Python script to find website backend address
Update: September 01, 2014 16:46:07 contribute sth.:mdxy-dxy
This article mainly introduces the use of python to find the background address of the site's script code, the works of foreign cattlemen, the need for friends can refer to the following
#!/usr/bin/python
# This was written for educational purpose only. Use it at your own risk.
# Author will be not responsible for any damage!
#
#################################################################
# ______ ____ ____ #
# | _ \ \ \ / / #
# | |_) | \ \/ / #
# | _ < \_ _/ #
# | |_) | | | #
# |______/ |__| #
# #
# ______ __ _____ ____ __ ___ #
# / ____/_ __/ /_ |__ /______ __/ __ \_____/ |/ / #
# / / / / / / __ \ /_ </ ___/ | /| / / / / / ___/ /|_/ / #
# / /___/ /_/ / /_/ /__/ / / | |/ |/ / /_/ / / / / / / #
# \____/\__, /_.___/____/_/ |__/|__/\____/_/ /_/ /_/ #
# /____/ #
################################################################# import httplib import socket import sys
try:
print "\t################################################################"
print "\t# ADMIN FINDER TOOL #"
print "\t# VISIT #"
print "\t# / #"
print "\t# #"
print "\t# Written by Cyb3rw0rM #"
print "\t################################################################"
var1=0
var2=0
php = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/', 'memberadmin/','administratorlogin/','adm/','admin/','admin/','admin/','admin/','admin/', 'admin_area/','admin_area/','siteadmin/','siteadmin/','siteadmin/','admin/','admin/','admin/','admin/', 'admin_area/','bb-admin/','bb-admin/','bb-admin/','admin/','admin_area/','admin_area/', 'admin/','','admincp/','admincp/','admincp/','admin/','','', 'webadmin/','webadmin/','webadmin/','admin/admin_login.html','admin_login.html','panel-administracion/', 'admin/','','administrator/','administrator/','nsw/admin/','webadmin/','admin/admin_login.php','admin_login.php', 'administrator/','','admin_area/','pages/admin/','admin/','', 'bb-admin/','bb-admin/','','bb-admin/','admin/','','modelsearch/','','moderator/', 'moderator/','','pages/admin/','admin/','','','', 'admin/','','admin/','','rcjakar/admin/','adminarea/','adminarea/', '','webadmin/','webadmin/','admin/','','admin/','','','', 'administrator/','administrator/','','administrator/','','','modelsearch/', 'moderator/','adminarea/','panel-administracion/','panel-administracion/','modelsearch/','modelsearch/', 'admincontrol/','adm/','','moderator/','','','','', 'panel-administracion/','','','admin/','','','adminarea/', 'adminarea/','adminarea/','panel-administracion/','panel-administracion/','modelsearch/', 'modelsearch/','admincontrol/','adm/','','','admin2/','admin2/','usuarios/', 'adm/','','','adm_auth.php','','']
asp = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/', 'memberadmin/','administratorlogin/','adm/','','admin/','admin/','admin/','admin/', 'admin_area/','admin_area/','admin/','admin/','admin/','admin/', 'admin_area/','admin_area/','admin_area/','admin_area/','bb-admin/','bb-admin/','bb-admin/', 'bb-admin/','bb-admin/','bb-admin/','admin/','admin/','','admin/','', 'administrator/','administrator/','administrator/','','','modelsearch/','', 'moderator/','moderator/','','','','admin_login.html','panel-administracion/', 'admin/','admin/','','pages/admin/','admin/','','admin/','', 'administrator/','','','','modelsearch/','','moderator/','administrator/', 'moderator/','','admin/','','','pages/admin/','admin/', 'webadmin/','webadmin/','webadmin/','','','admincp/','admincp/','admincp/', 'admin/','','admin/','','adminarea/','adminarea/','adminarea/', 'panel-administracion/','panel-administracion/','modelsearch/','modelsearch/','admin/admin_login.html', 'admincontrol/','adm/','','','admin/','','','webadmin/', 'webadmin/','webadmin/','admin/admin_login.asp','admin_login.asp','panel-administracion/','', 'admin/','','','adminarea/','adminarea/','adminarea/','', 'panel-administracion/','panel-administracion/','modelsearch/','modelsearch/','administrator/', 'admincontrol/','adm/','','','admin2/','admin2/','adm/', '','','adm_auth.asp','','','siteadmin/','siteadmin/','siteadmin/']
