Python 网站后台扫描
title | date | layout | tags |
---|---|---|---|
Python 网站后台扫描
|
2018-05-08
|
post
|
Python
|
#!/usr/bin/python
# This was written for educational purpose only. Use it at your own risk.
# Author will be not responsible for any damage!
#
#################################################################
# ______ ____ ____ #
# | _ \ \ \ / / #
# | |_) | \ \/ / #
# | _ < \_ _/ #
# | |_) | | | #
# |______/ |__| #
# #
# ________ _____ ___ __ #
# / ____/_/ / /___/ _ \ / / #
# / / / /__/ /___/ / \ / / #
# / / / /__/ /___/ / \ \ / / #
# / /___/ / / /___/ / \ \_/ / #
# \____/_/ /_/___/_/ \___/ #
# #
#################################################################
import httplib
import socket
import sys
try:
print "\t################################################################"
print "\t# ADMIN FINDER TOOL #"
print "\t# VISIT #"
print "\t# http://www.cnblogs.com/chenjingyi/ #"
print "\t# #"
print "\t# Written by chen #"
print "\t################################################################"
var1=0
var2=0
php = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','admin/account.php','admin/index.php','admin/login.php','admin/admin.php','admin/account.php',
'admin_area/admin.php','admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
'admin_area/index.php','bb-admin/index.php','bb-admin/login.php','bb-admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html',
'admin/controlpanel.php','admin.php','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
'admin/cp.php','cp.php','administrator/index.php','administrator/login.php','nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php',
'administrator/account.php','administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php',
'bb-admin/index.html','bb-admin/login.html','acceso.php','bb-admin/admin.html','admin/home.html','login.php','modelsearch/login.php','moderator.php','moderator/login.php',
'moderator/admin.php','account.php','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php',
'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php','adminarea/index.html','adminarea/admin.html',
'webadmin.php','webadmin/index.php','webadmin/admin.php','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.html',
'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html',
'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.php','account.html','controlpanel.html','admincontrol.html',
'panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','admin.php','adminarea/index.php',
'adminarea/admin.php','adminarea/login.php','panel-administracion/index.php','panel-administracion/admin.php','modelsearch/index.php',
'modelsearch/admin.php','admincontrol/login.php','adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php','usuarios/login.php',
'adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php']
asp = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','account.asp','admin/account.asp','admin/index.asp','admin/login.asp','admin/admin.asp',
'admin_area/admin.asp','admin_area/login.asp','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp','bb-admin/admin.asp',
'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html',
'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html',
'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','admincontrol.html','admin_login.html','panel-administracion/login.html',
'admin/home.asp','admin/controlpanel.asp','admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','admin/cp.asp','cp.asp',
'administrator/account.asp','administrator.asp','acceso.asp','login.asp','modelsearch/login.asp','moderator.asp','moderator/login.asp','administrator/login.asp',
'moderator/admin.asp','controlpanel.asp','admin/account.html','adminpanel.html','webadmin.html','pages/admin/admin-login.html','admin/admin-login.html',
'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.asp','user.html','admincp/index.asp','admincp/login.asp','admincp/index.html',
'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html',
'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html',
'admincontrol/login.html','adm/index.html','adm.html','admincontrol.asp','admin/account.asp','adminpanel.asp','webadmin.asp','webadmin/index.asp',
'webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp','adminLogin.asp',
'admin/adminLogin.asp','home.asp','admin.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp','admin-login.html',
'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp','administrator/index.asp',
'admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2.asp','admin2/login.asp','admin2/index.asp','adm/index.asp',
'adm.asp','affiliate.asp','adm_auth.asp','memberadmin.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp','siteadmin/login.html']
cfm = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','admin/account.cfm','admin/index.cfm','admin/login.cfm','admin/admin.cfm','admin/account.cfm',
'admin_area/admin.cfm','admin_area/login.cfm','siteadmin/login.cfm','siteadmin/index.cfm','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
'admin_area/index.cfm','bb-admin/index.cfm','bb-admin/login.cfm','bb-admin/admin.cfm','admin/home.cfm','admin_area/login.html','admin_area/index.html',
