Directory Brute forcer

[Guest Kronzy]

#!/usr/bin/perl

use LWP::UserAgent;

my $ua = LWP::UserAgent->new;

$ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;

rv:1.8.1.3) Gecko/20070309

Firefox/2.0.0.4");

use strict;

sub uso{

if (!$ARGV[0]){

print "_____________________________________________\n";

print "___________coded by CrosS \n";

print "________________________Dir Bruter \n";

print "_____________________________________________\n";

print "\n[usage] perl bdir.pl http://www.website.com/ \n\n\n\n\n";

exit;

}

}

my

@dir=('index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000','website','xampp','access','active','adm','admin','_admin','administrator',

'administracion','_administracion','~administracion','administer',

'upload','uploads','~adm','~admin','~administrator','~guest','~mail',

'~operator','~root','~sys','~sysadm','~sysadmin','~test','~user','~www',

'~webmaster','admin_upload','admin_uploadpic','editpassword',

'manager_userinfo','manager_tongji','managerenter','incupfile','inc',

'upfile','admin_index','admin_admin','index_admin','index','admindefault',

'default','manage','login','manage_index','index_manage','admin1',

'admin_login','login_admin','ad_login','ad_manage','count','manager',

'adminlogin','adminuserlogin','adm_login','chklogin','adduser','adminuser',

'admin_user','edituser','adminadduser','adminmember','addmember','adminedit',

'admin_edit','up','upfiles','aadmin','admintab','admin_main','fileadmin',

'databases','includeinc','***','app','apacheasp','apps','archive','archives',

'asp','back','backup','back-up','bak','bakup','bak-up','basic','bea','bin',

'binaries','broken','c','cc','connections','ccs','cache','cgi','fcgi',

'cgibin','cgi-win','class','classes','classified','classifieds','code',

'common','credit','creditcards','cv','cvs','customer','customers',

'CYBERDOCS','CYBERDOCS25','CYBERDOCS31','d','dfiles','data','database',

'db','dbase','dbm','dbms','demo','dev','devel','develop','development',

'doc','docs','docs41','docs51','dms','e','email','downloads','ecommerce',

'ebriefs','error','errors','esales','echannel','esupport','etc','exec',

'executable','executables','extra','extranet','examples','exchange',

'fcgi-bin','functions','feedback','file','files','forum','forums','ftp',

'graphics','galeria','gallery','galerias','guestbook','guests','help',

'hidden','hide','home','homes','htm','html','imagen','images','icons',

'incs','include','includes','interactive','internet','intranet','java',

'javascript','js','jsp','keep','kept','ldap','lib','libs','libraries',

'links','log','logfiles','logs','lightbox2','mail','me','members','mine',

'mirror','mirrors','mp3','mp3s','ms','mssql','ms-sql','music','my','new',

'old','online','order','orders','pages','_pages','pass','passes','passwd',

'password','polls','passwords','perl','personal','personals','php','_php',

'phpincludes','pics','pl','pls','plx','press','priv','private','products',

'production','pub','public','removed','reports','root','sales','save',

'saved','scripts','secret','secrets','security','servlet','servlets',

'soap','soapdocs','source','site','sites','SiteServer','sql','src',

'staff','stats','statistics','ssi','stuff','support','temp','temps','test',

'text','texts','tmp','user','users','var','vb','vbs','vbscript','vbscripts',

'weblogic','www','xcache','xsql','zip','zips','W3SVC','W3SVC3','index.php',

'index.html','phpmyadmin','phpMyAdmin','.bash_history','upload.php',

'upload.asp','uploader.php','uploader.asp','phpinfo.php','_banners',

'_adv','468','88','ads','adv','ban','baners','bann','banner','banners',

'bannerz','be','begun','bn','bnr','cnstats','cnt','phpadsnew','server-status',

'server-info','.server-status','.server-info','.passwd','INSTALL','_vti_log',

'admcgi','_notes','_tmp','_temp','panel','_panel','~panel','upFiles','img',

'es','css','socios','Documentation','INSTALLsetup.php','Upfile','cgi-bin',

'content','secure','mysql','4Dbin','trustscn_pdos','trustscn_pdos1','_vti_bin',

'Connections','_mmServerScripts','bot','imag','lobatos','phpmyadm','Phpmyadmin',

'PhpMyAdmin','PhpGAdmin','PhpInclude','PhpIncludes','phpscripts','PhpScripts',

'_vti_txt','cgi-local','cgis','WS_FTP.LOG','User.php','Upload.php','AlbumDB.php',

'add_comment.php','add_photo.php','admin.php','adm.php','adm.asp','admin.asp','main',

'web','global','globals','uploader','logon','sign','signin','example','update',

'readme','client','clients','cmd','logfile','details','shtml','asa','jsa',

'txt','cfm','sav','nsf','bat','com','exe','dll','reg','tar','tar.gz','tgz',

'o','sh','member','auth','login.php','user.php','admin.php~','members.php',

'members.php~','configuration.php~','config.php~','Setting.php~','Settings.php~',

'Settings_bak.php~','Setting_bak.php~','config-bak.php~','member.php','users.php',

'webadmin.php','webadmin','miembro','miembros','administrador','administration',

'config.php.inc','config.php.inc~','configuration.php.inc','configuration.php.inc~',

'DBConnection.inc','includesDBConnection.inc','includesDBConnection.php.inc','files','correo','imagenes','.bashrc','securecontrolpanel');

&uso;

my $error = "HTTP/1.1 404 Not Found";

my $ok = "HTTP/1.1 200 OK";

my $mtemp = "HTTP/1.x 302 Found";

print "_____________________________________________\n";

print "___________coded by CrosS \n";

print "________________________Dir Bruter \n";

print "_____________________________________________\n";

print "Brute...\t".$ARGV[0]."\n\n";

print "!THERE!\n\n";

foreach my$scan(@dir){

my $web = $ARGV[0].$scan;

my $req = HTTP::Request->new(GET => $web);

my $mreq= $ua->request($req)->as_string;

if($mreq =~ /$ok/){

print "$ARGV[0]$scan\n";

}

}

[Erin]

Multumim

[badboy17]

Daca vreti sa faceti ca acel script sa ia fisierele sa le incerce dintr-un alt fisier, uitati aici niste wordlist destul de eficiente si mari:

Web Common Directories and Filenames – Word Lists Collection « Thireus' Bl0g