sQuo Posted March 19, 2014 Share Posted March 19, 2014 [LENGUAJE=php]<?php ##################################################################################### ## ## ## ## ## Script : Odz Multiple CMS Scaner Online v0.4 (0!IIIV) ## ## Authors : [KedAns-Dz] [Mennouchi Islam Azeddine] ## ## Home : This is the hidden content, please Sign In or Sign Up ## ## Facebook : This is the hidden content, please Sign In or Sign Up ## ## Contact : ked-h[at]hotmail[dot]com ## ## azeddine.mennouchi[at]owasp[dot]org ## ## ## ## Algerian Coders ## ## ## ## ## IMPORTANT ## ## ## # ONLY FOR EDUCATIONAL PURPOSE. THE AUTHOR IS NOT RESPONSABLE OF ANY ## ## # IMPROPERLY USE OF THIS TOOL. USE IT AT YOUR OWN RISK !! ## ## ## ## ## ## ## Release: 0.4 Beta ## ## After the success of the v0.3, I decided to code a new release :-) ## ## ## ## ## ## Features: ## ## [+] Multi sites scan (in on server) ## ## [+] latest exploits and vulns. ## ## [+] Robots.txt files scan ## ## [+] htaccess files scan ## ## [+] admin panel detection ## ## [+] ## ## [+] ## ## ## ##################################################################################### ################################################################ GENERAL FORM ################################################################echo' Odz Multiple CMS Scaner Online v0.4 (0!IIIV) This is the hidden content, please Sign In or Sign Up Odz Multiple CMS Scaner Online v0.4 (0!IIIV) | T0olKit By : KedAns-Dz ';################################################################ set_time_limit/error_reporting ################################################################if(!@set_time_limit(0)){ if(@function_exists('ini_set'))@ini_set('max_execution_time',0); elseif(@function_exists('ini_alter'))@ini_alter('max_execution_time',0); else trigger_error('Can not set_time_limit(0)', E_USER_NOTICE); if(@function_exists('ini_get')){ if(@ini_get('max_execution_time')!='0')trigger_error('Can not set_time_limit(0)', E_USER_NOTICE); }}//----------------------------------------------------------- @error_reporting(E_ALL); @ini_set('display_errors','Off');################################################################ DEFINES ################################################################define('Odz_VERSION','0.4');################################################################ CONFIGURATION ################################################################ // Load Class.. $dz = new Odz();################################################################ Odz CLASS ################################################################class Odz{function load_contents($target){ // Adel SBM :This is my priv8 function ;) if(function_exists('file_get_contents')){ // echo "Using file_get_contents";$handle_file = @file_get_contents($target);$contents = $handle_file; }elseif(function_exists('fopen') AND function_exists('fread')){ // echo "Using fopen/fread";$handle = fopen($target, "r");$contents= fread($handle, 8192);fclose($handle); }elseif (function_exists("curl_init")) { // echo "Using CURL";$user_agent = "Mozilla/5.0 (Windows; U; Windows NT 6.0; it; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8";$ch = curl_init();curl_setopt ($ch,CURLOPT_URL,$target );curl_setopt ($ch, CURLOPT_USERAGENT, $user_agent);curl_setopt ($ch,CURLOPT_RETURNTRANSFER, 1);curl_setopt ($ch,CURLOPT_VERBOSE,false);curl_setopt ($ch, CURLOPT_TIMEOUT, 5);curl_setopt ($ch,CURLOPT_SSL_VERIFYPEER, FALSE);curl_setopt ($ch,CURLOPT_SSLVERSION,3);curl_setopt ($ch,CURLOPT_SSL_VERIFYHOST, FALSE);$contents = curl_exec($ch);}elseif(!($sock = fsockopen($target, 80))){die( "\n [-] No response from {$host}:80\n");fwrite($sock, $packet);$contents = stream_get_contents($sock); }else{echo "Can't Get Contents..!!";} return $contents; // Let's see contents ;)} //-----------------------------------------------------------------------------------function filter($content){$fcontent = trim(strip_tags($content));return $fcontent; // Let's see filtred content ;)}//-----------------------------------------------------------------------------------function valid_ip($ip_addr){$parts = explode('.', $ip_addr);if (count($parts) == 4) { foreach ($parts as $part) { if ($part > 255 || $part =200 && $httpcodeload_contents($link);if (@eregi("No Results Found",$result)) {echo"Not Found This is the hidden content, please Sign In or Sign Up ";}else{echo"Found ";}}//----------------------------------------------------------------------------------------------------------// U Can Activate this functions: get_robotstxt($url),get_admincp($url) / This will take more scan time..