forked from tuwid/darkc0de-old-stuff
-
Notifications
You must be signed in to change notification settings - Fork 7
/
darkTouch.py
149 lines (139 loc) · 8.25 KB
/
darkTouch.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
#!/usr/bin/python
#
# website structure fingerprinting ...the dirty way
# thanks to baltazar/adminfinder for inspiration
#
# low1z // www.darkc0de.com
import urllib2, sys, httplib, threading, sets, socket, time, re
site = sys.argv[1].replace("http://","").split("/",1)[0]
timeout = 2
socket.setdefaulttimeout(timeout)
threads = []
numthreads = 8
extensions = ['php','asp','aspx','cfm','html','htm']
tmptable = []
found = []
final = []
collected = []
ldm = 'apr-24-09'
version = '0.2'
fuzztable = ['index', 'Index', 'About', 'view', 'access', 'account', 'act_hit', 'activate', 'adclick',
'add_channel', 'addfeed', 'addtestimonial', 'adentry', 'ad_link', 'admin', 'admin_upload', 'adn_count',
'adverclick', 'affi', 'afgb', 'afi', 'agt', 'album', 'albums', 'animation', 'annonces-add', 'announce_detail',
'announcement_content', 'apply', 'apricot', 'ARead', 'art', 'art_desc', 'article', 'article2', 'article_detail_parse',
'ArticleInfo', 'article_read', 'Article_Show', 'article_show_full', 'article_view', 'ArticleView', 'author',
'author_album', 'author_price', 'base', 'basket', 'batch', 'bbs', 'bbs_detail', 'bencandy', 'billboard01', 'b_link',
'blog', 'blogdetails', 'blog-entry', 'bloggermeet', 'blog_groups', 'blogind', 'blog_show', 'blog_story', 'board',
'board1', 'board_detail', 'book', 'bookmark', 'Books', 'browse', 'browse_image', 'BusinessReport',
'button', 'camp_detail', 'candidatedetails', 'cardshow', 'catalog', 'categories', 'category', 'cfidata', 'channel',
'Checkout', 'checkout_shipping', 'clanek_ukaz', 'clap', 'class_04', 'click', 'clickin', 'clickprod', 'CollectionList',
'collegeprice', 'columns', 'comeoncool', 'comment', 'comments', 'Community', 'company', 'company_search', 'contact',
'content', 'Content', 'content_new', 'contestant', 'control', 'coolfreelist', 'countblogstar', 'counter',
'examine_list', 'external', 'ExtLink', 'faculty_profile', 'fair_homepage', 'faq', 'features_show2a', 'file', 'files',
'films', 'form', 'formular', 'forum', 'forumdisplay', 'forumhome', 'forummessage', 'forum_messageDetail', 'forum_posts',
'forum_sub_posts', 'frame', 'fullstory', 'gbook', 'get', 'getInPageTarget', 'GetRelease',
'gocity', 'goodh', 'goods_comment', 'goout', 'goto', 'goto_freetel', 'gp_nl', 'graduate', 'group_page', 'group_topic',
'guest', 'guestbook', 'guestbook_new', 'GuestMagBN', 'heihei', 'help', 'hitlink', 'home', 'hrbclick', 'iboard',
'idevaffiliate', 'iframe', 'Image', 'img', 'include', 'index1', 'index2', 'index4', 'index_fo',
'indexmain', 'indexnew', 'index_u', 'Individual', 'info', 'infoadd', 'infopage', 'infoshow2', 'insert_post',
'institutiondetail', 'international', 'into', 'invitation', 'inviteshow', 'isomil_valentine2_detail', 'item',
'item_detail', 'item_groups', 'j140s', 'Job', '_jobposting', 'jobs', 'join',
'newsmain', 'news_show', 'news_view', 'newthread', 'noscript', 'noticedet', 'notify', 'ocean-tracking', 'ocitview',
'offices-ser_news', 'OpenAd', 'optionmmi', 'original_index', 'out', 'page', 'pages',
'page-sanmin2', 'pageShw', 'parking', 'partydetails', 'permalink', 'PersonalSpace', 'plan', 'play', 'Play', 'player',
'pleasure', 'plugin', 'plugins', 'point', 'poll', 'pollbooth',
'pollsshow', 'post', 'postcard', 'posting', 'price', 'PriceList', 'print',
'pro_def', 'product', 'product_detail', 'ProductDetails', 'product_info', 'products', 'profile',
'profilesdetail', 'programimglist', 'projectdetails', 'projects', 'providepassword', 'psview',
'publicrelationView', 'publisher_titles', 'pub-stats', 'qk_qklx', 'qoblog', 'quickadd', 'quotations', 'rank', 'ranking',
'ranklink', 'read', 'readarticle', 'ReadNews', 'read_user', 'recruit', 'redir', 'redirect',
'regdom', 'regist', 'register', 'report_get', 'req', 'RequestQuote', 'Results', 'ribbon_link', 'rin', 'rsd', 'rss',
'rssFeed_it', 'rwcomments', 'sch', 'schedule', 'scielo', 'search', 'Search', 'search2',
'search_form', 'searchpicsnap', 'searchresults', 'selectintro', 'select_tokucho', 'sendemail', 'sendmessage', 'serve',
'shop', 'shop_fair', 'shopper_new', 'shopping_cart', 'show', 'ShowArtiChannel', 'showarticle',
'showblog', 'showcard', 'showclass', 'showhistory', 'show_miniworld', 'shownews', 'showNews', 'ShowNewsDetail',
'show_oc', 'showpage', 'show_photo', 'showpkn', 'showpost', 'showprofile', 'showquestion', 'showsp', 'showstats',
'showthread', 'showtrackback', 'show_want', 'signup', 'single', 'site', 'sitecome', 'smsmain',
'snapshots', 'soft_detail', 'sondages', 'sort', 'source', 'space', 'spacecp', 'special', 'specials',
'spip', 'spurl', 'start', 'stat', 'statistics', 'statistik', 'stats', 'sub', 'subcate_list', 'subforum',
'submit', 'subscribe', 'subscription', 'support', 'survey', 'tags', 'takeinfo_more', 'tana', 'task', 'tbh_sub',
'tblogread', 'tchinfo', 'teacher', 'tech_details', 'tenders', 'terms', 'T_examinat', 'thread', 'thumbnails', 'tier',
'top', 'topic', 'topicdetail', 'topics', 'topsites', 'tradeinfo', 'training', 'transfer', 'trip_detail',
'trpSupport', 'tr_set', 'tryout_item', 'two', 'type', 'Type', 'ucp', 'user',
'User', 'userblog', 'userinfo', 'user_profile', 'user_register', 'usersettings',
'user_view', 'vanessa_video', 'vbimghost', 'video', 'videoByTag', 'videos', 'View', 'viewad',
'viewall', 'view_all_gallery', 'view_clip', 'viewdoc', 'viewEvent', 'viewfaculty',
'viewforum', 'viewinfo', 'view_inside', 'ViewItem', 'viewmessage', 'viewnews', 'view_news', 'ViewNews', 'viewphotos',
'viewpro', 'viewscat', 'viewstory', 'viewthread', 'viewtop', 'viewtopic', 'viewuser', 'view_video', 'viewwz',
'VIP_showLawyer_article', 'visit', 'vote', 'votealbum', 'voteArticle', 'wall', 'webarticle', 'webarticle2', 'webboard',
'webcounter', 'websearch', 'weekend_news_detail', 'welcome', 'wenji', 'whoischeck', 'worldwide', 'wp-login',
'wp-profile1', 'xiti', 'zoom']
def pContent(url):
try:
request_web = urllib2.Request(url);agent = 'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.6)'
request_web.add_header('User-Agent', agent);opener_web = urllib2.build_opener()
text = opener_web.open(request_web).read();strreg = re.compile('(?<=href=")(.*?)(?=")')
names = strreg.findall(text);opener_web.close()
for name in names:
if site in name or '=' in name or name.startswith('/'):
global collected
collected.append(name)
elif site in name and EXT in name:
collected.append(name)
elif 'http://' in name:
collected.append(name)
except:
pass
def Fuzz(entry):
try:
entry = "/" + entry
connection = httplib.HTTPConnection(site)
connection.request("GET",entry)
response = connection.getresponse()
if response.status == 200:
str = 'http://'+site+entry
print "Found : %s " % (str)
found.append(str)
else:
pass
except(KeyboardInterrupt,SystemExit):
raise
except:
pass
cnt = 1
print " _ _ _____ _ "
print " _| |___ ___| |_|_ _|___ _ _ ___| |_ author : low1z"
print "| . | .'| _| '_| | | | . | | | _| | date :",ldm
print "|___|__,|_| |_,_| |_| |___|___|___|_|_| version :",version
print "\n Website Structure Fingerprinting *beta*"
print "- keep in mind, we only collect = links here -\n"
for val in extensions: print cnt,":", val;cnt += 1
EXTnr = raw_input('\nChoose Server FileExtension [1-5]:')
EXT = extensions[int(EXTnr)-1]
for entry in fuzztable:
tmptable.append(entry+'.'+EXT)
print "\n>> Fuzzing for ."+EXT+" Files....\n"
for entry in tmptable: Fuzz(entry)
for entry in found: pContent(entry)
for entry in collected:
if entry.startswith('/') and EXT in entry and '=' in entry:
final.append('http://'+site+entry)
elif entry.startswith('http://') and site in entry and EXT in entry:
final.append(entry)
else:
pass
if len(final) > 2:
final.sort();lastEntry = final[-1]
for e in range(len(final)-2, -1, -1):
try:
LE = lastEntry.split('?')
fURLS = final[e].split('?')
if LE[0] == fURLS[0]:
del final[e]
else:
lastEntry = final[e]
except(IndexError):
pass
print "\n>> Found :", len(final), "Strings\n"
for entry in final:
print entry