Questions about programming languages and debugging
l0ngb1t
Fame ! Where are the chicks?!
Posts: 598 Joined: 15 Apr 2009, 16:00
15
Contact:
Post
by l0ngb1t » 08 Mar 2011, 17:03
ok this my first tool that have anything to do with hacking even thou it's kinda silly and you can find like million similar code on the net... however re-inventing the wheel help learning and consolidating our knowledge if we have the will to improve.
so here it is a JAVA command line tool that take the target page as an argument and it test against several known admin pages...
i added just few admin pages just for testing...
Code: Select all
import java.net.*;
import java.io.*;
public class AdminPageFinder {
public static void main(String arg []) {
String _admin_page[] = {"login.asp", "admin.asp", "admin1.php", "admin1.html", "admin2.php", "admin2.html", "yonetim.php"};
String _target = arg[0];
if(!(_target.charAt(_target.length()-1)=='/'))
_target+='/';
for(String _admin : _admin_page)
{
System.out.print("Testing -> " + _admin);
if(exists(_target+_admin)){
System.out.println("\t\tSuccess");
System.out.println("\nAdmin page found -> "+ _target+_admin);
break;}
else
System.out.println("\t\tFailed");
}
}
public static boolean exists(String _page){
try {
HttpURLConnection con =(HttpURLConnection) new URL(_page).openConnection();
con.setRequestMethod("HEAD");
return (con.getResponseCode() == HttpURLConnection.HTTP_OK);
}
catch (Exception e) {
e.printStackTrace();
return false;
}
}
}
/*---__-_-__-____---_-__---__---_----_--_____--_____----__*/
/*******> Coded by l0ngb1t <*******/
/**> From www.suck-o.com <**/
/*******> Mind Over Matter <********/
/*--__-_-___-_-___---___--_-___--____---__-__---___-----__*/
further improvements will be released soon.
There is an UNEQUAL amount of good and bad in most things, the trick is to work out the ratio and act accordingly. "The Jester"
ayu
Staff
Posts: 8109 Joined: 27 Aug 2005, 16:00
18
Contact:
Post
by ayu » 09 Mar 2011, 01:48
Nice work
A good tip is to place all the files/folders (paths) to search for, in a file, and then have it read from there instead
"The best place to hide a tree, is in a forest"
l0ngb1t
Fame ! Where are the chicks?!
Posts: 598 Joined: 15 Apr 2009, 16:00
15
Contact:
Post
by l0ngb1t » 09 Mar 2011, 06:35
Thank you cat, i did what you said, and yes it is much better and it make editing the admin pages more easier
now i add a file named ADMIN_DIR.txt in the same directory, in it the admin pages are set each one on a line
ex:
admin1.html
admin2.html
admin3.asp
this is the tool v1.1
Code: Select all
import java.net.*;
import java.io.*;
public class AdminPageFinder {
public static void main(String arg []) {
String _target = arg[0];
String _admin;
if(!(_target.charAt(_target.length()-1)=='/'))
_target+='/';
try
{
FileInputStream fstream = new FileInputStream("ADMIN_DIR.txt");
DataInputStream inforfile = new DataInputStream(fstream);
BufferedReader filereader = new BufferedReader(new InputStreamReader(inforfile));
while ((_admin = filereader.readLine()) != null)
{
System.out.print("Testing -> " + _admin);
if(exists(_target+_admin)){
System.out.println("\t\tSuccess");
System.out.println("\nAdmin page found -> "+ _target+_admin);
break;}
else
System.out.println("\t\tFailed");
}
inforfile.close();
}
catch (IOException e)
{
System.err.println("Error! could not find ADMIN_DIR.txt or file is empty.");
e.printStackTrace();
}
}
public static boolean exists(String _page){
try {
HttpURLConnection con =(HttpURLConnection) new URL(_page).openConnection();
con.setRequestMethod("HEAD");
return (con.getResponseCode() == HttpURLConnection.HTTP_OK);
}
catch (Exception e) {
e.printStackTrace();
return false;
}
}
}
/*---__-_-__-____---_-__---__---_----_--_____--_____----__*/
/*******> Coded by l0ngb1t <*******/
/**> From www.suck-o.com <**/
/*******> Mind Over Matter <********/
/*--__-_-___-_-___---___--_-___--____---__-__---___-----__*/
and this is snap of the tool working (copy from cmd)
Code: Select all
C:\Users\l0ngb1t\Desktop\programming\javacode>java XXXXXXXXXXX.co.za
Testing -> admin1.php Failed
Testing -> admin1.html Failed
Testing -> admin2.php Failed
Testing -> admin2.html Failed
Testing -> admin.asp Success
Admin page found -> http://www.XXXXXXXXXX.co.za/admin.asp"
Thank you.
There is an UNEQUAL amount of good and bad in most things, the trick is to work out the ratio and act accordingly. "The Jester"
ayu
Staff
Posts: 8109 Joined: 27 Aug 2005, 16:00
18
Contact:
Post
by ayu » 09 Mar 2011, 08:41
Really nicely done man!
Keep up the good work
"The best place to hide a tree, is in a forest"
lykos
Fame ! Where are the chicks?!
Posts: 120 Joined: 12 Dec 2010, 10:59
13
Post
by lykos » 09 Mar 2011, 18:39
Good looking code man
~[Lykos]~