Path checker.
Video:
- Código:
<?php
/*
* Path checker by n4sss
* Need pcntl_fork to work,
*
* Use:
*
* php checker.php site_list path_file log thread
* Url format -> http://site.com/
*
* Wp vulnerable path example
* ------------------------------------------
* cat path_file.txt
*
* /wp-content/themes/rockstar-theme/functions/
* /wp-content/themes/kernel-theme/functions/
* /wp-content/themes/bordeaux-theme/functions/
* /wp-content/themes/bulteno-theme/functions/
* /wp-content/themes/oxygen-theme/functions/
* /wp-content/themes/radial-theme/functions/
* /wp-content/themes/rayoflight-theme/functions/
* /wp-content/themes/reganto-theme/functions/
* /wp-content/themes/curvo/functions/
*
* ----------------------------------------------
*
* Admin panel example -> /admin/ /admin_cp/ /intranet/
*
*
* Thanks -> MMXM_ , xzadx
* Janissaries Team
*
* */
set_time_limit(0);
error_reporting(0);
function save_content($file, $ct){
$fp = fopen($file, "a");
fwrite($fp, $ct."\n");
fclose($fp);
}
function str_replace_last( $search , $replace , $str ) {
if( ( $pos = strrpos( $str , $search ) ) !== false ) {
$search_length = strlen( $search );
$str = substr_replace( $str , $replace , $pos , $search_length );
}
return $str;
}
function connect($site){
global $paths,$log;
$site = str_replace("http://", "", str_replace_last("/", "", $site));
foreach($paths as $path_id => $path){
$fp = fsockopen($site, 80);
$out = "GET $path HTTP/1.1\r\n";
$out .= "Host: $site\r\n";
$out .= "Connection: Close\r\n\r\n";
fwrite($fp, $out);
$content = fgets($fp);
$parse = substr($content,9,3);
if($parse == 200){
print " [200] {$site}{$path} \n";
save_content($log, "http://{$site}{$path}");
}
}
}
function main($list, $threadsn){
$out = 0;
$thr = $threadsn;
$ini = 0;
$fin = $thr - 1;
while(1){
$childs = array();
for ($count = $ini; $count <= $fin; $count++){
if(empty($list[$count])){
$out = 1;
continue;
}
$pid = pcntl_fork();
if ( $pid == -1 ) {
echo "Fork error\n";
exit(1);
} else if ($pid) {
array_push($childs, $pid);
} else {
$n = $count+1;
print "Checking -> {$list[$count]}\n";
connect($list[$count]);
exit(0);
}
}
foreach($childs as $key => $pid){
pcntl_waitpid($pid, $status);
}
if($out == 1){
return;
}
$ini = $fin + 1;
$fin = $fin + $thr;
}
}
if(!isset($argv[1], $argv[2], $argv[3], $argv[4])){
print "Path Checker\n";
print "By n4sss\n";
print "php $argv[0] site_list path_file log thread\n";
print "Janissaries.org\n";
exit(0);
}else{
if(!function_exists("pcntl_fork")) die("[-] error with pcntl_fork");
$wp_list = array_filter(explode("\n", file_get_contents("$argv[1]")));
$paths = array_filter(explode("\n", file_get_contents("$argv[2]")));
$log = trim("$argv[3]");
$thread = trim("$argv[4]");
print "--=--=--=--=--=--=--=--=--=--=--=--=\n";
print "[] Checking paths with 200 status (:\n";
print "[] Wait!\n";
print "--=--=--=--=--=--=--=--=--=--=--=--=\n";
main($wp_list, $thread);
}
?>
Video: