Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 2018-1-11 original version
- https://neonprimetime.blogspot.com/2018/01/python-script-search-open-directories.html
- from urllib.request import urlopen
- from urllib.request import urlretrieve
- import re
- import sys
- import os
- filepath = 'urls.txt'
- with open(filepath) as fp:
- theurl = fp.readline().strip()
- while theurl:
- if(not theurl.startswith('http')):
- if(":443" in theurl):
- theurl = 'https://' + theurl
- else:
- theurl = 'http://' + theurl
- stopnow = 0
- while stopnow == 0:
- try:
- html = urlopen(theurl, timeout=3)
- val = html.read()
- titles = re.findall(r'(?i)<title>(.*?)</title>',str(val))
- if len(titles) > 0:
- if titles[0].startswith('Index of'):
- #print(titles[0] + "," + theurl)
- zipfiles = re.findall(r'(?i)\"[^\"]+\.zip\"',str(val))
- if len(zipfiles) > 0:
- for zipfile in zipfiles:
- zipfile = zipfile.replace('\"', '')
- if theurl.endswith('/'):
- phishkit = theurl + zipfile
- else:
- phishkit = theurl + "/" + zipfile
- print(phishkit)
- try:
- urlretrieve(phishkit, zipfile)
- except:
- print("unable to download " + phishkit)
- exefiles = re.findall(r'(?i)\"[^\"]+\.exe\"',str(val))
- if len(exefiles) > 0:
- for exefile in exefiles:
- exefile = exefile.replace('\"', '')
- if theurl.endswith('/'):
- malware = theurl + exefile
- else:
- malware = theurl + "/" + exefile
- try:
- urlretrieve(malware, exefile)
- except:
- print("unable to download " + malware)
- panels = re.findall(r'(?i)\"(panel|webpanel)\"',str(val))
- if len(panels) > 0:
- for panel in panels:
- panel = panel.replace('\"', '')
- if theurl.endswith('/'):
- panelurl = theurl + panel
- else:
- panelurl = theurl + "/" + panel
- print(panelurl)
- theurl = re.sub(r'\/[^\/]*$', '', theurl)
- if theurl.endswith('http:/') or theurl.endswith('https:/'):
- stopnow = 1
- except:
- #print("ERROR," + theurl)
- stopnow = 1
- theurl = fp.readline()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement