Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env python
- # -*- coding: utf-8 -*-
- import http.client, threading, sys, getopt, os
- from multiprocessing import cpu_count
- defaultlist = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
- 'memberadmin/','administratorlogin/','adm/','admin/account.php','admin/index.php','admin/login/','admin/login.php','admin/admin.php','admin/account.php',
- 'admin_area/admin.php','admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
- 'admin_area/index.php','bb-admin/index.php','bb-admin/login.php','bb-admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html',
- 'admin/controlpanel.php','admin.php','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
- 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
- 'admin/cp.php','cp.php','administrator/index.php','administrator/login.php','nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php',
- 'administrator/account.php','administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php',
- 'bb-admin/index.html','bb-admin/login.html','acceso.php','bb-admin/admin.html','admin/home.html','login.php','modelsearch/login.php','moderator.php','moderator/login.php',
- 'moderator/admin.php','account.php','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php',
- 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php','adminarea/index.html','adminarea/admin.html',
- 'webadmin.php','webadmin/index.php','webadmin/admin.php','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html',
- 'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
- 'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.php','account.html','controlpanel.html','admincontrol.html',
- 'panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','admin.php','adminarea/index.php',
- 'adminarea/admin.php','adminarea/login.php','panel-administracion/index.php','panel-administracion/admin.php','modelsearch/index.php',
- 'modelsearch/admin.php','admincontrol/login.php','adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php','usuarios/login.php',
- 'adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php', 'webmaster/', 'webmaster.php', 'phpmyadmin', 'PhpMyAdmin']
- def onerror(py):
- print('========================================')
- print('Multiprocessing and Multitargeting ACP-Scanner by Bastian')
- print('Admin Control Panel Scanner v2.4')
- print('Visit LeakForums.org for more.')
- print(' --http-status, -s: select an integer for HTTP status code (e.g. 200) or leave in blank for default value')
- print('EXAMPLES:')
- print((' python ' + py + ' --target=example.com --panel-list=panels.txt --http-status=400'))
- print((' python ' + py + ' --target=mytargets.txt'))
- print((' python ' + py + ' -t example.com -s 301'))
- targets = []
- panels = ''
- httpstat = 200
- info = '\nType --help or -h for more instructions.'
- try:
- opts, args = getopt.getopt(sys.argv[1:], 'ht:p:s:', ['help', 'target', 'panel-list=', 'http-status='])
- if len(opts) < 1:
- onerror(sys.argv[0])
- sys.exit(1)
- except getopt.GetoptError:
- onerror(sys.argv[0])
- sys.exit(2)
- for command, value in opts:
- if command in ('-h', '--help'):
- onerror(sys.argv[0])
- sys.exit()
- elif command in ('-t', '--target'):
- if os.path.isfile(value):
- if os.access(value, os.R_OK):
- targets = [0, value.strip()]
- else:
- print(('Can\'t read the given textfile containing the targets.' + info))
- sys.exit(1)
- else:
- try:
- url = value.replace('https://', '').replace('http://', '').replace('www.', '').replace('/', '')
- testing = http.client.HTTPConnection(url)
- testing.request('HEAD', '')
- targets = [1, value.strip()]
- except:
- print(('Can neither request the given single target URL nor open a appropriate textfile.' + info))
- sys.exit(1)
- elif command in ('-p', '--panel-list'):
- if os.path.isfile(value) & os.access(value, os.R_OK):
- panels = value.strip()
- else:
- print(('Can\'t find or read the given textfile containing the panels.' + info))
- sys.exit(1)
- elif command in ('-s', '--http-status'):
- if (int(value) in range(100, 950)):
- httpstat = int(value.strip())
- else:
- print(('The given HTTP status seems not to be valid. Only integer between 100 and 950 are allowed.' + info))
- sys.exit(1)
- if (targets[0] < 1):
- try:
- tlist = open(targets[1], 'r')
- spect = tlist.readlines()
- tlist.close()
- except:
- print(('Can\'t open the given textfile ' + targets[1]+ ' containing the targets.'))
- sys.exit(1)
- else:
- spect = [targets[1]]
- if panels:
- try:
- plist = open(panels, 'r')
- specp = plist.readlines()
- plist.close()
- except:
- print(('Can\'t open the given textfile ' + targets[1]+ ' with targets.'))
- else:
- specp = defaultlist
- def check_panel(url, acp, stat):
- try:
- check = http.client.HTTPConnection(url)
- acpanel = '/' + acp
- check.request('HEAD', acpanel)
- resp = check.getresponse()
- if (resp.status <= stat):
- print(('>>> Founding ' + url + acpanel).strip())
- except:
- pass
- def requesting_target(url):
- global specp, httpstat
- try:
- obj = url.replace('https://', '').replace('http://', '').replace('www.', '').replace('/', '')
- requesting = http.client.HTTPConnection(obj)
- requesting.request('HEAD', '')
- processes = []
- for acp in specp:
- pmultiproc = threading.Thread(target=check_panel, args=(obj, acp.strip(), httpstat))
- pmultiproc.start()
- processes.append(pmultiproc)
- for thread in processes:
- thread.join()
- except:
- pass
- print('\nMultiprocessing Adminpanel Scanner by Bastian from LeakForums.org')
- print(('Processing with ' + str(cpu_count()) + ' available CPU'))
- print(('Testing ' + str(len(specp)) + ' possible admin panels on currently ' + str(len(spect)) + ' targets'))
- print(('Starting...\n' + ('-')*50))
- for dest in spect:
- tmultiproc = threading.Thread(target=requesting_target, args=[dest.strip()])
- tmultiproc.start()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement