Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
992Proxy

Locked phpMyAdmin Folder Scanner

sQuo

By ADMINsQuo
in PHP & HTML (Source)

 Share

Recommended Posts

sQuo Hacker

ADMINsQuo

Posted
Posted

phpMyAdmin Folder Scanner

 

[LENGUAJE=php]<?php

/**

* phpMyAdmin Scanner by Cai

* Scan folder phpMyAdmin je.. bukan apa

* Simple tool written in PHP

* Must enable cURL

* List folder tu aku ambik kat tool pmaPWN

*

* Much code.... wow

*/

 

if(PHP_SAPI != "cli"){ die("Run in CMD, not your browser"); exit; }

if(!function_exists("curl_init")){ die("Please enable cURL !!!"); exit; }

 

if($argv

echo "

phpMyAdmin Scanner - Coded by Cai@NHAX\n

Usage:

=> php ".$argv[0]." http://host.tld/'>http://host.tld/

=> php ".$argv[0]." http://localhost/'>http://localhost/";

} else {

echo "

=======================================

phpMyAdmin Scanner - Coded by Cai@NHAX\n

Usage:

=> php ".$argv[0]." http://host.tld/

=> php ".$argv[0]." http://localhost/

=======================================

\nScanning ".$argv[1]." ..... It may take some time .....\n";

 

