Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- set_time_limit(0);
- ?>
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <title>Subdomain Scanner</title>
- <style type="text/css">
- body
- {
- color: #ff;
- text-shadow: 2px 2px black;
- background-color: #282828;
- font-family: Arial, Helvetica, sans-serif;
- }
- pre
- {
- background-color: #353535;
- border: solid 1px #505050;
- }
- input
- {
- font-family: Arial, Helvetica, sans-serif;
- }
- .Button
- {
- padding: 5px 10px;
- background: #303030;
- border: solid #101010 1px;
- color: #fff;
- cursor: pointer;
- font-weight: bold;
- border-radius: 5px;
- -moz-border-radius: 5px;
- -webkit-border-radius: 5px;
- text-shadow: 1px 1px #000;
- }
- .Input
- {
- border: solid #101010 1px;
- color: white;
- font-weight: bold;
- padding: 3px;
- background-color: #252525;
- }
- </style>
- </head>
- <body>
- <div align="center">
- <pre>
- _________ ___. .___ .__ _________
- / _____/__ _\_ |__ __| _/____ _____ _____ |__| ____ / _____/ ____ _____ ____ ____ ___________
- \_____ \| | \ __ \ / __ |/ _ \ / \\__ \ | |/ \ \_____ \_/ ___\\__ \ / \ / \_/ __ \_ __ \
- / \ | / \_\ \/ /_/ ( <_> ) Y Y \/ __ \| | | \ / \ \___ / __ \| | \ | \ ___/| | \/
- /_______ /____/|___ /\____ |\____/|__|_| (____ /__|___| / /_______ /\___ >____ /___| /___| /\___ >__|
- \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/
- Coded By The Alchemist www.HackCommunity.com</pre>
- <br />
- <br />
- <?php
- ## Coded by The Alchemist
- //if file subdomains.inc does not exist, inform user
- if(!file_exists('subdomains.inc'))
- //here we inform the user to upload the file to include.
- {
- echo 'Please upload the list of subdomains as <span style="color: #F00;">subdomains.inc</span>';
- exit();
- }
- ?>
- //action is blank and its POST method
- <form action="" method="POST">
- // form that user sees and fills in once subdomains.inc has been uploaded to same directory as scanner.
- //"target" is the name of $_POST value, if its been set remove any malicious characters from it with htmlentities().
- // place holder is what the user sees as an example to follow:
- Enter URL : <input type="text" class="Input" name="target" value="<?php if(isset($_POST['target']))
- {echo htmlentities($_POST['target']);}?>" placeholder="http://example.com" size="50" />
- //submit button saying "scan" to user
- <input type="submit" name="submit" class="Button" value="Scan" />
- </form>
- <br />
- <br />
- <?php
- //validate the target URL (security), and if all has been set do instruction below it.
- if(isset($_POST['target'],$_POST['submit']) && filter_var($_POST['target'],FILTER_VALIDATE_URL))
- //require/include the subdomains.inc file
- {
- require('subdomains.inc');
- //parse_url() function breaks url into different parts, for instance <?php print_r(parse_url('http://cindycullen.com/example/test.php?id=255#faq1'))
- //will return, Array ( [scheme] => http [host] => cindycullen.com [path] => /example/test.php [query] => id=255 [fragment] => faq1 )
- $targ = parse_url($_POST['target']);
- //will take only the host name as the $targ variable has been parced and assign it to new $target variable
- $target = $targ['host'];
- //str_replace function removes the www from the hostname assigned to the $target variable
- $target = str_replace("www.","",$target);
- //assign value of 0 to $i variable
- $i = 0;
- //assign the names in $subdomains to $val variable and loop
- foreach($Subdomains as $val)
- //using curl now, assign a $url variables thatgoes like this
- //http://$val (containing our subdomain names), with $target appended to it which is the user supplied host.
- {
- $url = "http://".$val.".".$target;
- $ch[$i] = curl_init($url); //setup a new curl session
- curl_setopt($ch[$i], CURLOPT_PORT, 80); // set curl option to connect to port 80
- curl_setopt($ch[$i], CURLOPT_RETURNTRANSFER, true); //get contents
- $i++; //implement $i by 1
- }
- $numberof = $i;
- $mh = curl_multi_init(); // initialize a multi curl session
- for($i=0 ; $i < $numberof ; $i++) //I DONT UNDERSTAND THIS, AS $numberof and $i appear to hav ethe same value as they were assigned to each other 2 lines ago with, $numberof = $i;
- {
- curl_multi_add_handle($mh,$ch[$i]); //adding each individual curl session to multi curl handler
- }
- $null = NULL;
- try {
- curl_multi_exec($mh,$null);// execute multi curl sessions
- } catch(Exception $e) {
- echo "Could Not Execute"; //inform user of error
- }
- for($i = 0 ; $i < $numberof ; $i++) //SAME HERE AGAIN, I DO NOT UNDERSTAND DUE TO THEM HAVING THE SAME VALUE
- {
- if(!curl_error($ch[$i]) && !strstr(curl_multi_getcontent($ch[$i]))) //check if no error is given
- {
- echo '<span style="color: #F00;"> http://'.htmlentities($Subdomains[$i].".".$target).'</span> exists<br />';
- //give result to user in color
- }
- curl_multi_remove_handle($mh,$ch[$i]);
- curl_close($ch[$i]); //close curl
- }
- curl_multi_close($mh); //close the multi curl sessions
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement