WebServers scanning tool By Anonymous Albania 404

1. import urllib
2. import urlparse
3. import os
4. import re
5. from time import sleep
6. from datetime import date
7. def welcome(modulename):
8.  
9.   print  """
10.          |==========================================================|
11.       |==================[Anonymous Albania ]====================|
12.          |======================  [ 404 ]   ========================|
13.          |==============[ lordnotfound404@gmail.com ]===============|
14.          |==========[ https://www.facebook.com/404andreas]==========|
15.          |==========================================================|
16.          |      ****      Web Hacking framwork by 404      ***      |
17.          |==========================================================|
18.        """
19.   print  '#######    ' + modulename
20.  
21. ###########################################################
22. def sqlihunt(dork , filename ):
23.  
24.   # extract Urls from a Bing search engin querying the given dork and test every url in
25.   # the result is stored in a text file
26.   file2 =open(filename+'.txt','w')
27.   start=0
28.   end=200
29.   sleep(3)
30.   print "[info]Getting Websites From Bing ... "
31.   while start<=end :
32.     try:
33.       con = urllib.urlretrieve('http://www.bing.com/search?q='+dork+"&first="+str(start))
34.       #con = con = urllib.urlretrieve('http://www.bing.com/search?q=ip%3A41.203.11.42+%22php%3Fid%3D%22&go=&qs=ds&form=QBLH&filt=all')
35.       conf = open(con[0])
36.       readd=conf.read()
37.       find=re.findall('<h2><a href="(.*?)"',readd)
38.       start = start+10
39.       #return find
40.     except IOError:
41.       print "[ERROR]network error "
42.       print "[Info]reconnecting "
43.       sleep(10)
44.       print "[Info]retrying "
45.     try :
46.       for i in range(len(find)):
47.                   rez=find[i]+"'"
48.                   tst = urllib.urlretrieve(rez)
49.                   tstf = open(tst[0])
50.                   tstdd= tstf.read()
51.                   tstfind=re.findall('/error in your SQL syntax|mysql_fetch_array()|execute query|mysql_fetch_object()|mysql_num_rows()|mysql_fetch_assoc()|mysql_fetch_row()|SELECT * FROM|supplied argument is not a valid MySQL|Syntax error|Fatal error/i|You have an error in your SQL syntax|Microsoft VBScript runtime error',tstdd)
52.                   if(tstfind):
53.                     print "[SLQi] : "+ rez
54.                     file2.write(rez + '\n')
55.                   else:
56.                     print "[No SQLi ] : " + rez
57.     except IOError:
58.       print "[ERROR]No result found"
59.  
60. ############################################################
61. def serverTargeting(IP):
62.   welcome("perform many  scans to target the given server's IP ")
63.   os.system("mkdir "+IP)
64.   #fil = open(logsfilename+'.txt','a')
65.   #fil.write("[Info] : new target "+now.strftime("%A %d %b %Y")+"IP adress : "+IP)
66.   #print "[Info] : new target "+now.strftime("%A %d %b %Y")+"IP adress : "+IP
67.   #fil.write("[Info] : getting links from Bing")
68.   print " New TARGET " + IP
69.   print "[Info] : getting Hosted domains from Bing"
70.   file2 =open(IP+'/hosted.txt','w')
71.   start=0
72.   end=200
73.   sleep(3)
74.   dork = 'IP:'+IP
75.   #print "[info]Getting Websites From Bing ... "
76.   while  start <= end :
77.     try:
78.       con = urllib.urlretrieve('http://www.bing.com/search?q='+dork+"&first="+str(start))
79.       #con = con = urllib.urlretrieve('http://www.bing.com/search?q=ip%3A41.203.11.42+%22php%3Fid%3D%22&go=&qs=ds&form=QBLH&filt=all')
80.       conf = open(con[0])
81.       readd=conf.read()
82.       find=re.findall('<h2><a href="(.*?)"',readd)
83.       start = start+10
84.     except IOError:
85.       print "[ERROR]network error "
86.       print "[Info]reconnecting "
87.       sleep(10)
88.       print "[Info]retrying "
89.     try :
90.  
91.       for i in range(len(find)):
92.        rez=find[i]
93.        file2.write(urlparse.urlparse(rez).netloc + '\n')
94.     except IOError:
95.       print "[ERROR]No result found"
96.   print "[Info] : links list saved in file "+IP+"hosted.txt"
97.   print "[Info] : getting wordpress sites from server ...."
