Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <head>
- <meta name="viewport" content="width=device-width, initial-scale=1.0">
- </head>
- <style>
- body
- {
- background-color:black;
- }
- .myButton { width:100%;
- box-shadow:inset 0px 1px 0px 0px #fff6af; background:linear-gradient(to bottom, #ffec64 5%, #ffab23 100%); background-color:#ffec64; border-radius:6px; border:1px solid #ffaa22; display:inline-block; cursor:pointer; color:#333333; font-family:Arial; font-size:15px; font-weight:bold; padding:6px 24px; text-decoration:none; text-shadow:0px 1px 0px #ffee66; } .myButton:hover { background:linear-gradient(to bottom, #ffab23 5%, #ffec64 100%); background-color:#ffab23; } .myButton:active { position:relative; top:1px; }
- .kotak
- {
- border-radius:10px;
- width:100%;
- text-align:center;
- font-size:large;
- background-color:grey;
- border: 1px solid yellow;
- color:white;
- }
- .kotaks
- {
- border-radius:10px;
- width:100%;
- text-align:center;
- font-size:large;
- background-color:red;
- border: 1px solid yellow;
- color:white;
- }
- .op
- {
- border-radius:10px;
- text-align:center;
- font-size:large;
- background-color:yellow;
- border: 3px solid yellow;
- color:black;
- }
- .ops
- {
- border-radius:10px;
- text-align:center;
- font-size:large;
- background-color:red;
- border: 3px solid yellow;
- color:black;
- }
- .img
- {
- height:100px;
- width:100px;
- }
- .msj
- {
- position: relative;
- width: 100%;
- height:300%;
- border: 3px solid yellow;
- border-radius:10px;
- background-color:black;
- }
- .fon
- {
- color:white;
- }
- .fn
- {
- color:red;
- }
- .pjg
- {
- height:400%;
- }
- </style>
- <body>
- <font class="fon">
- <?php
- ini_set('max_execution_time', '0');
- set_time_limit(0);
- ignore_user_abort(1);
- /* __
- / |\
- / \
- / \
- |________|
- | |
- | |
- | |
- | |
- | |
- __|______|__
- / __ \
- | \/ |
- \_____/\_____/
- Dirbuster TOOL
- */
- $url = $_GET["url"];
- $useragent = $_SERVER['HTTP_USER_AGENT'];
- $timeout = $_GET["ct"];
- $bodyscan = $_GET["body"];
- $errorcode = $_GET["error"];
- $dic = $_GET["wl"];
- $grab = $_GET["grab"];
- $bg = $_GET["bg"];
- $progres = "100"; //bg progres tiap 100 word bole ubah
- if($url == null)
- { die('
- <form action="" method="get">
- Url<br />
- <input class="kotak" name="url" value="http://chedet.cc/"/><br />
- cURL timeout<br />
- <input class="kotak" name="ct" value="10"/><br />
- [x]Custom error<br />
- <input class="kotaks" name="error" value="not found"/><br />
- Wordlist Source<br />
- <input class="kotak" name="wl" value="https://hackbbs.org/wordlists/dirbuster/directory-list-2.3-small.txt" /><br />
- [x]Content Scan<br />
- <select class="ops" name="body">
- <option value="OFF" />OFF</option>
- <option value="ON" />ON</option>
- </select>
- <br />
- path from URL<br />
- <select class="op" name="grab">
- <option value="ON" />ON</option>
- <option value="OFF" />OFF</option>
- </select>
- <br />
- *Background process(*result.txt)<br />
- <select class="op" name="bg">
- <option value="OFF" />OFF</option>
- <option value="ON" />ON</option>
- </select>
- <br />
- <input class="myButton" type="submit" value="scan!"/>
- </form>
- <br />
- <br />
- '); }
- else
- {
- echo "<div class='pjg'>";
- //krontol
- function kur($url)
- {
- global $useragent;
- global $timeout;
- global $bodyscan;
- if($bodyscan == "OFF")
- {
- $curl = curl_init($url);
- curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($curl, CURLOPT_USERAGENT, $useragent);
- curl_setopt($curl, CURLOPT_NOBODY, true);
- curl_setopt($curl, CURLOPT_FOLLOWLOCATION, TRUE);
- curl_setopt($curl, CURLOPT_TIMEOUT, $timeout);
- curl_exec($curl);
- $err = curl_getinfo($curl, CURLINFO_HTTP_CODE);
- curl_close($curl);
- return $err;
- }
- elseif($bodyscan == "ON")
- {
- $curl = curl_init($url);
- curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
- curl_setopt($curl, CURLOPT_USERAGENT, $useragent);
- curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
- curl_setopt($curl, CURLOPT_FOLLOWLOCATION, TRUE);
- curl_setopt($curl, CURLOPT_TIMEOUT, $timeout);
- $result =curl_exec($curl);
- curl_close($curl);
- return $result;
- }
- }
- // untuk cek error
- function cekr($err)
- {
- global $bodyscan;
- global $errorcode;
- if($err !== false)
- {
- if($bodyscan == "ON")
- {
- $str = stripos($err, $errorcode);
- if($str === false)
- {
- return "ada";
- }
- else
- {
- return "xda";
- }
- }
- elseif($bodyscan == "OFF")
- {
- if($err == 200)
- {
- return "ada";
- }
- elseif($err == 404)
- {
- return "xda";
- }
- elseif($err == 403)
- {
- return "m";
- }
- else
- {
- return $err;
- }
- }
- }
- else
- {
- return "f";
- }
- }
- //remove http https
- function remhttp($urs)
- {
- $cekhttp = stripos($urs, "http://");
- $cekhttps = stripos($urs, "https://");
- if($cekhttp !== false)
- {
- $rps = str_replace("http://", "", $urs);
- return $rps;
- }
- if($cekhttps !== false)
- {
- $rps = str_replace("https://", "", $urs);
- return $rps;
- }
- }
- // function grab url source
- function graburl($url)
- {
- $f = file_get_contents($url);
- $dom = remhttp($url);
- $pat = '/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i';
- preg_match_all($pat,$f ,$anu);
- foreach($anu[0] as $phcis)
- {
- $cekdup = stripos($phcc, $phcis);
- $cekdom = stripos($phcis, $dom);
- if($cekdom > 0)
- {
- $phcc.= $phcis.PHP_EOL;
- }
- }
- return $phcc;
- }
- //url to path
- function path($urk)
- {
- global $url;
- $domain = remhttp($url);
- $path = array_values(pathinfo($urk));
- $x = $path[0];
- $pjg = strlen($x);
- $pjgd = strlen($domain);
- $mana = strrpos($x, $domain);
- $tolak= $pjg-$mana-$pjgd;
- $rest = substr($x, -$tolak);
- return $rest;
- }
- //grab
- if($grab == "ON")
- {
- echo "GrabUrl:<font class='fn'>".$url."</font><hr>";
- $urls = explode(PHP_EOL, graburl($url));
- foreach($urls as $u)
- {
- $clean = path($u);
- $cekdobol = stripos($dobol, $clean);
- if($cekdobol === false && $clean !== false)
- {
- echo "<br />found :<font class='fn'>".$clean."</font>";
- $dobol.=$clean;
- }
- }
- echo "<br /><hr>";
- }
- // start scan dir
- echo "import wordlist:<font class='fn'>".$dic."</font><br />
- Start scan dir:<font class='fn'>".$url."</font>
- <hr>";
- $word = file_get_contents($dic);
- $saiz = substr_count($word, PHP_EOL);
- $exword = explode(PHP_EOL, $word);
- $count = 0;
- foreach($exword as $wa => $ww)
- {
- $w = preg_replace( "/\r|\n/", "", $ww);
- $cekdic = stripos($w, "# ");
- if($cekdic === false)
- {
- $uri = $url."/".$w;
- $count = $count+1;
- $jumpa = cekr(kur($uri));
- if($jumpa == "ada")
- {
- if($bg == "OFF")
- {
- echo "<br />found dir: <font class='fn'>/".$w."</font>";
- }
- //save result
- elseif($bg == "ON")
- {
- $file = fopen("result.txt","a+");
- fwrite($file, PHP_EOL.PHP_EOL."found dir:/".$w.PHP_EOL);
- fclose($file);
- }
- }
- elseif($jumpa == "xda")
- {
- if($count > $progres)
- {
- if($bg == "OFF")
- {
- $persen = 100 * $wa/$saiz;
- echo "<br />[word:".$wa."]scaning...".round($persen, 2)."%";
- unset($count);
- }
- elseif($bg == "ON")
- {
- $persen = 100 * $wa/$saiz;
- $file = fopen("result.txt","a+");
- fwrite($file, PHP_EOL."[word:".$wa."]scaning..".round($persen, 2)."%");
- fclose($file);
- unset($count);
- }
- }
- }
- elseif($jumpa == "m")
- {
- if($bg == "OFF")
- {
- echo "<br />forbidden dir: <font class='fn'>/".$w."</font>";
- }
- //save result
- elseif($bg == "ON")
- {
- $file = fopen("result.txt","a+");
- fwrite($file, PHP_EOL."forbiden dir:/".$w);
- fclose($file);
- }
- }
- elseif($jumpa == "f")
- {
- if($bg == "OFF")
- {
- echo "<br />error cURL :";
- }
- }
- else
- {
- if($bg == "OFF")
- {
- echo "<br />unknown error :".$jumpa;
- }
- }
- }
- else
- {
- #echo ".";
- }
- }
- if($bg == "OFF")
- {
- echo "<br />DONE";
- }
- //if null
- }
- ?>
- </div>
- </font>
- </body>
- </html>
Add Comment
Please, Sign In to add comment