elhacker.net cabecera Bienvenido(a), Visitante. Por favor Ingresar o Registrarse
¿Perdiste tu email de activación?.

 

 


Tema destacado: Trabajando con las ramas de git (tercera parte)


+  Foro de elhacker.net
|-+  Seguridad Informática
| |-+  Análisis y Diseño de Malware (Moderador: fary)
| | |-+  [m] [SRC VB6] mCheckAdminPath [by *PsYkE1*]		0 Usuarios y 1 Visitante están viendo este tema.
Páginas: [1] Ir Abajo Respuesta Imprimir
Autor Tema: [m] [SRC VB6] mCheckAdminPath [by *PsYkE1*]  (Leído 2,363 veces)
Psyke1
Wiki

Desconectado Desconectado

Mensajes: 1.089



Ver Perfil WWW
[m] [SRC VB6] mCheckAdminPath [by *PsYkE1*]
« en: 29 Julio 2010, 16:48 pm »
Hola, bueno aqui os traigo este buscador de adminpaths, no es que me apasione el tema del Deface y esas cosas, pero en fin... :P
Aviso de antemano que no tengo ni idea de esto, si veis cualquier cosa decidmela... ;)

Código
  1. '----------------------------------------------------------------------------------------
  2. ' *Module  : mCheckAdminPath.bas
  3. ' *Author  : *PsYkE1*
  4. ' *Mail    : vbpsyke1@mixmail.com
  5. ' *Date    : 28/7/10
  6. ' *Purpose : Search admin paths of a Website
  7. ' *Greets  : xassiz
  8. ' *Web     : http://foro.rthacker.net
  9. ' *References : http://xassiz.blogspot.com/2009/12/tool-xassiz-pathfinder-by-xassiz.html
  10. '----------------------------------------------------------------------------------------
  11.  
  12. Option Explicit
  13.  
  14. Public Function Check_Admin_Path(ByVal sWebSite As String) As String
  15.     Dim sPosiblePath()          As String
  16.     Dim sPosiblePass()          As String
  17.     Dim sActualPath             As String
  18.     Dim lTotalPosiblePass       As Long
  19.     Dim lTotalPosiblePaths      As Long
  20.     Dim y                       As Long
  21.     Dim x                       As Long
  22.  
  23.     Const Paths As String = "admin/,paneldecontrol/,login/,adm/,cms/,admon/,administrador/,admin/login.php,ADMIN/login.php,admin/home.php,admin/controlpanel.html,admin/controlpanel.php,admin.php,admin.html,admin/cp.php,admin/cp.html,cp.php,cp.html,controlpanel/,panelc/,administrator/index.php,administrator/login.html,administrator/login.php,administrator/account.html," _
  24. & "administrator/account.php,administrator.php,administrator.html,login.php,login.html,modelsearch/login.php,moderator.php,moderator.html,moderator/login.php,moderator/login.html,moderator/admin.php,moderator/admin.html,moderator/,account.php,account.html,controlpanel/," _
  25. & "admin/index.asp,admin/login.asp,admin/home.asp,admin/controlpanel.asp,admin.asp,admin/cp.asp,cp.asp,administrator/index.asp,administrator/login.asp,administrator/account.asp,administrator.asp,login.asp,modelsearch/login.asp,moderator.asp,moderator/login.asp,moderator/admin.asp,account.asp," _
  26. & "controlpanel.asp,admincontrol.asp,adminpanel.asp,fileadmin/,fileadmin.php,fileadmin.asp,fileadmin.html,administration/,administration.php,administration.html,sysadmin.php,sysadmin.html,phpmyadmin/,myadmin/,sysadmin.asp,sysadmin/,ur-admin.asp,ur-admin.php,ur-admin.html,ur-admin/,Server.php,Server.html,Server.asp,Server/,wp-admin/,administr8.php,administr8.html," _
  27. & "administr8/,administr8.asp,webadmin/,webadmin.php,webadmin.asp,webadmin.html,administratie/,admins/,admins.php,admins.asp,admins.html,administrivia/,Database_Administration/,WebAdmin/,sysadmins/,admin1/,system-administration/,administrators/,pgadmin/,directadmin/,staradmin/,ServerAdministrator/,SysAdmin/,administer/,sys-admin/,typo3/," _