'admin/controlpanel.cfm','admin.cfm','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
'admin/cp.cfm','cp.cfm','administrator/index.cfm','administrator/login.cfm','nsw/admin/login.cfm','webadmin/login.cfm','admin/admin_login.cfm','admin_login.cfm',
'administrator/account.cfm','administrator.cfm','admin_area/admin.html','pages/admin/admin-login.cfm','admin/admin-login.cfm','admin-login.cfm',
'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.cfm','modelsearch/login.cfm','moderator.cfm','moderator/login.cfm',
'moderator/admin.cfm','account.cfm','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.cfm','admincontrol.cfm',
'admin/adminLogin.html','acceso.cfm','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.cfm','adminarea/index.html','adminarea/admin.html',
'webadmin.cfm','webadmin/index.cfm','webadmin/admin.cfm','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.cfm','moderator.html',
'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html',
'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.cfm','account.html','controlpanel.html','admincontrol.html',
'panel-administracion/login.cfm','wp-login.cfm','adminLogin.cfm','admin/adminLogin.cfm','home.cfm','admin.cfm','adminarea/index.cfm',
'adminarea/admin.cfm','adminarea/login.cfm','panel-administracion/index.cfm','panel-administracion/admin.cfm','modelsearch/index.cfm',
'modelsearch/admin.cfm','admincontrol/login.cfm','adm/admloginuser.cfm','admloginuser.cfm','admin2.cfm','admin2/login.cfm','admin2/index.cfm','usuarios/login.cfm',
'adm/index.cfm','adm.cfm','affiliate.cfm','adm_auth.cfm','memberadmin.cfm','administratorlogin.cfm']
js = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','admin/account.js','admin/index.js','admin/login.js','admin/admin.js','admin/account.js',
'admin_area/admin.js','admin_area/login.js','siteadmin/login.js','siteadmin/index.js','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
'admin_area/index.js','bb-admin/index.js','bb-admin/login.js','bb-admin/admin.js','admin/home.js','admin_area/login.html','admin_area/index.html',
'admin/controlpanel.js','admin.js','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
'admin/cp.js','cp.js','administrator/index.js','administrator/login.js','nsw/admin/login.js','webadmin/login.js','admin/admin_login.js','admin_login.js',
'administrator/account.js','administrator.js','admin_area/admin.html','pages/admin/admin-login.js','admin/admin-login.js','admin-login.js',
'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.js','modelsearch/login.js','moderator.js','moderator/login.js',
'moderator/admin.js','account.js','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.js','admincontrol.js',
'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.js','adminarea/index.html','adminarea/admin.html',
'webadmin.js','webadmin/index.js','acceso.js','webadmin/admin.js','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.js','moderator.html',
'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html',
'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.js','account.html','controlpanel.html','admincontrol.html',
'panel-administracion/login.js','wp-login.js','adminLogin.js','admin/adminLogin.js','home.js','admin.js','adminarea/index.js',
'adminarea/admin.js','adminarea/login.js','panel-administracion/index.js','panel-administracion/admin.js','modelsearch/index.js',
'modelsearch/admin.js','admincontrol/login.js','adm/admloginuser.js','admloginuser.js','admin2.js','admin2/login.js','admin2/index.js','usuarios/login.js',
'adm/index.js','adm.js','affiliate.js','adm_auth.js','memberadmin.js','administratorlogin.js']
cgi = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','admin/account.cgi','admin/index.cgi','admin/login.cgi','admin/admin.cgi','admin/account.cgi',
'admin_area/admin.cgi','admin_area/login.cgi','siteadmin/login.cgi','siteadmin/index.cgi','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
'admin_area/index.cgi','bb-admin/index.cgi','bb-admin/login.cgi','bb-admin/admin.cgi','admin/home.cgi','admin_area/login.html','admin_area/index.html',
'admin/controlpanel.cgi','admin.cgi','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
'admin/cp.cgi','cp.cgi','administrator/index.cgi','administrator/login.cgi','nsw/admin/login.cgi','webadmin/login.cgi','admin/admin_login.cgi','admin_login.cgi',
'administrator/account.cgi','administrator.cgi','admin_area/admin.html','pages/admin/admin-login.cgi','admin/admin-login.cgi','admin-login.cgi',
'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.cgi','modelsearch/login.cgi','moderator.cgi','moderator/login.cgi',
'moderator/admin.cgi','account.cgi','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.cgi','admincontrol.cgi',
'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.cgi','adminarea/index.html','adminarea/admin.html',
'webadmin.cgi','webadmin/index.cgi','acceso.cgi','webadmin/admin.cgi','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.cgi','moderator.html',
'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html',
