Jump to content
Trizen

Ultimate Admin Login Scanner!

Recommended Posts

Posted (edited)

Complimente pentru cod.

De?i nu am g?sit riferiment la nici o licen?? mi-am permis s? fac cîteva schimb?ri la scriptul în python, le postez aici.

Speri c? nu te superi, în caz contrar m? anun?i.


#/usr/bin/python

import sys, os, time, httplib

if sys.platform == 'linux' or sys.platform == 'linux2':
clearing = 'clear'
else:
clearing = 'cls'
os.system(clearing)

about = """
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
< Admin Login Page Scanner v2.1 <
^ Folosire: admin-scan.py www.target.com ^
> 13/01/2009 Improved by Trizen >
> 14/01/2009 Modified by Xakepatop >
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"""
if len(sys.argv) != 2:
print about
sys.exit(1)

for arg in sys.argv:
if arg == '-h':
print about
sys.exit(1)

site = sys.argv[1].replace("http://","").rsplit("/",1)[0]
site = site.lower()

admin_paths = [ 'admin.php',
'admin/',
'admin/login.php',
'admin/index.php',
'administrator/',
'adm/',
'moderator/',
'webadmin/',
'panel-administracion/login.html',
'admin/cp.php',
'cp.php',
'administrator/index.php',
'administrator/login.php',
'nsw/admin/login.php',
'admin/admin_login.php',
'admin_login.php',
'administrator/account.php',
'administrator.php',
'adminarea/',
'bb-admin/',
'adminLogin/',
'admin_area/',
'panel-administration/',
'instadmin/',
'system-administration/',
'acct_login/',
'account_login/',
'admin/clienti.php',
'admincontrol/',
'adminpanel/',
'cpanel/',
'admin_login/',
'admincp/',
'administrare/',
'administrare-site/',
'admins/',
'banneradmin/',
'ccp14admin/',
'ccms/',
'vAdmin/',
'cadmins/',
'fileadmin/',
'database_administration/',
'bbadmin/',
'indy_admin/',
'controlpanel/',
'cp/',
'configure/',
'cpanel_file/',
'configuration/',
'cmsadmin/',
'vmailadmin/',
'login-redirect/',
'login-us/',
'myadmin/',
'sys-admin/',
'typo3',
'webmaster/',
'userlogin/',
'sysadmin/',
'useradmin/',
'administrator-login/',
'rclogin/',
'meta_login/',
'phppgadmin/',
'phpinfo/',
'newsadmin/',
'openvpnadmin/',
'phpmyadmin/',
'xlogin/',
'macadmin/',
'liveuser_admin/',
'power_user/',
'pureadmin/',
'radmind/',
'server/',
'wp-login/',
'user/',
'sql-admin/',
'showlogin/',
'simplelogin/',
'serveradministrator/',
'sshadmin/',
'ss_vms_admin_sm/',
'wp-admin/',
'panel/',
'vadmind/',
'v',
'vadmin/',
'admin4_account/',
'admin4_colon/',
'admin2/',
'admin1/',
'adm_auth/',
'memberadmin/',
'administratorlogin/',
'admin/admin.php',
'admin/account.php',
'joomla/administrator/',
'login.php',
'admin_area/admin.php',
'admin_area/login.php',
'siteadmin/login.php',
'siteadmin/login.html',
'admin/account.html',
'admin/index.html',
'admin/login.html',
'admin/admin.html',
'admin_area/index.php',
'bb-admin/index.php',
'bb-admin/admin.php',
'admin/home.php',
'admin_area/login.html',
'admin_area/index.html',
'admin/controlpanel.php',
'admincp/index.asp',
'admincp/login.asp',
'admincp/index.html',
'adminpanel.html',
'webadmin.html',
'webadmin/index.html',
'webadmin/admin.html',
'webadmin/login.html',
'admin/admin_login.html',
'admin_login.html',
'admin_area/admin.html',
'pages/admin/admin-login.php',
'admin/admin-login.php',
'admin-login.php',
'bb-admin/index.html',
'bb-admin/login.html',
'bb-admin/admin.html',
'admin/home.html',
'modelsearch/login.php',
'moderator.php',
'moderator/login.php',
'moderator/admin.php',
'account.php',
'pages/admin/admin-login.html',
'admin/admin-login.html',
'admin-login.html',
'control-panel.php',
'admincontrol.php',
'admin/adminLogin.html',
'adminLogin.html',
'home.html',
'adminarea/index.html',
'adminarea/admin.html',
'webadmin.php',
'webadmin/index.php',
'webadmin/admin.php',
'admin/controlpanel.html',
'admin.html',
'admin/cp.html',
'cp.html',
'adminpanel.php',
'moderator.html',
'administrator/index.html',
'administrator/login.html',
'user.html',
'administrator/account.html',
'administrator.html',
'login.html',
'modelsearch/login.html',
'moderator/login.html',
'adminarea/login.html',
'panel-administracion/index.html',
'panel-administracion/admin.html',
'modelsearch/index.html',
'4admin/',
'modelsearch/admin.html',
'admincontrol/login.html',
'adm/index.html',
'adm.html',
'moderator/admin.html',
'user.php',
'account.html',
'controlpanel.html',
'admincontrol.html',
'panel-administracion/login.php',
'wp-login.php',
'adminLogin.php',
'admin/adminLogin.php',
'home.php',
'adminarea/index.php',
'adminarea/admin.php',
'adminarea/login.php',
'panel-administracion/index.php',
'panel-administracion/admin.php',
'modelsearch/index.php',
'modelsearch/admin.php',
'admincontrol/login.php',
'adm/admloginuser.php',
'admloginuser.php',
'admin2.php',
'admin2/index.php',
'adm/index.php',
'adm.php',
'affiliate.php',
'adm_auth.php',
'memberadmin.php',
'siteadmin/index.php',
'bb-admin/login.php',
'webadmin/login.php',
'controlpanel.php',
'admin2/login.php',
'administratorlogin.php',
'utilizator/',
'cpanel.php',
'super-user/',
'superuser/',
'superutilizator.php',
'super-utilizator/',
'superutilizator/',
'utilizator.php',
'manager/',
'manager-site/',
'adminmail/',
'panel-administracion/',
'webmail/',
'v1/',
'v2/',
'v3/',
'adminpro/',
'admintools/',
'admloginuser/',
'admlogin/',
'author/',
'autologin/',
'banneradmin.php',
'bbadmin.php',
'bigadmin/',
'bigadmin.php',
'blogindex/',
'cms/',
'cms_admin/',
'customer_login/',
'customer/',
'customer_login.php',
'customer.php',
'db/',
'dir-login/',
'directadmin/',
'global_admin/',
'index_admin/',
'irc-admin/',
'irc-macadmin/',
'login_db/',
'login1/',
'logo_sysadmin/',
'maintenance/',
'manuallogin/',
'memberlogin/',
'member_login/',
'memlogin/',
'meta_login.php',
'myadmin.php',
'meta_login/admin.php',
'useradmin.php',
'useradmin/admin.php',
'ur-admin/',
'sysadmin2/',
'sysadmins/',
'support_login/',
'super-admin/',
'sub-login',
'staradmin',
'smblogin',
'server_admin_small',
'roots',
'root',
'radmind-1',
'project-admins',
'pages', ]

print about
print "\n[-] %s" % time.strftime("%X")

print "[+] Target:",site
print "[+] Checking paths..."
print

try:
for admin_path in admin_paths:
admin_path = admin_path.replace("\n","")
admin_path = "/" + admin_path
connection = httplib.HTTPConnection(site)
connection.request("GET",admin_path)
response = connection.getresponse()

if response.status != 404:
print "---------------------------------"

print "%s %s %s" % (admin_path, response.status, response.reason)

if response.status != 404:
print "^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^"
except(KeyboardInterrupt,SystemExit):
raise
except:
pass

Edited by Xakepatop
  • Upvote 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...