API tools faq
paste
tobitaz

dirbust.php

tobitaz
Jun 19th, 2021 (edited)
290
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 8.32 KB | None | 0 0
raw download clone embed print report
  1. <html>
  2. <head>
  3. <meta name="viewport" content="width=device-width, initial-scale=1.0">
  4. </head>
  5. <style>
  6. body
  7. {
  8. background-color:black;
  9. }
  10. .myButton {     width:100%;
  11. box-shadow:inset 0px 1px 0px 0px #fff6af;   background:linear-gradient(to bottom, #ffec64 5%, #ffab23 100%);    background-color:#ffec64;   border-radius:6px;  border:1px solid #ffaa22;   display:inline-block;   cursor:pointer;     color:#333333;  font-family:Arial;  font-size:15px;     font-weight:bold;   padding:6px 24px;   text-decoration:none;   text-shadow:0px 1px 0px #ffee66; } .myButton:hover {    background:linear-gradient(to bottom, #ffab23 5%, #ffec64 100%);    background-color:#ffab23; } .myButton:active {  position:relative;  top:1px; }
  12. .kotak
  13. {
  14. border-radius:10px;
  15. width:100%;
  16. text-align:center;
  17. font-size:large;
  18. background-color:grey;
  19. border: 1px solid yellow;
  20. color:white;
  21. }
  22. .kotaks
  23. {
  24. border-radius:10px;
  25. width:100%;
  26. text-align:center;
  27. font-size:large;
  28. background-color:red;
  29. border: 1px solid yellow;
  30. color:white;
  31. }
  32. .op
  33. {
  34. border-radius:10px;
  35. text-align:center;
  36. font-size:large;
  37. background-color:yellow;
  38. border: 3px solid yellow;
  39. color:black;
  40. }
  41. .ops
  42. {
  43. border-radius:10px;
  44. text-align:center;
  45. font-size:large;
  46. background-color:red;
  47. border: 3px solid yellow;
  48. color:black;
  49. }
  50. .img
  51. {
  52. height:100px;
  53. width:100px;
  54. }
  55. .msj
  56. {
  57. position: relative;
  58. width: 100%;
  59. height:300%;
  60. border: 3px solid yellow;
  61. border-radius:10px;
  62. background-color:black;
  63. }
  64. .fon
  65. {
  66.  
  67. color:white;
  68. }
  69. .fn
  70. {
  71.  
  72. color:red;
  73. }
  74. .pjg
  75. {
  76. height:400%;
  77. }
  78. </style>
  79. <body>
  80. <font class="fon">
  81. <?php
  82. ini_set('max_execution_time', '0');
  83. set_time_limit(0);
  84. ignore_user_abort(1);
  85.  
  86.  
  87.  
  88.  
  89.  
  90. /*                 __
  91.                   / |\
  92.                  /    \
  93.                 /      \
  94.                |________|
  95.                 |      |  
  96.                 |      |
  97.                 |      |
  98.                 |      |
  99.                 |      |
  100.               __|______|__
  101.              /     __     \
  102.             |      \/      |
  103.              \_____/\_____/
  104.            Dirbuster   TOOL
  105.              
  106. */
  107.  
  108.  
  109. $url       = $_GET["url"];
  110. $useragent = $_SERVER['HTTP_USER_AGENT'];
  111. $timeout   = $_GET["ct"];
  112. $bodyscan  = $_GET["body"];
  113. $errorcode = $_GET["error"];
  114. $dic      = $_GET["wl"];
  115. $grab      = $_GET["grab"];
  116. $bg        = $_GET["bg"];
  117. $progres   = "100"; //bg progres tiap 100 word bole ubah
  118.  
  119.  
  120. if($url == null)
  121. { die('
  122. <form action="" method="get">
  123.  
