mass admin finder

1. #!/usr/bin/perl
2.  
3. ##########################################################################################
4. #Coded bY boER                                                                           #
5. #                                                                                        #
6. #Edited by B47CH GURU on 06-07-2011                                                      #
7. #if any bugs are found ...plz do inform me at [email protected]                   #
8. #----------------------------------------------------------------------------------------#
9. #To all script kiddies..... changing the "made by" headers wont make you the coder...!!  #
10. #Respect the coderz..!!!                                                                 #
11. ##########################################################################################
12. use LWP::UserAgent;
13.  
14. my $ua = LWP::UserAgent->new();
15.  
16. $ua->timeout (10);
17.  
18. $ua->agent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801");
19. $list =$ARGV[0];
20. $loged =$ARGV[1];
21. $option =$ARGV[2];
22. $u="adminfinder -"&$list&" "&$logged&" "&$option;
23. unless($ARGV[1]){
24. if($^O =~ /Win/){
25.  
26.    system("cls");
27.    system("title " & $u);
28. }else{
29.  
30.    system("clear");
31.  
32. }
33.  
34.  print ("##############################################################\n");
35.  
36.  print ("\nUsage: perl <website_list.txt> <log.txt> [optional <option>]\n");
37.  print ("\n");
38.  print ("-------------------------------------------------------------\n");
39.  print ("1- detects every admin page but only writes the first found\n");
40.  print ("2- if one admin page found then dont check for other\n");
41.  print ("3- detects everything and logs everything\n");
42.  print ("\n");
43.  print (" -------------------\n");
44.  print ("|Default option is 3|\n");
45.  print (" -------------------\n");
46.  print ("\n");
47.  print ("-------------------------------------------------------------\n");
48.  
49. print ("\n#############################################################\n");
50.  
51.   exit(0);
52.  
53. }
54.  
55. if($^O =~ /Win/){
56.  
57.    system("cls");
58.  
59. }else{
60.  
61.    system("clear");
62.  
63. }
64. #Bhai here you can Toggle your default option
65. ##############################################
66. if($option==''){
67. $option=3;
68. }
69.  
70. #############################################
71.  print ("#######################################################\n");
72.  
73.  print ("               Scanner Directory!\n");
74.  
75.  print ("#######################################################\n");
76.  
77.  print (" 200 - OK\n");
78.  
79.  print (" 401 - Authorization Required\n");
80.  
81.  print (" 403 - Forbidden\n");
82.  
83.  print (" 500 - Bad Hostname | Internal Server Error\n");
84.  
85.  print ("\n");
86.  
87.  print (" ------------\n");
88.  
89.  print ("|option is $option|\n");
90.  
91.  print (" ------------\n");
92.  
93.  print ("########################################################\n");
94.  
95. $webcl = clear($ARGV[0]);
96. open FILE, "+>$loged" or die $!;
97.  @paths = ("/administrator/","/admin/","/admin/login.php","/login.php","/wp-admin/");
98. $web = $webcl;
99. $ast = 0;
100. $astr=1;
101.  
102. brute();
103.  
104.  print ("\n# Scanning Finished\n");
105.  
106. sub brute{
107.  
108.    $web = shift;
109. @paths = ("/administrator/","/admin/","/admin/login.php","/login.php","/wp-admin/");
110.    
111.    open (PASSFILE, "<$list") || die "[-] Can't open the Website list !";
112. @PASSWORDS = <PASSFILE>;
113. close PASSFILE;
114. loop: foreach $P(@PASSWORDS) {
115.  
116. chomp($P);
117. $webcl=$P;
118.  
119.  $webcl = trim($webcl);
120. $webcl = clear($webcl);
121. print ("\n# Scanning: $webcl\n\n");
122. @paths = ("/administrator/","/admin/","/admin.php","/admin/login.php","/login.php","/wp-admin/");
123. $ast=0;
124. $astr=1;
125. foreach $path(@paths){
126.  
127.       chomp($path);
128.  
129.       $code = $ua->get($webcl . $path)->status_line;
130.  
