Untitled

<?php
set_time_limit(0);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Subdomain Scanner</title>
<style type="text/css">

  body
  {
  color: #ff;
  text-shadow: 2px 2px black;
  background-color: #282828;
  font-family: Arial, Helvetica, sans-serif;
  }

  pre
  {
  background-color: #353535;
  border: solid 1px #505050;
  }

  input
  {
  font-family: Arial, Helvetica, sans-serif;
  }

  .Button
  {
  padding: 5px 10px;
  background: #303030;
  border: solid #101010 1px;
  color: #fff;
  cursor: pointer;
  font-weight: bold;
  border-radius: 5px;
  -moz-border-radius: 5px;
  -webkit-border-radius: 5px;
  text-shadow: 1px 1px #000;
  }

  .Input
  {
  border: solid #101010 1px;
  color: white;
  font-weight: bold;
  padding: 3px;
  background-color: #252525;
  }
    </style>
</head>

<body>
<div align="center">
<pre>
  _________    ___.        .___                    .__           _________
 /   _____/__ _\_ |__    __| _/____   _____ _____  |__| ____    /   _____/ ____ _____    ____   ____   ___________
 \_____  \|  |  \ __ \  / __ |/  _ \ /     \\__  \ |  |/    \   \_____  \_/ ___\\__  \  /    \ /    \_/ __ \_  __ \
 /        \  |  / \_\ \/ /_/ (  <_> )  Y Y  \/ __ \|  |   |  \  /        \  \___ / __ \|   |  \   |  \  ___/|  | \/
/_______  /____/|___  /\____ |\____/|__|_|  (____  /__|___|  / /_______  /\___  >____  /___|  /___|  /\___  >__|
        \/          \/      \/            \/     \/        \/          \/     \/     \/     \/     \/     \/
Coded By The Alchemist                                                                        www.HackCommunity.com</pre>
<br />
<br />
<?php
## Coded by The Alchemist
//if file subdomains.inc does not exist, inform user
if(!file_exists('subdomains.inc'))
//here we inform the user to upload the file to include.
{
    echo 'Please upload the list of subdomains as <span style="color: #F00;">subdomains.inc</span>';
    exit();
}
?>
//action is blank and its POST method
<form action="" method="POST">

// form that user sees and fills in once subdomains.inc has been uploaded to same directory as scanner.
//"target" is the name of $_POST value, if its been set remove any malicious characters from it with htmlentities().
// place holder is what the user sees as an example to follow:
Enter URL : <input type="text" class="Input" name="target" value="<?php if(isset($_POST['target']))
{echo htmlentities($_POST['target']);}?>" placeholder="http://example.com" size="50" />

//submit button saying "scan" to user
<input type="submit" name="submit" class="Button" value="Scan" />
</form>
<br />
<br />

<?php
//validate the target URL (security), and if all has been set do instruction below it.

if(isset($_POST['target'],$_POST['submit']) && filter_var($_POST['target'],FILTER_VALIDATE_URL))

//require/include the subdomains.inc file
{
    require('subdomains.inc');

 //parse_url() function breaks url into different parts, for instance <?php print_r(parse_url('http://cindycullen.com/example/test.php?id=255#faq1'))
 //will return, Array ( [scheme] => http [host] => cindycullen.com [path] => /example/test.php [query] => id=255 [fragment] => faq1 )

 $targ = parse_url($_POST['target']);

//will take only the host name as the $targ variable has been parced and assign it to new $target variable

$target = $targ['host'];

 //str_replace function removes the www from the hostname assigned to the $target variable

 $target = str_replace("www.","",$target);

//assign value of 0 to $i variable
 $i = 0;

//assign the names in $subdomains to $val variable and loop

foreach($Subdomains as $val)

    //using curl now, assign a $url variables thatgoes like this
    //http://$val (containing our subdomain names), with $target appended to it which is the user supplied host.
    {
        $url = "http://".$val.".".$target;
        $ch[$i] = curl_init($url); //setup a new curl session
        curl_setopt($ch[$i], CURLOPT_PORT, 80); // set curl option to connect to port 80
  curl_setopt($ch[$i], CURLOPT_RETURNTRANSFER, true); //get contents
        $i++; //implement $i by 1
    }
    $numberof = $i;
    $mh = curl_multi_init(); // initialize a multi curl session
    for($i=0 ; $i < $numberof ; $i++) //I DONT UNDERSTAND THIS, AS $numberof and $i appear to hav ethe same value as they were assigned to each other 2 lines ago with,   $numberof = $i;
    {
  curl_multi_add_handle($mh,$ch[$i]); //adding each individual curl session to multi curl handler
    }
    $null = NULL;
    try {
        curl_multi_exec($mh,$null);// execute multi curl sessions
    } catch(Exception $e) {
    echo "Could Not Execute"; //inform user of error
    }
    for($i = 0 ; $i < $numberof ; $i++) //SAME HERE AGAIN, I DO NOT UNDERSTAND DUE TO THEM HAVING THE SAME VALUE
    {
  if(!curl_error($ch[$i]) && !strstr(curl_multi_getcontent($ch[$i]))) //check if no error is given
  {
    echo '<span style="color: #F00;"> http://'.htmlentities($Subdomains[$i].".".$target).'</span> exists<br />';
    //give result to user in color
  }
  curl_multi_remove_handle($mh,$ch[$i]);
  curl_close($ch[$i]);   //close curl
    }
    curl_multi_close($mh); //close the multi curl sessions
}
?>