98.  
99.  
100.   file2 =open(IP+'/wp_Powred.txt','w')
101.   start=0
102.   end=200
103.   sleep(3)
104.   dork = 'IP:'+IP + "  /wp-content/"
105.   wplist = []
106.   #print "[info]Getting Websites From Bing ... "
107.   while  start <= end :
108.     try:
109.       con = urllib.urlretrieve('http://www.bing.com/search?q='+dork+"&first="+str(start))
110.       #con = con = urllib.urlretrieve('http://www.bing.com/search?q=ip%3A41.203.11.42+%22php%3Fid%3D%22&go=&qs=ds&form=QBLH&filt=all')
111.       conf = open(con[0])
112.       readd=conf.read()
113.       find=re.findall('<h2><a href="(.*?)"',readd)
114.       start = start+10
115.     except IOError:
116.       print "[ERROR]network error "
117.       print "[Info]reconnecting "
118.       sleep(10)
119.       print "[Info]retrying "
120.     try :
121.  
122.       for i in range(len(find)):
123.        rez=find[i]
124.        wplist.append(rez)
125.        file2.write(urlparse.urlparse(rez).netloc  + '\n')
126.     except IOError:
127.       print "[ERROR]No result found"
128.  
129.   #getsitesbing("IP:"+IP+" /wp-content/" , 'wp_Powred' )
130.   print "[Info] : links list saved in file "+IP+"wp_Powred.txt"
131.   print "[Info] : getting joomla sites from server ...."
132.  
133.    
134.   file2 =open(IP+'/joom_Powred.txt','w')
135.   start=0
136.   end=200
137.   joomlist = []
138.   sleep(3)
139.   dork = 'IP:'+IP +" index.php?option=com_content"
140.   #print "[info]Getting Websites From Bing ... "
141.   while  start <= end :
142.     try:
143.       con = urllib.urlretrieve('http://www.bing.com/search?q='+dork+"&first="+str(start))
144.       #con = con = urllib.urlretrieve('http://www.bing.com/search?q=ip%3A41.203.11.42+%22php%3Fid%3D%22&go=&qs=ds&form=QBLH&filt=all')
145.       conf = open(con[0])
146.       readd=conf.read()
147.       find=re.findall('<h2><a href="(.*?)"',readd)
148.       start = start+10
149.     except IOError:
150.       print "[ERROR]network error "
151.       print "[Info]reconnecting "
152.       sleep(10)
153.       print "[Info]retrying "
154.     try :
155.  
156.       for i in range(len(find)):
157.        rez=find[i]
158.        joomlist.append(rez)
159.        file2.write(urlparse.urlparse(rez).netloc  + '\n')
160.     except IOError:
161.       print "[ERROR]No result found"
162.  
163.   #getsitesbing("IP:"+IP+" index.php?option=com_content" , 'joom_Powred' )
164.  
165.   print "[Info] : links saved in file "+IP+"joom_Powred.txt"
166.   print " ALL is done good luck dude !!!!! "
167.   print " starting SCanning phase for worpress sites Using wpscan"
168.   os.system("mkdir "+IP+"/wpscan_results")
169.   wps = set(wplist)
170.   for url in wps:
171.     print " Scanning  "+urlparse.urlparse(url).netloc
172.     os.system("wpscan --url "+urlparse.urlparse(url).netloc+"| tee "+IP+"/wpscan_results/"+urlparse.urlparse(url).netloc+".txt")
173.     print urlparse.urlparse(url).netloc+"  SCANNED "
174.   print " ALL wordpress Sites were scanned NOw scanning Joomla sites using Joomscan"
175.   os.system("mkdir "+IP+"/joomscan_results")
176.   joomlas = set(joomlist)
177.   for url in joomlas:
178.     print " Scanning "+urlparse.urlparse(url).netloc
179.     os.system("joomscan -u "+urlparse.urlparse(url).netloc+" tee "+IP+"/joomscan_results/"+urlparse.urlparse(url).netloc+".txt")
180.     print " SCANNED " +urlparse.urlparse(url).netloc
181. ###########################################################
182. welcome("Server Targetting tool ")
183. IPadress=raw_input("[INFO] : enter IP adress  : ")
184. serverTargeting(IPadress)
185. sqlihunt("IP:"+IPadress+" id =" , IPadress+"/SQLinjectable.txt" )