'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.cgi','account.html','controlpanel.html','admincontrol.html',
'panel-administracion/login.cgi','wp-login.cgi','adminLogin.cgi','admin/adminLogin.cgi','home.cgi','admin.cgi','adminarea/index.cgi',
'adminarea/admin.cgi','adminarea/login.cgi','panel-administracion/index.cgi','panel-administracion/admin.cgi','modelsearch/index.cgi',
'modelsearch/admin.cgi','admincontrol/login.cgi','adm/admloginuser.cgi','admloginuser.cgi','admin2.cgi','admin2/login.cgi','admin2/index.cgi','usuarios/login.cgi',
'adm/index.cgi','adm.cgi','affiliate.cgi','adm_auth.cgi','memberadmin.cgi','administratorlogin.cgi']
brf = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','admin/account.brf','admin/index.brf','admin/login.brf','admin/admin.brf','admin/account.brf',
'admin_area/admin.brf','admin_area/login.brf','siteadmin/login.brf','siteadmin/index.brf','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
'admin_area/index.brf','bb-admin/index.brf','bb-admin/login.brf','bb-admin/admin.brf','admin/home.brf','admin_area/login.html','admin_area/index.html',
'admin/controlpanel.brf','admin.brf','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
'admin/cp.brf','cp.brf','administrator/index.brf','administrator/login.brf','nsw/admin/login.brf','webadmin/login.brfbrf','admin/admin_login.brf','admin_login.brf',
'administrator/account.brf','administrator.brf','acceso.brf','admin_area/admin.html','pages/admin/admin-login.brf','admin/admin-login.brf','admin-login.brf',
'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.brf','modelsearch/login.brf','moderator.brf','moderator/login.brf',
'moderator/admin.brf','account.brf','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.brf','admincontrol.brf',
'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.brf','adminarea/index.html','adminarea/admin.html',
'webadmin.brf','webadmin/index.brf','webadmin/admin.brf','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.brf','moderator.html',
'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html',
'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.brf','account.html','controlpanel.html','admincontrol.html',
'panel-administracion/login.brf','wp-login.brf','adminLogin.brf','admin/adminLogin.brf','home.brf','admin.brf','adminarea/index.brf',
'adminarea/admin.brf','adminarea/login.brf','panel-administracion/index.brf','panel-administracion/admin.brf','modelsearch/index.brf',
'modelsearch/admin.brf','admincontrol/login.brf','adm/admloginuser.brf','admloginuser.brf','admin2.brf','admin2/login.brf','admin2/index.brf','usuarios/login.brf',
'adm/index.brf','adm.brf','affiliate.brf','adm_auth.brf','memberadmin.brf','administratorlogin.brf']
try:
site = raw_input("Web Site for Scan?: ")
site = site.replace("http://","")
print ("\tChecking website " + site + "...")
conn = httplib.HTTPConnection(site)
conn.connect()
print "\t[$] Yes... Server is Online."
except (httplib.HTTPResponse, socket.error) as Exit:
raw_input("\t [!] Oops Error occured, Server offline or invalid URL")
exit()
print "Enter site source code:"
print "1 PHP"
print "2 ASP"
print "3 CFM"
print "4 JS"
print "5 CGI"
print "6 BRF"
print "\nPress 1 and 'Enter key' for Select PHP\n"
code=input("> ")
if code==1:
print("\t [+] Scanning " + site + "...\n\n")
for admin in php:
admin = admin.replace("\n","")
admin = "/" + admin
host = site + admin
print ("\t [#] Checking " + host + "...")
connection = httplib.HTTPConnection(site)
connection.request("GET",admin)
response = connection.getresponse()
var2 = var2 + 1
if response.status == 200:
var1 = var1 + 1
print "%s %s" % ( "\n\n>>>" + host, "Admin page found!")
raw_input("Press enter to continue scanning.\n")
elif response.status == 404:
var2 = var2
elif response.status == 302:
print "%s %s" % ("\n>>>" + host, "Possible admin page (302 - Redirect)")
else:
print "%s %s %s" % (host, " Interesting response:", response.status)
connection.close()
print("\n\nCompleted \n")
print var1, " Admin pages found"
print var2, " total pages scanned"
raw_input("[/] The Game Over; Press Enter to Exit")
if code==2:
print("\t [+] Scanning " + site + "...\n\n")
for admin in asp:
admin = admin.replace("\n","")
admin = "/" + admin
host = site + admin
print ("\t [#] Checking " + host + "...")
connection = httplib.HTTPConnection(site)
connection.request("GET",admin)
response = connection.getresponse()
var2 = var2 + 1
if response.status == 200:
var1 = var1 + 1
print "%s %s" % ( "\n\n>>>" + host, "Admin page found!")
raw_input("Press enter to continue scanning.\n")
elif response.status == 404:
var2 = var2
elif response.status == 302:
print "%s %s" % ("\n>>>" + host, "Possible admin page (302 - Redirect)")
else:
print "%s %s %s" % (host, " Interesting response:", response.status)
connection.close()
print("\n\nCompleted \n")
print var1, " Admin pages found"
print var2, " total pages scanned"
raw_input("The Game Over; Press Enter to Exit")
if code==3:
print("\t [+] Scanning " + site + "...\n\n")
for admin in cfm:
admin = admin.replace("\n","")
admin = "/" + admin
host = site + admin
print ("\t [#] Checking " + host + "...")
