page Login Possibilities => NO...\n\n";
  586. }
  587. }
  588. }
  589.  
  590.  
  591. if($source eq "cfm"){
  592. @path_Cfm=('administrator.cfm','admin.php','admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
  593. 'memberadmin/','administratorlogin/','adm/','account.cfm','admin/account.cfm','admin/index.cfm','admin/login.cfm','admin/admin.cfm',
  594. 'admin_area/admin.cfm','admin_area/login.cfm','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
  595. 'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.cfm','bb-admin/index.cfm','bb-admin/login.cfm','bb-admin/admin.cfm',
  596. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html',
  597. 'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html',
  598. 'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','admincontrol.html','admin_login.html','panel-administracion/login.html',
  599. 'admin/home.cfm','admin/controlpanel.cfm','admin.cfm','pages/admin/admin-login.cfm','admin/admin-login.cfm','admin-login.cfm','admin/cp.cfm','cp.cfm',
  600. 'administrator/account.cfm','administrator.cfm','login.cfm','modelsearch/login.cfm','moderator.cfm','moderator/login.cfm','administrator/login.cfm',
  601. 'moderator/admin.cfm','controlpanel.cfm','admin/account.html','adminpanel.html','webadmin.html','pages/admin/admin-login.html','admin/admin-login.html',
  602. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.cfm','user.html','admincp/index.cfm','admincp/login.cfm','admincp/index.html',
  603. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html',
  604. 'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html',
  605. 'admincontrol/login.html','adm/index.html','adm.html','admincontrol.cfm','admin/account.cfm','adminpanel.cfm','webadmin.cfm','webadmin/index.cfm',
  606. 'webadmin/admin.cfm','webadmin/login.cfm','admin/admin_login.cfm','admin_login.cfm','panel-administracion/login.cfm','adminLogin.cfm',
  607. 'admin/adminLogin.cfm','home.cfm','admin.cfm','adminarea/index.cfm','adminarea/admin.cfm','adminarea/login.cfm','admin-login.html',
  608. 'panel-administracion/index.cfm','panel-administracion/admin.cfm','modelsearch/index.cfm','modelsearch/admin.cfm','administrator/index.cfm',
  609. 'admincontrol/login.cfm','adm/admloginuser.cfm','admloginuser.cfm','admin2.cfm','admin2/login.cfm','admin2/index.cfm','adm/index.cfm',
  610. 'adm.cfm','affiliate.cfm','adm_auth.cfm','memberadmin.cfm','administratorlogin.cfm','siteadmin/login.cfm','siteadmin/index.cfm','siteadmin/login.html'
  611. );
  612. foreach $Path(@path_Cfm){
  613. $TargetURL=$targethostname.$Path;
  614. my $source=HTTP::Request->new(GET=>$TargetURL);
  615. $UserAgent=LWP::UserAgent->new;
  616. $UserAgent->agent("checking");
  617. $UserAgent->timeout(30);
  618. my $response=$UserAgent->get($TargetURL);
  619. $hasil=$response->status_line;
  620. print "\n[+] $TargetURL \n[!] status => $hasil\n";
  621. my $View_Source=$UserAgent->request($source);
  622.  
  623. if($View_Source->content =~ /Username/ ||
  624.         $View_Source->content =~ /Password/ ||
  625.         $View_Source->content =~ /username/ ||
  626.         $View_Source->content =~ /password/ ||
  627.         $View_Source->content =~ /USERNAME/ ||
  628.         $View_Source->content =~ /PASSWORD/ ||
  629.         $View_Source->content =~ /Senha/ ||
  630.         $View_Source->content =~ /senha/ ||
  631.         $View_Source->content =~ /Personal/ ||
  632.         $View_Source->content =~ /Usuario/ ||
  633.         $View_Source->content =~ /Clave/ ||
  634.         $View_Source->content =~ /Usager/ ||
  635.         $View_Source->content =~ /usager/ ||
  636.         $View_Source->content =~ /Sing/ ||
  637.         $View_Source->content =~ /passe/ ||
  638.         $View_Source->content =~ /P\/W/
  639. ){
  640. print "[!] Admin page Login Possibilities => YES !!\n\n";
  641. }else{
  642. print "[!] Admin page Login Possibilities => NO...\n\n";
  643. }
  644. }
  645. }
  646. }
  647. }
clone this paste RAW Paste Data