$list = array(

'/phpmyadmin/',

'/phpMyAdmin/',

'/PMA/',

'/pma/',

'/admin/',

'/dbadmin/',

'/mysql/',

'/myadmin/',

'/phpmyadmin2/',

'/phpMyAdmin2/',

'/phpMyAdmin-2/',

'/php-my-admin/',

'/phpMyAdmin-2.2.3/',

'/phpMyAdmin-2.2.6/',

'/phpMyAdmin-2.5.1/',

'/phpMyAdmin-2.5.4/',

'/phpMyAdmin-2.5.5-rc1/',

'/phpMyAdmin-2.5.5-rc2/',

'/phpMyAdmin-2.5.5/',

'/phpMyAdmin-2.5.5-pl1/',

'/phpMyAdmin-2.5.6-rc1/',

'/phpMyAdmin-2.5.6-rc2/',

'/phpMyAdmin-2.5.6/',

'/phpMyAdmin-2.5.7/',

'/phpMyAdmin-2.5.7-pl1/',

'/phpMyAdmin-2.6.0-alpha/',

'/phpMyAdmin-2.6.0-alpha2/',

'/phpMyAdmin-2.6.0-beta1/',

'/phpMyAdmin-2.6.0-beta2/',

'/phpMyAdmin-2.6.0-rc1/',

'/phpMyAdmin-2.6.0-rc2/',

'/phpMyAdmin-2.6.0-rc3/',

'/phpMyAdmin-2.6.0/',

'/phpMyAdmin-2.6.0-pl1/',

'/phpMyAdmin-2.6.0-pl2/',

'/phpMyAdmin-2.6.0-pl3/',

'/phpMyAdmin-2.6.1-rc1/',

'/phpMyAdmin-2.6.1-rc2/',

'/phpMyAdmin-2.6.1/',

'/phpMyAdmin-2.6.1-pl1/',

'/phpMyAdmin-2.6.1-pl2/',

'/phpMyAdmin-2.6.1-pl3/',

'/phpMyAdmin-2.6.2-rc1/',

'/phpMyAdmin-2.6.2-beta1/',

'/phpMyAdmin-2.6.2-rc1/',

'/phpMyAdmin-2.6.2/',

'/phpMyAdmin-2.6.2-pl1/',

'/phpMyAdmin-2.6.3/',

'/phpMyAdmin-2.6.3-rc1/',

'/phpMyAdmin-2.6.3/',

'/phpMyAdmin-2.6.3-pl1/',

'/phpMyAdmin-2.6.4-rc1/',

'/phpMyAdmin-2.6.4-pl1/',

'/phpMyAdmin-2.6.4-pl2/',

'/phpMyAdmin-2.6.4-pl3/',

'/phpMyAdmin-2.6.4-pl4/',

'/phpMyAdmin-2.6.4/',

'/phpMyAdmin-2.7.0-beta1/',

'/phpMyAdmin-2.7.0-rc1/',

'/phpMyAdmin-2.7.0-pl1/',

'/phpMyAdmin-2.7.0-pl2/',

'/phpMyAdmin-2.7.0/',

'/phpMyAdmin-2.8.0-beta1/',

'/phpMyAdmin-2.8.0-rc1/',

'/phpMyAdmin-2.8.0-rc2/',

'/phpMyAdmin-2.8.0/',

'/phpMyAdmin-2.8.0.1/',

'/phpMyAdmin-2.8.0.2/',

'/phpMyAdmin-2.8.0.3/',

'/phpMyAdmin-2.8.0.4/',

'/phpMyAdmin-2.8.1-rc1/',

'/phpMyAdmin-2.8.1/',

'/phpMyAdmin-2.8.2/',

'/sqlmanager/',

'/mysqlmanager/',

'/p/m/a/',

'/PMA2005/',

'/pma2005/',

'/phpmanager/',

'/php-myadmin/',

'/phpmy-admin/',

'/webadmin/',

'/sqlweb/',

'/websql/',

'/webdb/',

'/mysqladmin/',

'/mysql-admin/',

);

 

$handle = fopen("scan_log.txt", "a");

 

foreach($list as $dir){

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, trim($argv[1]).trim($dir));

curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

curl_setopt($ch, CURLOPT_TIMEOUT, 3);

curl_setopt($ch, CURLOPT_HEADER, 1);

curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);

curl_setopt($ch, CURLOPT_REFERER, "http://google.com");

curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.9) Gecko/20071025 Firefox/2.0.0.9');

$res = curl_exec($ch);

curl_close($ch);

 

if(preg_match("/Could not resolve host:/", $res)){

echo "[-] INVALID HOST => ".trim($argv[1])."\n";

exit;

}

elseif(preg_match("/200 OK/", $res)){

if(preg_match("/Access denied/", $res) or preg_match("/phpMyAdmin/", $res)){

echo "[+] FOUND => ".trim($argv[1]).trim($dir)." - 200 OK ! - phpMyAdmin\n";

fwrite($handle, "[+] FOUND => ".trim($argv[1]).trim($dir)." - 200 OK ! - phpMyAdmin\n");

} else {

echo "[?] FOUND => ".trim($argv[1]).trim($dir)." - 200 OK ! - Possibly NOT phpMyAdmin\n";

fwrite($handle, "[?] FOUND => ".trim($argv[1]).trim($dir)." - 200 OK ! - Possibly NOT phpMyAdmin\n");

}

}

elseif(preg_match("/301 MOVED/", $res) or preg_match("/302 FOUND/", $res)){

echo "[+] FOUND => ".trim($argv[1]).trim($dir)." - 301/302 REDIRECTION! - Maybe phpMyAdmin\n";

fwrite($handle, "[+] FOUND => ".trim($argv[1]).trim($dir)." - 301/302 REDIRECTION! - Maybe phpMyAdmin\n");

}

elseif(preg_match("/403 FORBIDDEN/", $res)){

echo "[?] FOUND => ".trim($argv[1]).trim($dir)." - 403 FORBIDDEN! - Maybe phpMyAdmin\n";

fwrite($handle, "[?] FOUND => ".trim($argv[1]).trim($dir)." - 403 FORBIDDEN! - Maybe phpMyAdmin\n");

}

elseif(preg_match("/501 INTERNAL SERVER ERROR/", $res)){

echo "[?] FOUND => ".trim($argv[1]).trim($dir)." - 501 INTERNAL SERVER ERROR! - Maybe phpMyAdmin\n";

fwrite($handle, "[?] FOUND => ".trim($argv[1]).trim($dir)." - 501 INTERNAL SERVER ERROR! - Maybe phpMyAdmin\n");

}

 

}

 

fwrite($handle, "\n\n\n");

}[/LENGUAJE]

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.