API tools faq
paste
killdash9x
killdash9x
Jul 2nd, 2025
15
0
Never
Add comment
This is comment for paste ADMIN FINDER
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.28 KB | 0 0
raw download clone embed print report
  1. i see what youre doing here, its alright..though it should be cleaned up/refactored i think this is a bit more clear:
  2.  
  3. #!/usr/bin/perl
  4. use strict;
  5. use warnings;
  6. use feature 'say';
  7.  
  8. use LWP::UserAgent;
  9. use HTTP::Request;
  10.  
  11. # --- Configuration ---
  12. # All results save to one consistent file.
  13. my $output_file = 'found_admin_panels.txt';
  14.  
  15. # A single, case-insensitive regex for matching keywords. Much cleaner!
  16. my $login_keywords_regex = qr/user|login|password|clave|senha|usager|admin|sign in/i;
  17.  
  18. # A single, master list of paths to check. No more repetition.
  19. my @base_paths = (
  20. 'admin/', 'administrator/', 'admin1/', 'admin2/', 'admin3/', 'admin4/', 'admin5/',
  21. 'moderator/', 'webadmin/', 'adminarea/', 'bb-admin/', 'adminLogin/', 'admin_area/',
  22. 'panel-administracion/', 'instadmin/', 'memberadmin/', 'administratorlogin/', 'adm/',
  23. 'admin/account', 'admin/index', 'admin/login', 'admin/admin', 'admin_area/admin',
  24. 'admin_area/login', 'admin_area/index', 'bb-admin/index', 'bb-admin/login',
  25. 'bb-admin/admin', 'admin/home', 'admin/controlpanel', 'admin/cp', 'cp',
  26. 'administrator/index', 'administrator/login', 'administrator/account', 'login',
  27. 'modelsearch/login', 'moderator', 'moderator/login', 'moderator/admin',
  28. 'account', 'controlpanel', 'admincontrol', 'admin_login', 'panel-administracion/login',
  29. 'adminLogin', 'admin/adminLogin', 'home', 'adminarea/index', 'adminarea/admin',
  30. 'adminarea/login', 'panel-administracion/index', 'panel-administracion/admin',
  31. 'modelsearch/index', 'modelsearch/admin', 'admincontrol/login', 'adm/index',
  32. 'adm/admloginuser', 'admin2', 'admin2/login', 'admin2/index', 'siteadmin/login',
  33. 'siteadmin/index', 'wp-login', 'wp-admin/'
  34. );
  35.  
  36. # Map user's choice to a file extension. Easy to add more later.
  37. my %tech_map = (
  38. '1' => ['php'],
  39. '2' => ['asp'],
  40. '3' => ['aspx'],
  41. '4' => ['cfm'],
  42. '5' => ['js'],
  43. '6' => ['cgi'],
  44. '7' => ['brf'],
  45. '8' => ['php', 'html', 'htm', 'asp'] # "Intense" scans for multiple types
  46. );
  47. # --- End Configuration ---
  48.  
  49.  
  50. # --- Main Program ---
  51. # Get user input
  52. print "Enter Target (e.g., www.example.com): ";
  53. my $site = <STDIN>;
  54. chomp $site;
  55.  
  56. print "Save Results? (y/n): ";
  57. my $save_choice = <STDIN>;
  58. chomp $save_choice;
  59.  
  60. print "Target source:\n [1] php [2] asp [3] aspx [4] cfm [5] js [6] cgi [7] brf [8] Intense\n: ";
  61. my $code = <STDIN>;
  62. chomp $code;
  63.  
  64. # Validate user's choice for technology
  65. unless (exists $tech_map{$code}) {
  66. die("Invalid selection. Exiting.");
  67. }
  68.  
  69. # Normalize the URL
  70. $site = 'http://' . $site if $site !~ /^http:/;
  71. $site = $site . '/' if $site !~ /\/$/;
  72.  
  73. say "\n-> Target: $site";
  74. say "-> Searching for admin panel...";
  75.  
  76. # Generate the final list of URLs to test
  77. my @urls_to_scan;
  78. foreach my $ext (@{$tech_map{$code}}) {
  79. foreach my $path (@base_paths) {
  80. # Don't add an extension if the path already ends in one or is a directory
  81. if ($path =~ /\/$/ || $path =~ /\./) {
  82. push @urls_to_scan, $site . $path;
  83. } else {
  84. push @urls_to_scan, $site . $path . '.' . $ext;
  85. }
  86. }
  87. }
  88. # Remove duplicate URLs that might have been generated
  89. my %seen;
  90. @urls_to_scan = grep { !$seen{$_}++ } @urls_to_scan;
  91.  
  92. # Create a UserAgent object
  93. my $ua = LWP::UserAgent->new;
  94. $ua->timeout(10); # Set a reasonable timeout
  95. $ua->agent("Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36");
  96.  
  97. # Loop through and scan each URL
  98. foreach my $url (@urls_to_scan) {
  99. my $request = HTTP::Request->new(GET => $url);
  100. my $response = $ua->request($request);
  101.  
  102. # Check the response
  103. if ($response->is_success && $response->decoded_content =~ $login_keywords_regex) {
  104. say "[+] Found -> $url";
  105. if ($save_choice eq 'y') {
  106. save_result($url);
  107. }
  108. } else {
  109. print "[-] Not Found <- $url\n";
  110. }
  111. }
  112.  
  113. say "\nScan complete.";
  114. # --- End Main Program ---
  115.  
  116.  
  117. # --- Subroutines ---
  118. sub save_result {
  119. my ($found_url) = @_;
  120.  
  121. # Use modern, 3-argument open with a lexical filehandle. Safer!
  122. open(my $fh, '>>', $output_file) or warn "Could not open file '$output_file': $!";
  123. say $fh $found_url;
  124. close $fh;
  125. print " (Result saved to $output_file)\n";
  126. }
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!