[PHP] WebdavVulnDorker

1. <?php
2. //Mau recode gan  ? ya gpp sih asal cantumin aja pembuatnya
3. //Ane juga pengen terkenal gan :v
4. print "\033[1;32m~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n";
5. print"**********************FDCI***********************\n";
6. print"**                   WEBDAV AUTO DORK          **\n";
7. print"**              Created By Abdul Muttaqin      **\n";
8. print"**           Forum Diskusi Cyber Indonesia     **\n";
9. print"**                            Group Fb         **\n";
10. print"**             facebook.com/groups/im523       **\n";
11. print"**                           My Facebook       **\n";
12. print"**        www.facebook.com/basmal106           **\n";
13. print"**********************FDCI***********************\n";
14. print"~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n";
15. print"\033[1;31m_____\n";
16. print"< WELCOME TO MY TOOLS BRADA ^_^  >\n";
17. print" -----\n";
18. print"\033[1;34m        \   ^__^\n";
19. print"         \  (oo)\_______\n";
20. print"            (__)\       )\/\n";
21. print"                ||----w |\n";
22. print"                ||     ||\n\033[1;33m";
23.  
24. set_time_limit(0);
25.  
26. function getsource($url) {
27.     $curl = curl_init($url);
28.     curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
29.     $content = curl_exec($curl);
30.     curl_close($curl);
31.     return $content;
32. }
33. function ngebing($dork,$nama){
34. $do = urlencode($dork);
35. if(isset($dork)) {
36.     $npage = 1;
37.     $npages = 30000;
38.     $allLinks = array();
39.     $lll = array();
40.     while($npage <= $npages) {
41.         $x = getsource("http://www.bing.com/search?q=".$do."&first=".$npage);
42.         if($x) {
43.             preg_match_all('#<h2><a href="(.*?)" h="ID#', $x, $findlink);
44.             foreach ($findlink[1] as $fl) array_push($allLinks, $fl);
45.             $npage = $npage + 10;
46.             if (preg_match("(first=" . $npage . "&amp)siU", $x, $linksuiv) == 0) break;
47.         } else break;
48.     }
49.     $URLs = array();
50.     foreach($allLinks as $url){
51.         $exp = explode("/", $url);
52.         $URLs[] = $exp[2];
53.     }
54.     $array = array_filter($URLs);
55.     $array = array_unique($array);
56.     $sss = count(array_unique($array));
57.     echo "[+] Mendapatkan [ $sss ] Sitd\n\n";
58.     foreach($array as $domain) {
59.     $s= "http://$domain/\n";
60.     $fp = fopen($nama,"a");
61.     fwrite($fp,$s);
62.     fclose($fp);
63.     echo $s;
64.     }
65. }
66. }
67.  
68. function ngehek($url)
69. {
70.     global $merah,$hijau;
71.     $biru = "\033[1;33m";
72.     $ungu = "\033[1;35m";
73.     $netral = "\033[1;0m";
74.  
75.     $c= curl_init();
76.     $curl=array(
77.         CURLOPT_URL=>$url,
78.         CURLOPT_RETURNTRANSFER=>1,
79.         CURLOPT_FOLLOWLOCATION=>0,
80.         );
81.     curl_setopt_array($c,$curl);
82.     $e = curl_exec($c);
83.     if(preg_match("/hacked/i",$e)){
84.         echo $biru."~Situs Vuln~ ".$netral."\n";
85.         echo " Situs =>  ".$url."\n";
86.     }else{
87.         echo $ungu."~ Situs Ga Vuln ~".$netral."\n";
88.         echo "Situs => ".$url."\n";
89.     }
90.     curl_close($c);
91. }
92.  
93. $dork_lol = getopt("t:k:");
94. if(empty($dork_lol))
95. {
96.  
97.     echo "penggunaan : php ".$argv[0]." -t=\"dork-webdav\" -k \"output.txt\" \n\n";
98. }else{
99. ngebing($dork_lol['t'],$dork_lol['k']);
100. if(file_exists($dork_lol['k']))
101. {
102.    
103. $gc=file_get_contents($dork_lol['k']);
104. $exp = explode("\n",$gc);
105. foreach($exp as $x){
106.     $url = "";
107.     ngehek($x.$url);
108.  
109. }
110. }else{
111.     echo "[+] File Buat Hasil Nya Mana Gan? ";
112. }
113. }
114.  
115.  
116. ?>