cfm = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/', 'memberadmin/','administratorlogin/','adm/','admin/','admin/','admin/','admin/','admin/', 'admin_area/','admin_area/','siteadmin/','siteadmin/','siteadmin/','admin/','admin/','admin/','admin/', 'admin_area/','bb-admin/','bb-admin/','bb-admin/','admin/','admin_area/','admin_area/', 'admin/','','admincp/','admincp/','admincp/','admin/','','', 'webadmin/','webadmin/','webadmin/','admin/admin_login.html','admin_login.html','panel-administracion/', 'admin/','','administrator/','administrator/','nsw/admin/','webadmin/','admin/admin_login.cfm','admin_login.cfm', 'administrator/','','admin_area/','pages/admin/','admin/','', 'bb-admin/','bb-admin/','bb-admin/','admin/','','modelsearch/','','moderator/', 'moderator/','','pages/admin/','admin/','','','', 'admin/','','','admin/','','rcjakar/admin/','adminarea/','adminarea/', '','webadmin/','webadmin/','admin/','','admin/','','','', 'administrator/','administrator/','','administrator/','','','modelsearch/', 'moderator/','adminarea/','panel-administracion/','panel-administracion/','modelsearch/','modelsearch/', 'admincontrol/','adm/','','moderator/','','','','', 'panel-administracion/','','','admin/','','','adminarea/', 'adminarea/','adminarea/','panel-administracion/','panel-administracion/','modelsearch/', 'modelsearch/','admincontrol/','adm/','','','admin2/','admin2/','usuarios/', 'adm/','','','adm_auth.cfm','','']
js = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/', 'memberadmin/','administratorlogin/','adm/','admin/','admin/','admin/','admin/','admin/', 'admin_area/','admin_area/','siteadmin/','siteadmin/','siteadmin/','admin/','admin/','admin/','admin/', 'admin_area/','bb-admin/','bb-admin/','bb-admin/','admin/','admin_area/','admin_area/', 'admin/','','admincp/','admincp/','admincp/','admin/','','', 'webadmin/','webadmin/','webadmin/','admin/admin_login.html','admin_login.html','panel-administracion/', 'admin/','','administrator/','administrator/','nsw/admin/','webadmin/','admin/admin_login.js','admin_login.js', 'administrator/','','admin_area/','pages/admin/','admin/','', 'bb-admin/','bb-admin/','bb-admin/','admin/','','modelsearch/','','moderator/', 'moderator/','','pages/admin/','admin/','','','', 'admin/','','admin/','','rcjakar/admin/','adminarea/','adminarea/', '','webadmin/','','webadmin/','admin/','','admin/','','','', 'administrator/','administrator/','','administrator/','','','modelsearch/', 'moderator/','adminarea/','panel-administracion/','panel-administracion/','modelsearch/','modelsearch/', 'admincontrol/','adm/','','moderator/','','','','', 'panel-administracion/','','','admin/','','','adminarea/', 'adminarea/','adminarea/','panel-administracion/','panel-administracion/','modelsearch/', 'modelsearch/','admincontrol/','adm/','','','admin2/','admin2/','usuarios/', 'adm/','','','adm_auth.js','','']
cgi = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/', 'memberadmin/','administratorlogin/','adm/','admin/','admin/','admin/','admin/','admin/', 'admin_area/','admin_area/','siteadmin/','siteadmin/','siteadmin/','admin/','admin/','admin/','admin/', 'admin_area/','bb-admin/','bb-admin/','bb-admin/','admin/','admin_area/','admin_area/', 'admin/','','admincp/','admincp/','admincp/','admin/','','', 'webadmin/','webadmin/','webadmin/','admin/admin_login.html','admin_login.html','panel-administracion/', 'admin/','','administrator/','administrator/','nsw/admin/','webadmin/','admin/admin_login.cgi','admin_login.cgi', 'administrator/','','admin_area/','pages/admin/','admin/','', 'bb-admin/','bb-admin/','bb-admin/','admin/','','modelsearch/','','moderator/', 'moderator/','','pages/admin/','admin/','','','', 'admin/','','admin/','','rcjakar/admin/','adminarea/','adminarea/', '','webadmin/','','webadmin/','admin/','','admin/','','','', 'administrator/','administrator/','','administrator/','','','modelsearch/', 'moderator/','adminarea/','panel-administracion/','panel-administracion/','modelsearch/','modelsearch/', 'admincontrol/','adm/','','moderator/','','','','', 'panel-administracion/','','','admin/','','','adminarea/', 'adminarea/','adminarea/','panel-administracion/','panel-administracion/','modelsearch/', 'modelsearch/','admincontrol/','adm/','','','admin2/','admin2/','usuarios/', 'adm/','','','adm_auth.cgi','','']
brf = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/', 'memberadmin/','administratorlogin/','adm/','admin/','admin/','admin/','admin/','admin/', 'admin_area/','admin_area/','siteadmin/','siteadmin/','siteadmin/','admin/','admin/','admin/','admin/', 'admin_area/','bb-admin/','bb-admin/','bb-admin/','admin/','admin_area/','admin_area/', 'admin/','','admincp/','admincp/','admincp/','admin/','','', 'webadmin/','webadmin/','webadmin/','admin/admin_login.html','admin_login.html','panel-administracion/', 'admin/','','administrator/','administrator/','nsw/admin/','webadmin/','admin/admin_login.brf','admin_login.brf', 'administrator/','','','admin_area/','pages/admin/','admin/','', 'bb-admin/','bb-admin/','bb-admin/','admin/','','modelsearch/','','moderator/', 'moderator/','','pages/admin/','admin/','','','', 'admin/','','admin/','','rcjakar/admin/','adminarea/','adminarea/', '','webadmin/','webadmin/','admin/','','admin/','','','', 'administrator/','administrator/','','administrator/','','','modelsearch/', 'moderator/','adminarea/','panel-administracion/','panel-administracion/','modelsearch/','modelsearch/', 'admincontrol/','adm/','','moderator/','','','','', 'panel-administracion/','','','admin/','','','adminarea/', 'adminarea/','adminarea/','panel-administracion/','panel-administracion/','modelsearch/', 'modelsearch/','admincontrol/','adm/','','','admin2/','admin2/','usuarios/', 'adm/','','','adm_auth.brf','','']
try:
site = raw_input("Web Site for Scan?: ")
site = ("http://","")
print ("\tChecking website " + site + "...")
conn = (site)
()
print "\t[$] Yes... Server is Online."
except (, ) as Exit:
raw_input("\t [!] Oops Error occured, Server offline or invalid URL")
exit()
print "Enter site source code:"
print "1 PHP"
print "2 ASP"
print "3 CFM"
print "4 JS"
print "5 CGI"
print "6 BRF"
print "\nPress 1 and 'Enter key' for Select PHP\n"
code=input("> ")
if code==1:
print("\t [+] Scanning " + site + "...\n\n")
for admin in php:
admin = ("\n","")
admin = "/" + admin
host = site + admin
print ("\t [#] Checking " + host + "...")
connection = (site)
("GET",admin)
response = ()
var2 = var2 + 1
if == 200:
var1 = var1 + 1
print "%s %s" % ( "\n\n>>>" + host, "Admin page found!")
raw_input("Press enter to continue scanning.\n")
elif == 404:
var2 = var2
elif == 302:
print "%s %s" % ("\n>>>" + host, "Possible admin page (302 - Redirect)")
else:
print "%s %s %s" % (host, " Interesting response:", )
()
print("\n\nCompleted \n")
print var1, " Admin pages found"
print var2, " total pages scanned"
raw_input("[/] The Game Over; Press Enter to Exit")
if code==2:
print("\t [+] Scanning " + site + "...\n\n")
for admin in asp:
admin = ("\n","")
admin = "/" + admin
host = site + admin
print ("\t [#] Checking " + host + "...")
connection = (site)
("GET",admin)
response = ()
var2 = var2 + 1
if == 200:
var1 = var1 + 1
print "%s %s" % ( "\n\n>>>" + host, "Admin page found!")
raw_input("Press enter to continue scanning.\n")
elif == 404:
var2 = var2
elif == 302:
print "%s %s" % ("\n>>>" + host, "Possible admin page (302 - Redirect)")
else:
print "%s %s %s" % (host, " Interesting response:", )
()
print("\n\nCompleted \n")
print var1, " Admin pages found"
print var2, " total pages scanned"
raw_input("The Game Over; Press Enter to Exit")
if code==3:
print("\t [+] Scanning " + site + "...\n\n")
for admin in cfm:
admin = ("\n","")
admin = "/" + admin
host = site + admin
print ("\t [#] Checking " + host + "...")
connection = (site)
("GET",admin)
response = ()
var2 = var2 + 1
if == 200:
var1 = var1 + 1
print "%s %s" % ( "\n\n>>>" + host, "Admin page found!")
raw_input("Press enter to continue scanning.\n")
elif == 404:
var2 = var2
elif == 302:
print "%s %s" % ("\n>>>" + host, "Possible admin page (302 - Redirect)")
else:
print "%s %s %s" % (host, " Interesting response:", )
()
print("\n\nCompleted \n")
print var1, " Admin pages found"
print var2, " total pages scanned"
raw_input("The Game Over; Press Enter to Exit")
if code==4:
print("\t [+] Scanning " + site + "...\n\n")
for admin in js:
admin = ("\n","")
admin = "/" + admin
host = site + admin
print ("\t [#] Checking " + host + "...")
