API tools faq
paste
Advertisement
Guest User

Admin Finder v2

a guest
Aug 4th, 2015
234
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.13 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. set_time_limit(0);
  3. error_reporting(0);
  4. $list['front'] ="admin
  5. adm
  6. admincp
  7. admcp
  8. cp
  9. modcp
  10. moderatorcp
  11. adminare
  12. admins
  13. cpanel
  14. controlpanel";
  15. $list['end'] = "admin1.php
  16. admin1.html
  17. admin2.php
  18. admin2.html
  19. yonetim.php
  20. yonetim.html
  21. yonetici.php
  22. yonetici.html
  23. ccms/
  24. ccms/login.php
  25. ccms/index.php
  26. maintenance/
  27. webmaster/
  28. adm/
  29. configuration/
  30. configure/
  31. websvn/
  32. admin/
  33. admin/account.php
  34. admin/account.html
  35. admin/index.php
  36. admin/index.html
  37. admin/login.php
  38. admin/login.html
  39. admin/home.php
  40. admin/controlpanel.html
  41. admin/controlpanel.php
  42. admin.php
  43. admin.html
  44. admin/cp.php
  45. admin/cp.html
  46. cp.php
  47. cp.html
  48. administrator/
  49. administrator/index.html
  50. administrator/index.php
  51. administrator/login.html
  52. administrator/login.php
  53. administrator/account.html
  54. administrator/account.php
  55. administrator.php
  56. administrator.html
  57. login.php
  58. login.html
  59. modelsearch/login.php
  60. moderator.php
  61. moderator.html
  62. moderator/login.php
  63. moderator/login.html
  64. moderator/admin.php
  65. moderator/admin.html
  66. moderator/
  67. account.php
  68. account.html
  69. controlpanel/
  70. controlpanel.php
  71. controlpanel.html
  72. admincontrol.php
  73. admincontrol.html
  74. adminpanel.php
  75. adminpanel.html
  76. admin1.asp
  77. admin2.asp
  78. yonetim.asp
  79. yonetici.asp
  80. admin/account.asp
  81. admin/index.asp
  82. admin/login.asp
  83. admin/home.asp
  84. admin/controlpanel.asp
  85. admin.asp
  86. admin/cp.asp
  87. cp.asp
  88. administrator/index.asp
  89. administrator/login.asp
  90. administrator/account.asp
  91. administrator.asp
  92. login.asp
  93. modelsearch/login.asp
  94. moderator.asp
  95. moderator/login.asp
  96. moderator/admin.asp
  97. account.asp
  98. controlpanel.asp
  99. admincontrol.asp
  100. adminpanel.asp
  101. fileadmin/
  102. fileadmin.php
  103. fileadmin.asp
  104. fileadmin.html
  105. administration/
  106. administration.php
  107. administration.html
  108. sysadmin.php
  109. sysadmin.html
  110. phpmyadmin/
  111. myadmin/
  112. sysadmin.asp
  113. sysadmin/
  114. ur-admin.asp
  115. ur-admin.php
  116. ur-admin.html
  117. ur-admin/
  118. Server.php
  119. Server.html
  120. Server.asp
  121. Server/
  122. wp-admin/
  123. administr8.php
  124. administr8.html
  125. administr8/
  126. administr8.asp
  127. webadmin/
  128. webadmin.php
  129. webadmin.asp
  130. webadmin.html
  131. administratie/
  132. admins/
  133. admins.php
  134. admins.asp
  135. admins.html
  136. administrivia/
  137. Database_Administration/
  138. WebAdmin/
  139. useradmin/
  140. sysadmins/
  141. admin1/
  142. system-administration/
  143. administrators/
  144. pgadmin/
  145. directadmin/
  146. staradmin/
  147. ServerAdministrator/
  148. SysAdmin/
  149. administer/
  150. LiveUser_Admin/
  151. sys-admin/
  152. typo3/
  153. panel/
  154. cpanel/
  155. cPanel/
  156. cpanel_file/
  157. platz_login/
  158. rcLogin/
  159. blogindex/
  160. formslogin/
  161. autologin/
  162. support_login/
  163. meta_login/
  164. manuallogin/
  165. simpleLogin/
  166. loginflat/
  167. utility_login/
  168. showlogin/
  169. memlogin/
  170. members/
  171. login-redirect/
  172. sub-login/
  173. wp-login/
  174. login1/
  175. dir-login/
  176. login_db/
  177. xlogin/
  178. smblogin/
  179. customer_login/
  180. UserLogin/
  181. login-us/
  182. acct_login/
  183. admin_area/
  184. bigadmin/
  185. project-admins/
  186. phppgadmin/
  187. pureadmin/
  188. sql-admin/
  189. radmind/
  190. openvpnadmin/
  191. wizmysqladmin/
  192. vadmind/
  193. ezsqliteadmin/
  194. hpwebjetadmin/
  195. newsadmin/
  196. adminpro/
  197. Lotus_Domino_Admin/
  198. bbadmin/
  199. vmailadmin/
  200. Indy_admin/
  201. ccp14admin/
  202. irc-macadmin/
  203. banneradmin/
  204. sshadmin/
  205. phpldapadmin/
  206. macadmin/
  207. administratoraccounts/
  208. admin4_account/
  209. admin4_colon/
  210. radmind-1/
  211. Super-Admin/
  212. AdminTools/
  213. cmsadmin/
  214. SysAdmin2/
  215. globes_admin/
  216. cadmins/
  217. phpSQLiteAdmin/
  218. navSiteAdmin/
  219. server_admin_small/
  220. logo_sysadmin/
  221. server/
  222. database_administration/
  223. power_user/
  224. system_administration/
  225. ss_vms_admin_sm/
  226. adminarea/
  227. bb-admin/
  228. adminLogin/
  229. panel-administracion/
  230. instadmin/
  231. memberadmin/
  232. administratorlogin/
  233. admin/admin.php
  234. admin_area/admin.php
  235. admin_area/login.php
  236. siteadmin/login.php
  237. siteadmin/index.php
  238. siteadmin/login.html
  239. admin/admin.html
  240. admin_area/index.php
  241. bb-admin/index.php
  242. bb-admin/login.php
  243. bb-admin/admin.php
  244. admin_area/login.html
  245. admin_area/index.html
  246. admincp/index.asp
  247. admincp/login.asp
  248. admincp/index.html
  249. webadmin/index.html
  250. webadmin/admin.html
  251. webadmin/login.html
  252. admin/admin_login.html
  253. admin_login.html
  254. panel-administracion/login.html
  255. nsw/admin/login.php
  256. webadmin/login.php
  257. admin/admin_login.php
  258. admin_login.php
  259. admin_area/admin.html
  260. pages/admin/admin-login.php
  261. admin/admin-login.php
  262. admin-login.php
  263. bb-admin/index.html
  264. bb-admin/login.html
  265. bb-admin/admin.html
  266. admin/home.html
  267. pages/admin/admin-login.html
  268. admin/admin-login.html
  269. admin-login.html
  270. admin/adminLogin.html
  271. adminLogin.html
  272. home.html
  273. rcjakar/admin/login.php
  274. adminarea/index.html
  275. adminarea/admin.html
  276. webadmin/index.php
  277. webadmin/admin.php
  278. user.html
  279. modelsearch/login.html
  280. adminarea/login.html
  281. panel-administracion/index.html
  282. panel-administracion/admin.html
  283. modelsearch/index.html
  284. modelsearch/admin.html
  285. admincontrol/login.html
  286. adm/index.html
  287. adm.html
  288. user.php
  289. panel-administracion/login.php
  290. wp-login.php
  291. adminLogin.php
  292. admin/adminLogin.php
  293. home.php
  294. adminarea/index.php
  295. adminarea/admin.php
  296. adminarea/login.php
  297. panel-administracion/index.php
  298. panel-administracion/admin.php
  299. modelsearch/index.php
  300. modelsearch/admin.php
  301. admincontrol/login.php
  302. adm/admloginuser.php
  303. admloginuser.php
  304. admin2/login.php
  305. admin2/index.php
  306. adm/index.php
  307. adm.php
  308. affiliate.php
  309. adm_auth.php
  310. memberadmin.php
  311. administratorlogin.php
  312. admin/admin.asp
  313. admin_area/admin.asp
  314. admin_area/login.asp
  315. admin_area/index.asp
  316. bb-admin/index.asp
  317. bb-admin/login.asp
  318. bb-admin/admin.asp
  319. pages/admin/admin-login.asp
  320. admin/admin-login.asp
  321. admin-login.asp
  322. user.asp
  323. webadmin/index.asp
  324. webadmin/admin.asp
  325. webadmin/login.asp
  326. admin/admin_login.asp
  327. admin_login.asp
  328. panel-administracion/login.asp
  329. adminLogin.asp
  330. admin/adminLogin.asp
  331. home.asp
  332. adminarea/index.asp
  333. adminarea/admin.asp
  334. adminarea/login.asp
  335. panel-administracion/index.asp
  336. panel-administracion/admin.asp
  337. modelsearch/index.asp
  338. modelsearch/admin.asp
  339. admincontrol/login.asp
  340. adm/admloginuser.asp
  341. admloginuser.asp
  342. admin2/login.asp
  343. admin2/index.asp
  344. adm/index.asp
  345. adm.asp
  346. affiliate.asp
  347. adm_auth.asp
  348. memberadmin.asp
  349. administratorlogin.asp
  350. siteadmin/login.asp
  351. siteadmin/index.asp
  352. ADMIN/
  353. paneldecontrol/
  354. login/
  355. cms/
  356. admon/
  357. ADMON/
  358. administrador/
  359. ADMIN/login.php
  360. panelc/
  361. ADMIN/login.html";
  362. function template() {
  363. echo '
  364. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  365. <html xmlns="http://www.w3.org/1999/xhtml">
  366. <head>
  367. <meta **********="Content-Type" *********"text/html; charset=utf-8" />
  368. <title>Admin page Finder </title>
  369. <style type="text/css">
  370. h1.technique-two {
  371. width: 795px; height: 120px;
  372. background: url(http://x0rg.org/styles/blackbox_red/imageset/site_logo.gif) no-repeat top center;
  373. margin: 0 auto;
  374. }
  375. body{
  376. background: #070707;
  377. margin: 0;
  378. padding: 0;
  379. padding-top: 10px;
  380. color: #FFF;
  381. font-family: Calibri;
  382. font-size: 13px;
  383. }
  384. a{
  385. color: #FFF;
  386. text-decoration: none;
  387. font-weight: bold;
  388. }
  389. .wrapper{
  390. width: 1000px;
  391. margin: 0 auto;
  392. }
  393. .tube{
  394. padding: 10px;
  395. }
  396. .red{
  397. width: 998px;
  398. border: 1px solid #e52224;
  399. background: #191919;
  400. color: #e52224
  401. }
  402. .red input{
  403. background: #000;
  404. border: 1px solid #e52224;
  405. color: #FFF;
  406. }
  407. .blue{
  408. float: left;
  409. width: 1000px;
  410. border: 1px solid #1d7fc3;
  411. background: #191919;
  412. color: #1d7fc3;
  413. }
  414. .green{
  415. float: left;
  416. width: 1000px;
  417. border: 1px solid #5fd419;
  418. background: #191919;
  419. color: #5fd419;
  420. }
  421. </style>
  422. <script type="text/javascript">
  423. <!--
  424. function insertcode($text, $place, $replace)
  425. {
  426. var $this = $text;
  427. var logbox = document.getElementById($place);
  428. if($replace == 0)
  429. document.getElementById($place).innerHTML = logbox.innerHTML+$this;
  430. else
  431. document.getElementById($place).innerHTML = $this;
  432. //document.getElementById("helpbox").innerHTML = $this;
  433. }
  434. -->
  435. </script>
  436. </head>
  437. <body>
  438. <br />
  439. <br />
  440. <h1 class="technique-two">
  441.  
  442.  
  443.  
  444. </h1>
  445.  