131.       if($option=~/1/){
132.       check_codefirst($code,$path,$astr);
133.      }
134.       if($option=~/2/){
135.       check_codesec($code,$path);
136.      }
137.      if($option=~/3/){
138.       check_codethr($code,$path);
139.      }
140.    
141. if($ast=~1){
142. next loop;
143. }
144.    
145. }
146. }
147. close FILE;
148. }
149.  
150. sub check_codesec{
151.  
152.    $ncode = shift;
153.  
154.    $path = shift;
155.    
156.    $wp = $webcl . $path;
157.  
158.    if($ncode =~ /200/){
159.  
160.      print ("$wp\t=>\t200 OK\n");
161.      $ast = 1;
162. print FILE "$wp\n";
163.  
164.    }
165.  
166.    if($ncode =~ /401/){
167.  
168.      print ("$wp\t=>\t401 Authorization Required\n");
169.  
170.    }
171.  
172.    if($ncode =~ /403/){
173.  
174.      print ("$wp\t=>\t403 Forbidden\n");
175.  
176.    }
177.  
178.    if($ncode =~ /500/){
179.  
180.      print ("$wp\t=>\t500 Internal Server Error\n");
181.      
182.  
183.    }
184.    if($ncode =~ /Moved/){
185.  
186.      print ("$wp\t=>\t500 Moved\n");
187.      print FILE $wp;
188. $ast = 1;
189.    }
190.  
191. }
192.  
193.  
194. sub check_codefirst{
195.  
196.    $ncode = shift;
197.  
198.    $path = shift;
199. $astr = shift;
200.    $wp = $webcl . $path;
201.  
202.    if($ncode =~ /200/){
203.      print ("$wp\t=>\t200 OK\n");
204.    
205. if($astr=~ /1/){
206. print FILE "$wp\n";
207.  
208. }
209. $astr=0
210.    }
211.  
212.    if($ncode =~ /401/){
213.  
214.      print ("$wp\t=>\t401 Authorization Required\n");
215.  
216.    }
217.  
218.    if($ncode =~ /403/){
219.  
220.      print ("$wp\t=>\t403 Forbidden\n");
221.  
222.    }
223.  
224.    if($ncode =~ /500/){
225.  
226.      print ("$wp\t=>\t500 Internal Server Error\n");
227.      
228.  
229.    }
230.    if($ncode =~ /Moved/){
231.  
232.      print ("$wp\t=>\t500 Moved\n");
233.      if ($astr=~ /1/){
234. print FILE "$wp\n";
235. }
236. $astr=0
237.    }
238.  
239. }
240.  
241. sub check_codethr{
242.  
243.    $ncode = shift;
244.  
245.    $path = shift;
246.  
247.    $wp = $webcl . $path;
248.  
249.    if($ncode =~ /200/){
250.  
251.      print ("$wp\t=>\t200 OK\n");
252.      
253. print FILE "$wp\n";
254.  
255.    }
256.  
257.    if($ncode =~ /401/){
258.  
259.      print ("$wp\t=>\t401 Authorization Required\n");
260.  
261.    }
262.  
263.    if($ncode =~ /403/){
264.  
265.      print ("$wp\t=>\t403 Forbidden\n");
266.  
267.    }
268.  
269.    if($ncode =~ /500/){
270.  
271.      print ("$wp\t=>\t500 Internal Server Error\n");
272.      
273.  
274.    }
275.    if($ncode =~ /Moved/){
276.  
277.      print ("$wp\t=>\t500 Moved\n");
278.      print FILE $wp;
279.  
280.    }
281.  
282. }
283.  
284. sub clear{
285.  
286.    $website = shift;
287.  
288.    if($website !~ /^http/){
289.  
290.       $website = 'http://www.' . $website;
291.  
292.    }
293.  
294.    
295.  
296.    return $website;
297.  
298. }
299.  
300. sub trim{
301.   $string = shift;
302.   $string =~ s/^\s+//;            
303.   $string =~ s/\s+$//;
304.   return $string;        
305. }