connection = httplib.HTTPConnection(site)
connection.request("GET",admin)
response = connection.getresponse()
var2 = var2 + 1
if response.status == 200:
var1 = var1 + 1
print "%s %s" % ( "\n\n>>>" + host, "Admin page found!")
raw_input("Press enter to continue scanning.\n")
elif response.status == 404:
var2 = var2
elif response.status == 302:
print "%s %s" % ("\n>>>" + host, "Possible admin page (302 - Redirect)")
else:
print "%s %s %s" % (host, " Interesting response:", response.status)
connection.close()
print("\n\nCompleted \n")
print var1, " Admin pages found"
print var2, " total pages scanned"
raw_input("The Game Over; Press Enter to Exit")
if code==4:
print("\t [+] Scanning " + site + "...\n\n")
for admin in js:
admin = admin.replace("\n","")
admin = "/" + admin
host = site + admin
print ("\t [#] Checking " + host + "...")
connection = httplib.HTTPConnection(site)
connection.request("GET",admin)
response = connection.getresponse()
var2 = var2 + 1
if response.status == 200:
var1 = var1 + 1
print "%s %s" % ( "\n\n>>>" + host, "Admin page found!")
raw_input("Press enter to continue scanning.\n")
elif response.status == 404:
var2 = var2
elif response.status == 302:
print "%s %s" % ("\n>>>" + host, "Possible admin page (302 - Redirect)")
else:
print "%s %s %s" % (host, " Interesting response:", response.status)
connection.close()
print("\n\nCompleted \n")
print var1, " Admin pages found"
print var2, " total pages scanned"
raw_input("The Game Over; Press Enter to Exit")
if code==5:
print("\t [+] Scanning " + site + "...\n\n")
for admin in cgi:
admin = admin.replace("\n","")
admin = "/" + admin
host = site + admin
print ("\t [#] Checking " + host + "...")
connection = httplib.HTTPConnection(site)
connection.request("GET",admin)
response = connection.getresponse()
var2 = var2 + 1
if response.status == 200:
var1 = var1 + 1
print "%s %s" % ( "\n\n>>>" + host, "Admin page found!")
raw_input("Press enter to continue scanning.\n")
elif response.status == 404:
var2 = var2
elif response.status == 302:
print "%s %s" % ("\n>>>" + host, "Possible admin page (302 - Redirect)")
else:
print "%s %s %s" % (host, " Interesting response:", response.status)
connection.close()
print("\n\nCompleted \n")
print var1, " Admin pages found"
print var2, " total pages scanned"
raw_input("The Game Over; Press Enter to Exit")
if code==6:
print("\t [+] Scanning " + site + "...\n\n")
for admin in brf:
admin = admin.replace("\n","")
admin = "/" + admin
host = site + admin
print ("\t [#] Checking " + host + "...")
connection = httplib.HTTPConnection(site)
connection.request("GET",admin)
response = connection.getresponse()
var2 = var2 + 1
if response.status == 200:
var1 = var1 + 1
print "%s %s" % ( "\n\n>>>" + host, "Admin page found!")
raw_input("Press enter to continue scanning.\n")
elif response.status == 404:
var2 = var2
elif response.status == 302:
print "%s %s" % ("\n>>>" + host, "Possible admin page (302 - Redirect)")
else:
print "%s %s %s" % (host, " Interesting response:", response.status)
connection.close()
print("\n\nCompleted \n")
print var1, " Admin pages found"
print var2, " total pages scanned"
raw_input("The Game Over; Press Enter to Exit")
except (httplib.HTTPResponse, socket.error):
print "\n\t[!] Session Cancelled; Error occured. Check internet settings"
except (KeyboardInterrupt, SystemExit):
print "\n\t[!] Session cancelled"
本文转载自:我是Jimny
原文地址:http://www.cnblogs.com/chenjingyi/p/5794521.html
Python 网站后台扫描的更多相关文章
- Python 网站后台扫描脚本
Python 网站后台扫描脚本 #!/usr/bin/python #coding=utf-8 import sys import urllib import time url = "ht ...
- 网站后台扫描工具dirbuster、御剑的用法
dirbuster DirBuster是Owasp(Open Web Application Security Project )开发的一款专门用于探测网站目录和文件(包括隐藏文件)的工具.由于使用J ...
