sQuo Posted March 15, 2014 Share Posted March 15, 2014 phpMyAdmin Folder Scanner [LENGUAJE=php]<?php /** * phpMyAdmin Scanner by Cai * Scan folder phpMyAdmin je.. bukan apa * Simple tool written in PHP * Must enable cURL * List folder tu aku ambik kat tool pmaPWN * * Much code.... wow */ if(PHP_SAPI != "cli"){ die("Run in CMD, not your browser"); exit; } if(!function_exists("curl_init")){ die("Please enable cURL !!!"); exit; } if($argv echo " phpMyAdmin Scanner - Coded by Cai@NHAX\n Usage: => php ".$argv[0]." http://host.tld/'>http://host.tld/ => php ".$argv[0]." http://localhost/'>http://localhost/"; } else { echo " ======================================= phpMyAdmin Scanner - Coded by Cai@NHAX\n Usage: => php ".$argv[0]." http://host.tld/ => php ".$argv[0]." http://localhost/ ======================================= \nScanning ".$argv[1]." ..... It may take some time .....\n"; $list = array( '/phpmyadmin/', '/phpMyAdmin/', '/PMA/', '/pma/', '/admin/', '/dbadmin/', '/mysql/', '/myadmin/', '/phpmyadmin2/', '/phpMyAdmin2/', '/phpMyAdmin-2/', '/php-my-admin/', '/phpMyAdmin-2.2.3/', '/phpMyAdmin-2.2.6/', '/phpMyAdmin-2.5.1/', '/phpMyAdmin-2.5.4/', '/phpMyAdmin-2.5.5-rc1/', '/phpMyAdmin-2.5.5-rc2/', '/phpMyAdmin-2.5.5/', '/phpMyAdmin-2.5.5-pl1/', '/phpMyAdmin-2.5.6-rc1/', '/phpMyAdmin-2.5.6-rc2/', '/phpMyAdmin-2.5.6/', '/phpMyAdmin-2.5.7/', '/phpMyAdmin-2.5.7-pl1/', '/phpMyAdmin-2.6.0-alpha/', '/phpMyAdmin-2.6.0-alpha2/', '/phpMyAdmin-2.6.0-beta1/', '/phpMyAdmin-2.6.0-beta2/', '/phpMyAdmin-2.6.0-rc1/', '/phpMyAdmin-2.6.0-rc2/', '/phpMyAdmin-2.6.0-rc3/', '/phpMyAdmin-2.6.0/', '/phpMyAdmin-2.6.0-pl1/', '/phpMyAdmin-2.6.0-pl2/', '/phpMyAdmin-2.6.0-pl3/', '/phpMyAdmin-2.6.1-rc1/', '/phpMyAdmin-2.6.1-rc2/', '/phpMyAdmin-2.6.1/', '/phpMyAdmin-2.6.1-pl1/', '/phpMyAdmin-2.6.1-pl2/', '/phpMyAdmin-2.6.1-pl3/', '/phpMyAdmin-2.6.2-rc1/', '/phpMyAdmin-2.6.2-beta1/', '/phpMyAdmin-2.6.2-rc1/', '/phpMyAdmin-2.6.2/', '/phpMyAdmin-2.6.2-pl1/', '/phpMyAdmin-2.6.3/', '/phpMyAdmin-2.6.3-rc1/', '/phpMyAdmin-2.6.3/', '/phpMyAdmin-2.6.3-pl1/', '/phpMyAdmin-2.6.4-rc1/', '/phpMyAdmin-2.6.4-pl1/', '/phpMyAdmin-2.6.4-pl2/', '/phpMyAdmin-2.6.4-pl3/', '/phpMyAdmin-2.6.4-pl4/', '/phpMyAdmin-2.6.4/', '/phpMyAdmin-2.7.0-beta1/', '/phpMyAdmin-2.7.0-rc1/', '/phpMyAdmin-2.7.0-pl1/', '/phpMyAdmin-2.7.0-pl2/', '/phpMyAdmin-2.7.0/', '/phpMyAdmin-2.8.0-beta1/', '/phpMyAdmin-2.8.0-rc1/', '/phpMyAdmin-2.8.0-rc2/', '/phpMyAdmin-2.8.0/', '/phpMyAdmin-2.8.0.1/', '/phpMyAdmin-2.8.0.2/', '/phpMyAdmin-2.8.0.3/', '/phpMyAdmin-2.8.0.4/', '/phpMyAdmin-2.8.1-rc1/', '/phpMyAdmin-2.8.1/', '/phpMyAdmin-2.8.2/', '/sqlmanager/', '/mysqlmanager/', '/p/m/a/', '/PMA2005/', '/pma2005/', '/phpmanager/', '/php-myadmin/', '/phpmy-admin/', '/webadmin/', '/sqlweb/', '/websql/', '/webdb/', '/mysqladmin/', '/mysql-admin/', ); $handle = fopen("scan_log.txt", "a"); foreach($list as $dir){ $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, trim($argv[1]).trim($dir)); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_TIMEOUT, 3); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_REFERER, "http://google.com"); curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.9) Gecko/20071025 Firefox/2.0.0.9'); $res = curl_exec($ch); curl_close($ch); if(preg_match("/Could not resolve host:/", $res)){ echo "[-] INVALID HOST => ".trim($argv[1])."\n"; exit; } elseif(preg_match("/200 OK/", $res)){ if(preg_match("/Access denied/", $res) or preg_match("/phpMyAdmin/", $res)){ echo "[+] FOUND => ".trim($argv[1]).trim($dir)." - 200 OK ! - phpMyAdmin\n"; fwrite($handle, "[+] FOUND => ".trim($argv[1]).trim($dir)." - 200 OK ! - phpMyAdmin\n"); } else { echo "[?] FOUND => ".trim($argv[1]).trim($dir)." - 200 OK ! - Possibly NOT phpMyAdmin\n"; fwrite($handle, "[?] FOUND => ".trim($argv[1]).trim($dir)." - 200 OK ! - Possibly NOT phpMyAdmin\n"); } } elseif(preg_match("/301 MOVED/", $res) or preg_match("/302 FOUND/", $res)){ echo "[+] FOUND => ".trim($argv[1]).trim($dir)." - 301/302 REDIRECTION! - Maybe phpMyAdmin\n"; fwrite($handle, "[+] FOUND => ".trim($argv[1]).trim($dir)." - 301/302 REDIRECTION! - Maybe phpMyAdmin\n"); } elseif(preg_match("/403 FORBIDDEN/", $res)){ echo "[?] FOUND => ".trim($argv[1]).trim($dir)." - 403 FORBIDDEN! - Maybe phpMyAdmin\n"; fwrite($handle, "[?] FOUND => ".trim($argv[1]).trim($dir)." - 403 FORBIDDEN! - Maybe phpMyAdmin\n"); } elseif(preg_match("/501 INTERNAL SERVER ERROR/", $res)){ echo "[?] FOUND => ".trim($argv[1]).trim($dir)." - 501 INTERNAL SERVER ERROR! - Maybe phpMyAdmin\n"; fwrite($handle, "[?] FOUND => ".trim($argv[1]).trim($dir)." - 501 INTERNAL SERVER ERROR! - Maybe phpMyAdmin\n"); } } fwrite($handle, "\n\n\n"); }[/LENGUAJE] Link to comment Share on other sites More sharing options...
Recommended Posts