  124. Url<br />
  125. <input class="kotak" name="url" value="http://chedet.cc/"/><br />
  126. cURL timeout<br />
  127. <input class="kotak" name="ct" value="10"/><br />
  128. [x]Custom error<br />
  129. <input class="kotaks" name="error" value="not found"/><br />
  130. Wordlist Source<br />
  131. <input class="kotak" name="wl" value="https://hackbbs.org/wordlists/dirbuster/directory-list-2.3-small.txt" /><br />
  132. [x]Content Scan<br />
  133. <select class="ops" name="body">
  134. <option value="OFF" />OFF</option>
  135. <option value="ON" />ON</option>
  136. </select>
  137. <br />
  138. path from URL<br />
  139. <select class="op" name="grab">
  140. <option value="ON" />ON</option>
  141. <option value="OFF" />OFF</option>
  142. </select>
  143. <br />
  144. *Background process(*result.txt)<br />
  145. <select class="op" name="bg">
  146. <option value="OFF" />OFF</option>
  147. <option value="ON" />ON</option>
  148. </select>
  149. <br />
  150. <input class="myButton" type="submit" value="scan!"/>
  151. </form>
  152. <br />
  153. <br />
  154. '); }
  155. else
  156. {
  157. echo "<div class='pjg'>";
  158.  
  159.  
  160. //krontol
  161. function kur($url)
  162. {
  163. global $useragent;
  164. global $timeout;
  165. global $bodyscan;
  166.  
  167. if($bodyscan == "OFF")
  168. {
  169. $curl = curl_init($url);
  170. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
  171. curl_setopt($curl, CURLOPT_USERAGENT, $useragent);
  172. curl_setopt($curl, CURLOPT_NOBODY, true);
  173. curl_setopt($curl, CURLOPT_FOLLOWLOCATION, TRUE);
  174. curl_setopt($curl, CURLOPT_TIMEOUT, $timeout);
  175. curl_exec($curl);
  176. $err = curl_getinfo($curl, CURLINFO_HTTP_CODE);
  177. curl_close($curl);
  178. return $err;
  179. }
  180. elseif($bodyscan == "ON")
  181. {
  182. $curl = curl_init($url);
  183. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
  184. curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
  185. curl_setopt($curl, CURLOPT_USERAGENT, $useragent);
  186. curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
  187. curl_setopt($curl, CURLOPT_FOLLOWLOCATION, TRUE);
  188. curl_setopt($curl, CURLOPT_TIMEOUT, $timeout);
  189. $result =curl_exec($curl);
  190. curl_close($curl);
  191. return $result;
  192. }
  193. }
  194.  
  195.  
  196.  
  197.  
  198. // untuk cek error
  199. function cekr($err)
  200. {
  201. global $bodyscan;
  202. global $errorcode;
  203. if($err !== false)
  204. {
  205.  if($bodyscan == "ON")
  206.   {
  207.   $str = stripos($err, $errorcode);
  208.   if($str === false)
  209.    {
  210.     return "ada";
  211.    }
  212.    else
  213.    {
  214.     return "xda";
  215.    }
  216.   }
  217.  elseif($bodyscan == "OFF")
  218.   {
  219.    if($err == 200)
  220.     {
  221.     return "ada";
  222.     }
  223.     elseif($err == 404)
  224.     {
  225.      return "xda";
  226.     }
  227.     elseif($err == 403)
  228.     {
  229.      return "m";
  230.     }
  231.     else
  232.     {
  233.      return $err;
  234.     }
  235.   }
  236.  }
  237.  else
  238.  {
  239.  return "f";
  240.  }
  241. }
  242.  
  243. //remove http https
  244.  
  245. function remhttp($urs)
  246. {
  247. $cekhttp = stripos($urs, "http://");
  248. $cekhttps = stripos($urs, "https://");
  249. if($cekhttp !== false)
  250. {
  251.  $rps = str_replace("http://", "", $urs);
  252.  return $rps;
  253. }
  254. if($cekhttps !== false)
  255. {
  256.  $rps = str_replace("https://", "", $urs);
  257.  return $rps;
  258. }
  259. }
  260.  
  261.  
  262. // function grab url source
  263. function graburl($url)
  264. {
  265. $f = file_get_contents($url);
  266. $dom = remhttp($url);
  267. $pat = '/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i';
  268. preg_match_all($pat,$f ,$anu);
  269. foreach($anu[0] as $phcis)
  270. {
  271. $cekdup = stripos($phcc, $phcis);
  272. $cekdom = stripos($phcis, $dom);
  273. if($cekdom > 0)
  274. {
  275. $phcc.= $phcis.PHP_EOL;
  276. }
  277. }
  278. return $phcc;
  279. }
  280. //url to path
  281.  