  446. <div class="wrapper">
  447. <div class="red">
  448. <div class="tube">
  449. <form action="" method="post" name="xploit_form">
  450. URL:<br /><input type="text" name="xploit_url" value="'.$_POST['xploit_url'].'" style="width: 100%;" /><br /><br />
  451. 404string:<br /><input type="text" name="xploit_404string" value="'.$_POST['xploit_404string'].'" style="width: 100%;" /><br /><br />
  452. <span style="float: right;"><input type="submit" name="xploit_submit" value="go for it" align="right" /></span>
  453. </form>
  454. <br />
  455. </div> <!-- /tube -->
  456. </div> <!-- /red -->
  457. <br />
  458. <div class="green">
  459. <div class="tube" id="rightcol">
  460. Verificat: <span id="verified">0</span> / <span id="total">0</span><br />
  461. Found ones:<br />
  462. </div> <!-- /tube -->
  463. </div> <!-- /green -->
  464. <br clear="all" /><br />
  465. <div class="blue">
  466. <div class="tube" id="logbox">
  467. <br />
  468. <br />
  469. Admin page Finder <br /><br />
  470. </div> <!-- /tube -->
  471. </div> <!-- /blue -->
  472. </div> <!-- /wrapper -->
  473. <br clear="all">';
  474. }
  475. function show($msg, $br=1, $stop=0, $place='logbox', $replace=0) {
  476. if($br == 1) $msg .= "<br />";
  477. echo "<script type=\"text/javascript\">insertcode('".$msg."', '".$place."', '".$replace."');</script>";
  478. if($stop == 1) exit;
  479. @flush();@ob_flush();
  480. }
  481. function check($x, $front=0) {
  482. global $_POST,$site,$false;
  483. if($front == 0) $t = $site.$x;
  484. else $t = 'http://'.$x.'.'.$site.'/';
  485. $headers = get_headers($t);
  486. if (!eregi('200', $headers[0])) return 0;
  487. $data = @file_get_contents($t);
  488. if($_POST['xploit_404string'] == "") if($data == $false) return 0;
  489. if($_POST['xploit_404string'] != "") if(strpos($data, $_POST['xploit_404string'])) return 0;
  490. return 1;
  491. }
  492.  
  493. // --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
  494. template();
  495. if(!isset($_POST['xploit_url'])) die;
  496. if($_POST['xploit_url'] == '') die;
  497. $site = $_POST['xploit_url'];
  498. if ($site[strlen($site)-1] != "/") $site .= "/";
  499. if($_POST['xploit_404string'] == "") $false = @file_get_contents($site."d65897f5380a21a42db94b3927b823d56ee1099a-this_can-t_exist.html");
  500. $list['end'] = str_replace("\r", "", $list['end']);
  501. $list['front'] = str_replace("\r", "", $list['front']);
  502. $pathes = explode("\n", $list['end']);
  503. $frontpathes = explode("\n", $list['front']);
  504. show(count($pathes)+count($frontpathes), 1, 0, 'total', 1);
  505. $verificate = 0;
  506. foreach($pathes as $path) {
  507. show('Checking '.$site.$path.' : ', 0, 0, 'logbox', 0);
  508. $verificate++; show($verificate, 0, 0, 'verified', 1);
  509. if(check($path) == 0) show('not found', 1, 0, 'logbox', 0);
  510. else{
  511. show('<span style="color: #00FF00;"><strong>found</strong></span>', 1, 0, 'logbox', 0);
  512. show('<a href="'.$site.$path.'">'.$site.$path.'</a>', 1, 0, 'rightcol', 0);
  513. }
  514. }
  515. preg_match("/\/\/(.*?)\//i", $site, $xx); $site = $xx[1];
  516. if(substr($site, 0, 3) == "www") $site = substr($site, 4);
  517. foreach($frontpathes as $frontpath) {
  518. show('Checking <a href="ucp.php?mode=register"><b>[ Debe registrarse para ver este enlace ]</b></a><!-- m -->#39;.'.$site.'/ : ', 0, 0, 'logbox', 0);
  519. $verificate++; show($verificate, 0, 0, 'verified', 1);
  520. if(check($frontpath, 1) == 0) show('not found', 1, 0, 'logbox', 0);
  521. else{
  522. show('<span style="color: #00FF00;"><strong>found</strong></span>', 1, 0, 'logbox', 0);
  523. show('<a href="http://'.$frontpath.'.'.$site.'/">'.$frontpath.'.'.$site.'</a>', 1, 0, 'rightcol', 0);
  524. }
  525.  
  526. }
  527. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!