Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- _____ _____ _ _____ _____ _____ _____ _____ _____
- ___| | __ |_| _ |_ _|___ ___|_ _| __| _ | |
- |_ -| --| -| | __| | | |- _|___| | | | __| | | | |
- |___|_____|__|__|_|__| |_| |___| |_| |_____|__|__|_|_|_|
- |s C R i P T z - T E A M . i N F O|
- Site Sub-Domain Finder
- USAGE:
- index.php?site=somesite.com
- */
- error_reporting(0);
- set_time_limit(0);
- $list = array(
- 'adm',
- 'admin',
- 'admins',
- 'agent',
- 'aix',
- 'alerts',
- 'av',
- 'antivirus',
- 'app',
- 'apps',
- 'appserver',
- 'archive',
- 'as400',
- 'auto',
- 'backup',
- 'banking',
- 'bbdd',
- 'bbs',
- 'bea',
- 'beta',
- 'blog',
- 'catalog',
- 'cgi',
- 'channel',
- 'channels',
- 'chat',
- 'cisco',
- 'client',
- 'clients',
- 'club',
- 'cluster',
- 'clusters',
- 'code',
- 'commerce',
- 'community',
- 'compaq',
- 'conole',
- 'consumer',
- 'contact',
- 'contracts',
- 'corporate',
- 'ceo',
- 'cso',
- 'cust',
- 'customer',
- 'cpanel',
- 'data',
- 'bd',
- 'db2',
- 'default',
- 'demo',
- 'design',
- 'desktop',
- 'dev',
- 'develop',
- 'developer',
- 'device',
- 'dial',
- 'digital',
- 'dir',
- 'directory',
- 'disc',
- 'discovery',
- 'disk',
- 'dns',
- 'dns1',
- 'dns2',
- 'dns3',
- 'docs',
- 'documents',
- 'domain',
- 'domains',
- 'dominoweb',
- 'download',
- 'downloads',
- 'ecommerce',
- 'e-commerce',
- 'edi',
- 'edu',
- 'education',
- 'email',
- 'enable',
- 'engine',
- 'engineer',
- 'enterprise',
- 'error',
- 'event',
- 'events',
- 'example',
- 'exchange',
- 'extern',
- 'external',
- 'extranet',
- 'fax',
- 'field',
- 'finance',
- 'firewall',
- 'forum',
- 'forums',
- 'fsp',
- 'ftp',
- 'ftp2',
- 'fw',
- 'fw1',
- 'gallery',
- 'galleries',
- 'games',
- 'gateway',
- 'gopher',
- 'guest',
- 'gw',
- 'hello',
- 'helloworld',
- 'help',
- 'helpdesk',
- 'helponline',
- 'hp',
- 'ibm',
- 'ibmdb',
- 'ids',
- 'ILMI',
- 'images',
- 'imap',
- 'imap4',
- 'img',
- 'imgs',
- 'info',
- 'intern',
- 'internal',
- 'intranet',
- 'invalid',
- 'iphone',
- 'ipsec',
- 'irc',
- 'ircserver',
- 'jobs',
- 'ldap',
- 'link',
- 'linux',
- 'lists',
- 'listserver',
- 'local',
- 'localhost',
- 'log',
- 'logs',
- 'login',
- 'lotus',
- 'mail',
- 'mailboxes',
- 'mailhost',
- 'management',
- 'manage',
- 'manager',
- 'map',
- 'maps',
- 'marketing',
- 'device',
- 'media',
- 'member',
- 'members',
- 'messenger',
- 'mngt',
- 'mobile',
- 'monitor',
- 'multimedia',
- 'music',
- 'my',
- 'names',
- 'net',
- 'netdata',
- 'netstats',
- 'network',
- 'news',
- 'nms',
- 'nntp',
- 'ns',
- 'ns1',
- 'ns2',
- 'ns3',
- 'ntp',
- 'online',
- 'openview',
- 'oracle',
- 'outlook',
- 'page',
- 'pages',
- 'partner',
- 'partners',
- 'pda',
- 'personal',
- 'ph',
- 'pictures',
- 'pix',
- 'pop',
- 'pop3',
- 'portal',
- 'press',
- 'print',
- 'printer',
- 'private',
- 'project',
- 'projects',
- 'proxy',
- 'public',
- 'ra',
- 'radio',
- 'raptor',
- 'ras',
- 'read',
- 'register',
- 'remote',
- 'report',
- 'reports',
- 'root',
- 'router',
- 'rwhois',
- 'sac',
- 'schedules',
- 'scotty',
- 'search',
- 'secret',
- 'secure',
- 'security',
- 'seri',
- 'serv',
- 'serv2',
- 'server',
- 'service',
- 'services',
- 'shop',
- 'shopping',
- 'site',
- 'sms',
- 'smtp',
- 'smtphost',
- 'snmp',
- 'snmpd',
- 'snort',
- 'solaris',
- 'solutions',
- 'support',
- 'source',
- 'sql',
- 'ssl',
- 'stats',
- 'store',
- 'stream',
- 'streaming',
- 'sun',
- 'support',
- 'switch',
- 'sysback',
- 'system',
- 'tech',
- 'terminal',
- 'test',
- 'testing',
- 'testing123',
- 'time',
- 'tivoli',
- 'training',
- 'transfers',
- 'uddi',
- 'update',
- 'upload',
- 'uploads',
- 'video',
- 'vpn',
- 'w1',
- 'w2',
- 'w3',
- 'wais',
- 'wap',
- 'web',
- 'webdocs',
- 'weblib',
- 'weblogic',
- 'webmail',
- 'webserver',
- 'webservices',
- 'websphere',
- 'whois',
- 'wireless',
- 'work',
- 'world',
- 'write',
- 'ws',
- 'ws1',
- 'ws2',
- 'ws3',
- 'www1',
- 'www2',
- 'www3'
- );
- if (isset($_GET['site']) && $_GET['site'] != "") {
- $site = $_GET['site'];
- foreach ($list as $path => $test) {
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_HEADER, 1);
- curl_setopt($ch, CURLOPT_URL, $test . "." . $site);
- $result = curl_exec($ch);
- $httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
- curl_close($ch);
- if ($httpcode >= 200) {
- echo "<br /> [!] w00t! Found sub-domain at [ $test." . "$site ]";
- } else {
- echo "<br /> [-] Nothing found on [$test." . "$site]";
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement