[m] [SRC VB6] mCheckAdminPath [by *PsYkE1*]

Iniciado por Psyke1, 29 Julio 2010, 16:48 PM

0 Miembros y 1 Visitante están viendo este tema.

Imprimir
Ir Abajo Páginas1
Acciones del Usuario

Psyke1

29 Julio 2010, 16:48 PM Ultima modificación: 29 Julio 2010, 22:24 PM por *PsYkE1*
Hola, bueno aqui os traigo este buscador de adminpaths, no es que me apasione el tema del Deface y esas cosas, pero en fin... :P
Aviso de antemano que no tengo ni idea de esto, si veis cualquier cosa decidmela... ;)

Código (vb) [Seleccionar]

'----------------------------------------------------------------------------------------
' *Module  : mCheckAdminPath.bas
' *Author  : *PsYkE1*
' *Mail    : vbpsyke1@mixmail.com
' *Date    : 28/7/10
' *Purpose : Search admin paths of a Website
' *Greets  : xassiz
' *Web     : http://foro.rthacker.net
' *References : http://xassiz.blogspot.com/2009/12/tool-xassiz-pathfinder-by-xassiz.html
'----------------------------------------------------------------------------------------

Option Explicit

Public Function Check_Admin_Path(ByVal sWebSite As String) As String
   Dim sPosiblePath()          As String
   Dim sPosiblePass()          As String
   Dim sActualPath             As String
   Dim lTotalPosiblePass       As Long
   Dim lTotalPosiblePaths      As Long
   Dim y                       As Long
   Dim x                       As Long
   
   Const Paths As String = "admin/,paneldecontrol/,login/,adm/,cms/,admon/,administrador/,admin/login.php,ADMIN/login.php,admin/home.php,admin/controlpanel.html,admin/controlpanel.php,admin.php,admin.html,admin/cp.php,admin/cp.html,cp.php,cp.html,controlpanel/,panelc/,administrator/index.php,administrator/login.html,administrator/login.php,administrator/account.html," _
& "administrator/account.php,administrator.php,administrator.html,login.php,login.html,modelsearch/login.php,moderator.php,moderator.html,moderator/login.php,moderator/login.html,moderator/admin.php,moderator/admin.html,moderator/,account.php,account.html,controlpanel/," _
& "admin/index.asp,admin/login.asp,admin/home.asp,admin/controlpanel.asp,admin.asp,admin/cp.asp,cp.asp,administrator/index.asp,administrator/login.asp,administrator/account.asp,administrator.asp,login.asp,modelsearch/login.asp,moderator.asp,moderator/login.asp,moderator/admin.asp,account.asp," _
& "controlpanel.asp,admincontrol.asp,adminpanel.asp,fileadmin/,fileadmin.php,fileadmin.asp,fileadmin.html,administration/,administration.php,administration.html,sysadmin.php,sysadmin.html,phpmyadmin/,myadmin/,sysadmin.asp,sysadmin/,ur-admin.asp,ur-admin.php,ur-admin.html,ur-admin/,Server.php,Server.html,Server.asp,Server/,wp-admin/,administr8.php,administr8.html," _
& "administr8/,administr8.asp,webadmin/,webadmin.php,webadmin.asp,webadmin.html,administratie/,admins/,admins.php,admins.asp,admins.html,administrivia/,Database_Administration/,WebAdmin/,sysadmins/,admin1/,system-administration/,administrators/,pgadmin/,directadmin/,staradmin/,ServerAdministrator/,SysAdmin/,administer/,sys-admin/,typo3/," _
& "panel/,cpanel/,cPanel/,cpanel_file/,platz_login/,rcLogin/,blogindex/,formslogin/,autologin/,support_login/,meta_login/,manuallogin/,simpleLogin/,loginflat/,utility_login/,showlogin/,memlogin/,members/,login-redirect/,sub-login/,wp-login/,login1/,dir-login/,login_db/,xlogin/,smblogin/,customer_login/,login-us/,acct_login/,admin_area/,bigadmin/,project-admins/,phppgadmin/,pureadmin/," _
& "sql-admin/,radmind/,openvpnadmin/,wizmysqladmin/,vadmind/,ezsqliteadmin/,pwebjetadmin/,newsadmin/,adminpro/,Lotus_Domino_Admin/,bbadmin/,vmailadmin/,Indy_admin/,ccp14admin/,irc-macadmin/,banneradmin/,sshadmin/,phpldapadmin/,macadmin/,administratoraccounts/,admin4_account/,admin4_colon/,radmind-1/,Super-Admin/,AdminTools/,cmsadmin/,SysAdmin2/,globes_admin/,cadmins/,phpSQLiteAdmin/,navSiteAdmin/,server_admin_small/," _
& "logo_sysadmin/,server/,database_administration/,ADMIN/login.html,system_administration/,ss_vms_admin_sm/"
   
   Const Pass As String = "username/,usuario/,user/,password/,contraseña/,senha/,pass/,pwd/,psswrd/"
   
   If Len(sWebSite) > 0 Then
       If Right$(sWebSite, 1) <> "/" Then sWebSite = sWebSite & "/"
       
       sPosiblePass() = Split(Pass, ",")
       sPosiblePath() = Split(Paths, ",")
       lTotalPosiblePass = UBound(sPosiblePass())
       lTotalPosiblePaths = UBound(sPosiblePath())
       
       If Check_Web_Exists(sWebSite) = True Then
           For x = 0 To lTotalPosiblePaths
               sActualPath = sWebSite & sPosiblePath(x)
               If Check_Web_Exists(sActualPath) = True Then
                   For y = 0 To lTotalPosiblePass
                       sActualPath = sWebSite & sPosiblePath(x) & sPosiblePass(y)
                       If Check_Web_Exists(sActualPath) = True Then
                           Check_Admin_Path = sActualPath
                           Exit Function
                       End If
                   Next
               End If
           Next
       End If
   End If
End Function

Function Check_Web_Exists(ByVal sURL As String) As Boolean
   Dim oXHTTP          As Object
   Set oXHTTP = CreateObject("MSXML2.XMLHTTP")

   If Not UCase$(sURL) Like "HTTP:*" Then sURL = "http://" & sURL
   
   On Error GoTo Error_
   With oXHTTP
       .Open "HEAD", sURL, False
       .Send
       If .Status = 200 Then Check_Web_Exists = True
   End With
   
   Set oXHTTP = Nothing
   Exit Function
Error_:
End Function

Un ejemplo:
Código (vb) [Seleccionar]
Private Sub Form_Load()
   Dim sWeb        As String
   Dim sResult     As String
   
   sWeb = "http://www.xxxxxxxxxxx.net"
   sResult = Check_Admin_Path(sWeb)
   
   If Len(sResult) > 0 Then
       Debug.Print sResult
   Else
       Debug.Print "Not Found... :("
   End If
End Sub

Devuelve por ejemplo:
Citarhttp://www.xxxxxxxxxxx.net/system-administration/pwd/

DoEvents¡! :P
Imprimir
Ir Arriba Páginas1
Acciones del Usuario