- 转战网站后台与python
这么长时间了,迷茫的大雾也逐渐散去,正如标题所写的一样,转战网站后台开发.这段时间没怎么写博客,主要还是太忙,忙着期末考试的预习,以及服务器的搭建,python的学习,还有各种各样杂七杂八的小事,就像 ...
- 第四百零四节,python网站第三方登录,social-auth-app-django模块,
第四百零四节,python网站第三方登录,social-auth-app-django模块, social-auth-app-django模块是专门用于Django的第三方登录OAuth2协议模块 目 ...
- 第四百零三节,python网站在线支付,支付宝接口集成与远程调试,
第四百零三节,python网站在线支付,支付宝接口集成与远程调试, windows系统安装Python虚拟环境 首先保证你的系统已经安装好了Python 安装virtualenv C:\WINDOWS ...
- 习科小D整理找网站后台办法[科普]
习科科普贴,如何找到网站的后台 作者:小Dの马甲来自:习科论坛 - Silic.Org - BlackBap.Org 1, 穷举猜解 现如今可以暴力猜解网站后台登陆地址的软件有很多,从最早的啊D ...
- 通过SQL注入获得网站后台用户密码
通过 SQL 注入攻击,掌握网站的工作机制,认识到 SQL 注入攻击的防范措施,加强对 Web 攻击的防范. 一.实验环境 下载所需代码及软件:获取链接:链接:https://pan.baidu.co ...
- 通过COOKIE欺骗登录网站后台
1.今天闲着没事看了看关于XSS(跨站脚本攻击)和CSRF(跨站请求伪造)的知识,xss表示Cross Site Scripting(跨站脚本攻击),它与SQL注入攻击类似,SQL注入攻击中以SQL语 ...
- 利用ThinkPHP搭建网站后台架构
记录一下ThinkPHP搭建网站后台.调整好样式等操作步骤 下载好ThinkPHP(3.2.3),解压后将核心文件夹ThinkPHP以及index.php等文件复制到网站根目录如下图 对index.p ...
随机推荐
- EOJ Monthly 2020.1 E. 数的变幻
题目链接:https://acm.ecnu.edu.cn/contest/247/problem/E/ 这道题是cf原题: Codeforces Round #608 (Div. 2) E. Comm ...
- JDK8 API离线文档免费下载&JavaEE API文档离线下载&API在线查看链接&常用的JAR包下载
1.JDK8 API离线文档 链接:https://pan.baidu.com/s/1fYc-QesmYRumTEPmnSgEKA 提取码:2bdr 2.JavaEE API文档离线下载 链接:htt ...
- CodeForces 1000B Light It Up(贪心、思维)
https://codeforces.com/problemset/problem/1000/B 题意: 一个模拟思维题.就是有一盏灯,0时刻开着.n次操作,你可以在其中加入一次操作(或者不加),操作 ...
- Nginx系列p1:安装
学习新的知识都要从搭建环境开始,今天我们就来学习搭建一个 Nginx 环境. 环境:Ubuntu16.04 STL Nginx 1.16.1 Stable version 前言:当然可以通过 apt- ...
- 数字证书原理(ssl,https)
https://blog.csdn.net/qq_34115899/article/details/81298284 关于私钥公钥数字签名数字证书.https.RSA的一些讲解 http://www. ...
- JavaScript学习总结(四)
这一部分我们继续介绍JavaScript的常用对象. Number对象 创建Number对象 方式1: var 变量= new Number(数字) 方式2: var 变量 = 数字; 常用的方法 t ...
- mac下使用opencv编译安装新模块contrib
opencv-4.0.1 opencv_contrib-4.0.1 提供ippicv下载链接: https://pan.baidu.com/s/1OIJRUqPqAtpMetku8qX36w cont ...
- 什么?你还没女朋友?教你如何借助Python俘获女孩子芳心!
天气降温,感情却升温了? 上午刚到公司,就收到小Q发来的灵魂拷问: “Q仔!要不然下午请个假!我带你去精神科看看!?”我实在忍不了,脱口而出. 话音未落,前排的运营小花回头看向小Q,莞尔一笑,百媚横生 ...
- Tensorflow学习教程------读取数据、建立网络、训练模型,小巧而完整的代码示例
紧接上篇Tensorflow学习教程------tfrecords数据格式生成与读取,本篇将数据读取.建立网络以及模型训练整理成一个小样例,完整代码如下. #coding:utf-8 import t ...
- 可视化---matplotlib
中文乱码 # 解决matplotlib显示中文问题 # 指定默认字体 plt.rcParams[font.sans-serif]=['SimHei'] # 解决保存图像是负号'-'显示为方块的问题 p ...