connection = (site)
("GET",admin)
response = ()
var2 = var2 + 1
if == 200:
var1 = var1 + 1
print "%s %s" % ( "\n\n>>>" + host, "Admin page found!")
raw_input("Press enter to continue scanning.\n")
elif == 404:
var2 = var2
elif == 302:
print "%s %s" % ("\n>>>" + host, "Possible admin page (302 - Redirect)")
else:
print "%s %s %s" % (host, " Interesting response:", )
()
print("\n\nCompleted \n")
print var1, " Admin pages found"
print var2, " total pages scanned"
raw_input("The Game Over; Press Enter to Exit")
if code==5:
print("\t [+] Scanning " + site + "...\n\n")
for admin in cgi:
admin = ("\n","")
admin = "/" + admin
host = site + admin
print ("\t [#] Checking " + host + "...")
connection = (site)
("GET",admin)
response = ()
var2 = var2 + 1
if == 200:
var1 = var1 + 1
print "%s %s" % ( "\n\n>>>" + host, "Admin page found!")
raw_input("Press enter to continue scanning.\n")
elif == 404:
var2 = var2
elif == 302:
print "%s %s" % ("\n>>>" + host, "Possible admin page (302 - Redirect)")
else:
print "%s %s %s" % (host, " Interesting response:", )
()
print("\n\nCompleted \n")
print var1, " Admin pages found"
print var2, " total pages scanned"
raw_input("The Game Over; Press Enter to Exit")
if code==6:
print("\t [+] Scanning " + site + "...\n\n")
for admin in brf:
admin = ("\n","")
admin = "/" + admin
host = site + admin
print ("\t [#] Checking " + host + "...")
connection = (site)
("GET",admin)
response = ()
var2 = var2 + 1
if == 200:
var1 = var1 + 1
print "%s %s" % ( "\n\n>>>" + host, "Admin page found!")
raw_input("Press enter to continue scanning.\n")
elif == 404:
var2 = var2
elif == 302:
print "%s %s" % ("\n>>>" + host, "Possible admin page (302 - Redirect)")
else:
print "%s %s %s" % (host, " Interesting response:", )
()
print("\n\nCompleted \n")
print var1, " Admin pages found"
print var2, " total pages scanned"
raw_input("The Game Over; Press Enter to Exit") except (, ):
print "\n\t[!] Session Cancelled; Error occured. Check internet settings" except (KeyboardInterrupt, SystemExit):
print "\n\t[!] Session cancelled"
Related articles
Django time and time zone settings in detail
This article introduces the Django time and time zone settings, this article gives you a very detailed, with some reference value, you can refer to the following2019-07-07Understanding Absolute and Relative Paths in Python
This post focuses on understanding the absolute path and relative path in Python , I think it's pretty good, and now share it with you, but also give you a reference. Together follow the editor over to see it2017-08-08Python Drawing Digital Transistor Dates
This article is mainly for you to introduce in detail the Python drawing digital transistor date, the sample code in the text is very detailed, with certain reference value, interested partners can refer to it!2021-02-02python3 implementation of the cmp function that replaces python2 in python3
This article introduces the python3 replace python2 in the cmp function, the text through the sample code is very detailed, for everyone's learning or work has a certain reference learning value, the need for friends below with the editorial to learn together!2019-08-08Example of Reverse Generation in Django Explained
Today, I'd like to share with you an example of reverse generation in Django to explain, with good reference value, I hope to help you. Together follow the editor over to see it2018-05-05Python pandas usage most complete organization
In this post, I share with you about Python pandas usage and related example code, friends can learn.2019-08-08Introduction to eval function usage in python3
This article introduces the python3 eval function usage in the use of the introduction, the text through the sample code describes the very detailed, for everyone to learn or work with certain reference learning value, the need for friends below with the editorial to learn together!2019-08-08python delete same files and unopenable images in folder
This article is mainly for you to introduce in detail the python delete the same file under the folder and can not open the picture, with certain reference value, interested partners can refer to it!2019-07-07Batch Generation of Forensic Letter Code in Python
Hello, this post is mainly about the use of Python to achieve batch generation of legal letters code, interested students quickly take a look at it, if it helps you remember to collect it2022-02-025 lines of Python code to achieve image segmentation steps in detail
This article introduces the 5 lines of Python code to achieve image segmentation steps in detail, the text through the sample code describes the details of the study or work on everyone has a certain reference value of learning, the need for friends below along with the editorial to learn to learn it together!2020-05-05