  282. function path($urk)
  283. {
  284. global $url;
  285. $domain = remhttp($url);
  286. $path = array_values(pathinfo($urk));
  287. $x = $path[0];
  288. $pjg  = strlen($x);
  289. $pjgd = strlen($domain);
  290. $mana = strrpos($x, $domain);
  291. $tolak= $pjg-$mana-$pjgd;
  292. $rest = substr($x, -$tolak);
  293. return $rest;
  294. }
  295.  
  296.  
  297. //grab
  298.  
  299.  
  300.  
  301. if($grab == "ON")
  302. {
  303. echo "GrabUrl:<font class='fn'>".$url."</font><hr>";
  304. $urls = explode(PHP_EOL, graburl($url));
  305.  foreach($urls as $u)
  306.   {
  307.   $clean = path($u);
  308.   $cekdobol = stripos($dobol, $clean);
  309.    if($cekdobol === false && $clean !== false)
  310.    {
  311.   echo "<br />found :<font class='fn'>".$clean."</font>";
  312.   $dobol.=$clean;
  313.   }
  314.   }
  315.   echo "<br /><hr>";
  316. }
  317.  
  318. // start scan dir
  319.  
  320. echo "import wordlist:<font class='fn'>".$dic."</font><br />
  321. Start scan dir:<font class='fn'>".$url."</font>
  322. <hr>";
  323. $word   = file_get_contents($dic);
  324. $saiz   = substr_count($word, PHP_EOL);
  325. $exword = explode(PHP_EOL, $word);
  326. $count  = 0;
  327.  
  328.  
  329. foreach($exword as $wa => $ww)
  330.  {
  331.  $w = preg_replace( "/\r|\n/", "", $ww);
  332.  $cekdic = stripos($w, "# ");
  333.  if($cekdic === false)
  334.  {
  335.  $uri = $url."/".$w;
  336.  $count = $count+1;
  337.  $jumpa = cekr(kur($uri));
  338.   if($jumpa == "ada")
  339.    {
  340.    if($bg == "OFF")
  341.           {
  342.           echo "<br />found dir: <font class='fn'>/".$w."</font>";
  343.           }
  344.    //save result
  345.    elseif($bg == "ON")
  346.           {
  347.            $file = fopen("result.txt","a+");
  348.            fwrite($file, PHP_EOL.PHP_EOL."found dir:/".$w.PHP_EOL);
  349.            fclose($file);
  350.            }
  351.    
  352.    }
  353.    elseif($jumpa == "xda")
  354.    {
  355.     if($count > $progres)
  356.     {
  357.         if($bg == "OFF")
  358.           {
  359.          
  360.           $persen    = 100 * $wa/$saiz;
  361.           echo "<br />[word:".$wa."]scaning...".round($persen, 2)."%";
  362.            unset($count);
  363.            }
  364.            elseif($bg == "ON")
  365.           {
  366.          
  367.           $persen    = 100 * $wa/$saiz;
  368.            $file = fopen("result.txt","a+");
  369.            fwrite($file, PHP_EOL."[word:".$wa."]scaning..".round($persen, 2)."%");
  370.            fclose($file);
  371.            unset($count);
  372.            }
  373.     }
  374.    }
  375.    elseif($jumpa == "m")
  376.       {
  377.          if($bg == "OFF")
  378.           {
  379.            echo "<br />forbidden dir: <font class='fn'>/".$w."</font>";
  380.            }
  381.    //save result
  382.          elseif($bg == "ON")
  383.           {
  384.           $file = fopen("result.txt","a+");
  385.            fwrite($file, PHP_EOL."forbiden dir:/".$w);
  386.            fclose($file);
  387.            }
  388.    }  
  389.    elseif($jumpa == "f")
  390.      {
  391.           if($bg == "OFF")
  392.            {
  393.            echo "<br />error cURL :";
  394.            }
  395.      }
  396.    else
  397.    {
  398.           if($bg == "OFF")
  399.           {
  400.           echo "<br />unknown error :".$jumpa;
  401.           }
  402.        
  403.    }
  404. }
  405.  else
  406.    {
  407.    #echo ".";
  408.   }      
  409. }
  410.  
  411. if($bg == "OFF")
  412. {
  413. echo "<br />DONE";
  414. }
  415. //if null
  416. }
  417.  
  418. ?>
  419. </div>
  420. </font>
  421. </body>
  422. </html>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!