  28. & "panel/,cpanel/,cPanel/,cpanel_file/,platz_login/,rcLogin/,blogindex/,formslogin/,autologin/,support_login/,meta_login/,manuallogin/,simpleLogin/,loginflat/,utility_login/,showlogin/,memlogin/,members/,login-redirect/,sub-login/,wp-login/,login1/,dir-login/,login_db/,xlogin/,smblogin/,customer_login/,login-us/,acct_login/,admin_area/,bigadmin/,project-admins/,phppgadmin/,pureadmin/," _
  29. & "sql-admin/,radmind/,openvpnadmin/,wizmysqladmin/,vadmind/,ezsqliteadmin/,pwebjetadmin/,newsadmin/,adminpro/,Lotus_Domino_Admin/,bbadmin/,vmailadmin/,Indy_admin/,ccp14admin/,irc-macadmin/,banneradmin/,sshadmin/,phpldapadmin/,macadmin/,administratoraccounts/,admin4_account/,admin4_colon/,radmind-1/,Super-Admin/,AdminTools/,cmsadmin/,SysAdmin2/,globes_admin/,cadmins/,phpSQLiteAdmin/,navSiteAdmin/,server_admin_small/," _
  30. & "logo_sysadmin/,server/,database_administration/,ADMIN/login.html,system_administration/,ss_vms_admin_sm/"
  31.  
  32.     Const Pass As String = "username/,usuario/,user/,password/,contraseña/,senha/,pass/,pwd/,psswrd/"
  33.  
  34.     If Len(sWebSite) > 0 Then
  35.         If Right$(sWebSite, 1) <> "/" Then sWebSite = sWebSite & "/"
  36.  
  37.         sPosiblePass() = Split(Pass, ",")
  38.         sPosiblePath() = Split(Paths, ",")
  39.         lTotalPosiblePass = UBound(sPosiblePass())
  40.         lTotalPosiblePaths = UBound(sPosiblePath())
  41.  
  42.         If Check_Web_Exists(sWebSite) = True Then
  43.             For x = 0 To lTotalPosiblePaths
  44.                 sActualPath = sWebSite & sPosiblePath(x)
  45.                 If Check_Web_Exists(sActualPath) = True Then
  46.                     For y = 0 To lTotalPosiblePass
  47.                         sActualPath = sWebSite & sPosiblePath(x) & sPosiblePass(y)
  48.                         If Check_Web_Exists(sActualPath) = True Then
  49.                             Check_Admin_Path = sActualPath
  50.                             Exit Function
  51.                         End If
  52.                     Next
  53.                 End If
  54.             Next
  55.         End If
  56.     End If
  57. End Function
  58.  
  59. Function Check_Web_Exists(ByVal sURL As String) As Boolean
  60.     Dim oXHTTP          As Object
  61.     Set oXHTTP = CreateObject("MSXML2.XMLHTTP")
  62.  
  63.     If Not UCase$(sURL) Like "HTTP:*" Then sURL = "http://" & sURL
  64.  
  65.     On Error GoTo Error_
  66.     With oXHTTP
  67.         .Open "HEAD", sURL, False
  68.         .Send
  69.         If .Status = 200 Then Check_Web_Exists = True
  70.     End With
  71.  
  72.     Set oXHTTP = Nothing
  73.     Exit Function
  74. Error_:
  75. End Function

Un ejemplo:
Código
  1. Private Sub Form_Load()
  2.     Dim sWeb        As String
  3.     Dim sResult     As String
  4.  
  5.     sWeb = "http://www.xxxxxxxxxxx.net"
  6.     sResult = Check_Admin_Path(sWeb)
  7.  
  8.     If Len(sResult) > 0 Then
  9.         Debug.Print sResult
  10.     Else
  11.         Debug.Print "Not Found... :("
  12.     End If
  13. End Sub

Devuelve por ejemplo:
Citar
http://www.xxxxxxxxxxx.net/system-administration/pwd/

DoEvents¡! :P
« Última modificación: 29 Julio 2010, 22:24 pm por *PsYkE1* » En línea
http://foro.h-sec.org/
Páginas: [1] Ir Arriba Respuesta Imprimir 

Ir a:  
WAP2 - Aviso Legal - Powered by SMF 1.1.21 | SMF © 2006-2008, Simple Machines