Untitled

#!/usr/bin/perl

#

#bY boER

use LWP::UserAgent;

my $ua = LWP::UserAgent->new();

$ua->timeout(10);

$ua->agent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801");

unless($ARGV[0]){

OUT("#############################################\n");

OUT("\n Usage: perl $0 website\n");

OUT("\n#############################################\n");

exit(0);

}

if($^O =~ /Win/){

system("cls");

}else{

system("clear");

}

OUT("#############################################\n");

OUT(" Scanner Directory!\n");

OUT("#############################################\n");

OUT(" 200 - OK\n");

OUT(" 401 - Authorization Required\n");

OUT(" 403 - Forbidden\n");

OUT(" 500 - Bad Hostname | Internal Server Error\n");

OUT("#############################################\n");

$webcl = clear($ARGV[0]);

OUT("\n# Scanning: $webcl\n\n");

brute($webcl);

OUT("\n# Scanning Finished\n");

sub brute{

$web = shift;

@paths = ("access","active","adm","admin","_admin","administrator",

"administracion","_administracion","~administracion","administer",

"upload","uploads","~adm","~admin","~administrator","~guest","~mail",

"~operator","~root","~sys","~sysadm","~sysadmin","~test","~user","~www",

"~webmaster","admin_upload","admin_uploadpic","editpassword",

"manager_userinfo","manager_tongji","managerenter","incupfile","inc",

"upfile","admin_index","admin_admin","index_admin","index","admindefault",

"default","manage","login","manage_index","index_manage","admin1",

"admin_login","login_admin","ad_login","ad_manage","count","manager",

"adminlogin","adminuserlogin","adm_login","chklogin","adduser","adminuser",

"admin_user","edituser","adminadduser","adminmember","addmember","adminedit",

"admin_edit","up","upfiles","aadmin","admintab","admin_main","fileadmin",

"databases","includeinc","***","app","apacheasp","apps","archive","archives",

"asp","back","backup","back-up","bak","bakup","bak-up","basic","bea","bin",

"binaries","broken","c","cc","connections","ccs","cache","cgi","fcgi",

"cgibin","cgi-win","class","classes","classified","classifieds","code",

"common","credit","creditcards","cv","cvs","customer","customers",

"CYBERDOCS","CYBERDOCS25","CYBERDOCS31","d","dfiles","data","database",

"db","dbase","dbm","dbms","demo","dev","devel","develop","development",

"doc","docs","docs41","docs51","dms","e","email","downloads","ecommerce",

"ebriefs","error","errors","esales","echannel","esupport","etc","exec",

"executable","executables","extra","extranet","examples","exchange",

"fcgi-bin","functions","feedback","file","files","forum","forums","ftp",

"graphics","galeria","gallery","galerias","guestbook","guests","help",

"hidden","hide","home","homes","htm","html","imagen","images","icons",

"incs","include","includes","interactive","internet","intranet","java",

"javascript","js","jsp","keep","kept","ldap","lib","libs","libraries",

"links","log","logfiles","logs","lightbox2","mail","me","members","mine",

"mirror","mirrors","mp3","mp3s","ms","mssql","ms-sql","music","my","new",

"old","online","order","orders","pages","_pages","pass","passes","passwd",

"password","polls","passwords","perl","personal","personals","php","_php",

"phpincludes","pics","pl","pls","plx","press","priv","private","products",

"production","pub","public","removed","reports","root","sales","save",

"saved","scripts","secret","secrets","security","servlet","servlets",

"soap","soapdocs","source","site","sites","SiteServer","sql","src",

"staff","stats","statistics","ssi","stuff","support","temp","temps","test",

"text","texts","tmp","user","users","var","vb","vbs","vbscript","vbscripts",

"weblogic","www","xcache","xsql","zip","zips","W3SVC","W3SVC3","index.php",

"index.html","phpmyadmin","phpMyAdmin",".bash_history","upload.php",

"upload.asp","uploader.php","uploader.asp","phpinfo.php","_banners",

"_adv","468","88","ads","adv","ban","baners","bann","banner","banners",

"bannerz","be","begun","bn","bnr","cnstats","cnt","phpadsnew","server-status",

"server-info",".server-status",".server-info",".passwd","INSTALL","_vti_log",

"admcgi","_notes","_tmp","_temp","panel","_panel","~panel","upFiles","img",

"es","css","socios","Documentation","INSTALLsetup.php","Upfile","cgi-bin",

"content","secure","mysql","4Dbin","trustscn_pdos","trustscn_pdos1","_vti_bin",

"Connections","_mmServerScripts","bot","imag","lobatos","phpmyadm","Phpmyadmin",

"PhpMyAdmin","PhpGAdmin","PhpInclude","PhpIncludes","phpscripts","PhpScripts",

"_vti_txt","cgi-local","cgis","WS_FTP.LOG","User.php","Upload.php","AlbumDB.php",

"add_comment.php","add_photo.php","admin.php","adm.php","adm.asp","admin.asp","main",

"web","global","globals","uploader","logon","sign","signin","example","update",

"readme","client","clients","cmd","logfile","details","shtml","asa","jsa",

"txt","cfm","sav","nsf","bat","com","exe","dll","reg","tar","tar.gz","tgz",

"o","sh","member","auth","login.php","user.php","admin.php~","members.php",

"members.php~","configuration.php~","config.php~","Setting.php~","Settings.php~",

"Settings_bak.php~","Setting_bak.php~","config-bak.php~","member.php","users.php",

"webadmin.php","webadmin","miembro","miembros","administrador","administration",

"config.php.inc","config.php.inc~","configuration.php.inc","configuration.php.inc~",

"DBConnection.inc","includesDBConnection.inc","includesDBConnection.php.inc");

foreach $path(@paths){

chomp($path);

$code = $ua->get($web . $path)->status_line;

check_code($code,$path);

}

}

sub check_code{

$ncode = shift;

$path = shift;

$wp = $webcl . $path;

if($ncode =~ /200/){

OUT("$wp\t=>\t200 OK\n");

}

if($ncode =~ /401/){

OUT("$wp\t=>\t401 Authorization Required\n");

}

if($ncode =~ /403/){

OUT("$wp\t=>\t403 Forbidden\n");

}

if($ncode =~ /500/){

OUT("$wp\t=>\t500 Internal Server Error\n");

}

}

sub clear{

$website = shift;

if($website !~ /^http/){

$website = 'http://' . $website;

}

if($website !~ /\/$/){

$website.='/';

}

return $website;

}

sub OUT{

$msg = shift;

syswrite STDOUT, "$msg";

}