//----------------------------------------------------------------------------------------------------------/* Robots.txt file Scan :The robots.txt is used to tell search engines to ignore parts of your site. It can also be used by attackers to find stuff youmay not want to be public and other interesting directories*/function get_robotstxt($url){if ($this->visit("$url/robots.txt"))echo " $url/robots.txt Found";elseecho " Not Found";}//-----------------------------------------------------------------------------------/* Default Login Page finder (Default) The WordPress administration login page is at the default location : wp-adminThe Joomla administration login page is at the default location : administrationThe Nuke's administration login page is at the default location : ..... The Xoops administration login page is at the default location : admin.php (I m not sure)*/ function get_admincp($url){$defadmins=array("wp-admin","administration","admin.php","admin");foreach($defadmins as $defadmin){if ($this->visit("$url/$defadmin"))echo " $url/$defadmin Found !";elseecho " Not Found !!";}}//-----------------------------------------------------------------------------------/* Joomla Conf */function check_com($url){$source = $this->load_contents($url);@preg_match_all('{option,(.*?)/}i',$source,$f);@preg_match_all('{option=(.*?)(&|&|")}i',$source,$f2);@preg_match_all('{/components/(.*?)/}i',$source,$f3);$arz=@array_merge($f2[1],$f[1],$f3[1]);$coms=array();if(count($arz)==0){ echo " [ Joomla ] ...Nothing Found !";}foreach(@array_unique($arz) as $x){$coms[]=$x;}foreach($coms as $comm){echo " $comm"; $this->check_exploit($comm);}}//-----------------------------------------------------------------------------------/* WordPress Conf */function get_plugins($url){$source = $this->load_contents($url);@preg_match_all("#/plugins/(.*?)/#i", $source, $f);$arz=@array_unique($f[1]);if(count($arz)==0){ echo " [ Wordpress ] ...Nothing Found !";}foreach($arz as $plugin){echo " $plugin";$this->check_exploit($plugin);}}//-----------------------------------------------------------------------------------/* Nuke's Conf */function get_numod($url){$source = $this->load_contents($url);@preg_match_all('{?name=(.*?)/}i',$source,$f);@preg_match_all('{?name=(.*?)(&|&|l_op=")}i',$source,$f2);@preg_match_all('{/modules/(.*?)/}i',$source,$f3);$arz=@array_merge($f2[1],$f[1],$f3[1]);$cpm=array();if(count($arz)==0){ echo " [ Nuke's ] ...Nothing Found !";}foreach(@array_unique($arz) as $x){$cpm[]=$x;}foreach($cpm as $nmod){echo " $nmod";$this->check_exploit($nmod);}}//-----------------------------------------------------------------------------------/* Xoops Conf */function get_xoomod($url){$source = $this->load_contents($url);@preg_match_all('{/modules/(.*?)/}i',$source,$f);$arz=@array_merge($f[1]);$cpm=array();if(count($arz)==0){ echo " [ Xoops ] ...Nothing Found !";}foreach(@array_unique($arz) as $x){$cpm[]=$x;}foreach($cpm as $xmod){echo " $xmod";$this->check_exploit($xmod);}}//-----------------------------------------------------------------------------------function sec($site){@preg_match_all('{http://(.*?)(/index.php)}siU',$site, $sites);if(preg_match("www",$sites[0][0])){return $site=str_replace("index.php","",$sites[0][0]);}else{return $site=str_replace("http://","http://www.",str_replace("index.php","",$sites[0][0]));}}} // END Odz CLASS ################################################################ SCAN START ################################################################$npages = 50000;if ($_POST) { $ip = $dz->valid_ip($dz->filter($_POST['site'])); $npage = 1; $allLinks = array(); while($npage load_contents('http://www.bing.com/search?q=ip%3A' . $ip . '+index.php?option=com&first=' . $npage); // Thanx bing ;) if ($x) { @preg_match_all('(.*.*(.*).*.*)siU', $x, $findlink); foreach ($findlink[1] as $fl) $allLinks[]=$dz->sec($fl); $npage = $npage + 10; if (preg_match('(first=' . $npage . '&)siU', $x, $linksuiv) == 0) break; } else break; }$allDmns = array();foreach ($allLinks as $kk => $vv){$allDmns[] = $vv;} echo' Server IP : '.$ip.' Sites Found : '.count(@array_unique($allDmns)).' ';echo " ";echo' ';foreach(@array_unique($allDmns) as $h3h3){echo' '.$h3h3.' PacketStorm Challenge of Exploiting ..! ';// Let's scan$dz->check_com($h3h3);$dz->get_plugins($h3h3);$dz->get_numod($h3h3);$dz->get_xoomod($h3h3);$dz->get_htaccess($h3h3);$dz->get_admin($h3h3);$dz->get_robotstxt($h3h3);}// Print Headerecho"";}?>Coded By : KedAns-Dz | OWASP ALGERIA| Mennouchi Islam AzeddineMade in Algeria | CopyCenter (^.^) 2o12 [/LENGUAJE] Link to comment Share on other sites More sharing options...
Recommended Posts