Security
Headlines
HeadlinesLatestCVEs

Headline

Helper 0.1

Helper is an enumerator written in PHP that helps identify directories on webservers that could be targets for things like cross site scripting, local file inclusion, remote shell upload, and remote SQL injection vulnerabilities.

Packet Storm
#sql#xss#vulnerability#web#ios#php#xpath#pdf#auth
_____________________________________________*###########################################**#      Penetration Testing Tool           #**#           *19/10/2024*                  #**# Author: Emiliano Febbi                  #**# Site: http://nullsite.altervista.org    #**#            PHP code                     #**###########################################*[code] #Helper v0.1<html><head><title>#-Helper</title><style> ul.nav {      width:250px;           margin:0;        padding:0;       } ul.nav li{  list-style:none;          } ul.nav a{        display:block;  text-decoration:none;       background:#333;            color:#FFF;         margin:.1em 0;                  padding:.2em .5em;            }  ul.nav a:hover,          a:focus,     a:active{     background:#FFF;        color:#333;       border:.1em solid #000;      }   </style></head><body><font color="white"><body bgcolor="black"><body link="white"><body vlink="white"><center><pre> _     _ _______         _____  _______  ______ |_____| |______ |      |_____] |______ |_____/ |     | |______ |_____ |       |______ |    \_******************************************** Name Software: Helper v0.1              ** Simple Pentesting tool at release v0.1. ** Allowed http && https protocols.        ** Code By Emiliano Febbi - #2024          ** My site: http://nullsite.altervista.org ********************************************</pre><form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">#insert URL:<br><input type="text" name="site" value="https://www.victime.com/"><br><input type="submit" value="load"><br><?phpif($_POST['site']) {                            $victime = $_POST['site']; $for_print = htmlspecialchars("$victime", ENT_QUOTES);print "<br><b>[site loaded]: -></b> <font color='red'>$for_print</font>";print "<br>......................................................................................................................................................................................................................................................................................................................................................................................................<br>";print "<font color='red'><b>-> WebServer info <-</b></font><br>";                     print_r(get_headers($victime));print "<br>......................................................................................................................................................................................................................................................................................................................................................................................................<br>";   $victime_pars = str_replace( '/', '/', $victime);print "<br><font color='red'><b>-> Mini-Fuzzer <-</b></font><font color='lime'> Found:</font><br>";/*Mini-Fuzzer*//*####################################################################################################################*/$urlContent = file_get_contents("$victime_pars");    $dom = new DOMDocument();@$dom->loadHTML($urlContent); $xpath = new DOMXPath($dom);$hrefs = $xpath->evaluate("/html/body//a");for($i = 0; $i < $hrefs->length; $i++){              $href = $hrefs->item($i);    $url = $href->getAttribute('href');    $url = filter_var($url, FILTER_SANITIZE_URL);    // validate url    if(!filter_var($url, FILTER_VALIDATE_URL) === false){        echo ' <ul class="nav"><li><a href="'.$url.'">'.$url.'</a></li></ul><br />';    }}/*####################################################################################################################*/          print "<br>......................................................................................................................................................................................................................................................................................................................................................................................................";/*#robots.txt finder*//*####################################################################################################################*/if (false!==file("$victime_pars/robots.txt")) echo "<center><font color='lime'>Found:</font> robots.txt</font>";          else echo "<center><font color='red'>Missing:</font> robots.txt";         /*####################################################################################################################*/           print "<font color='white'><br>......................................................................................................................................................................................................................................................................................................................................................................................................</font><br>";           print "<br><font color='red'><b>-> Admin Pages Scanner <- </b>(#general)</font>";$listing = array("login.php","login/login.php","login/admin.php","login/index.php","admin/admin.php","admin/login.php","admin/index.php","admins.php","admins/login.php","admins/","admins/admin.php","admins/index.php","admins/menu.php","admin1/","admin2/","admin3/","admin4/","admin5/","usuarios/","usuario/","administrator/","moderator/","webadmin/","adminarea/","bb-admin/","adminLogin/","admin_area/","panel-administracion/","instadmin/","memberadmin/","administratorlogin/","adm/","admin/account.php","admin/account.php","admin_area/admin.php","admin_area/login.php","siteadmin/login.php","siteadmin/index.php","siteadmin/login.html","admin/account.html","admin/index.html","admin/login.html","admin/admin.html","admin_area/index.php","bb-admin/index.php","bb-admin/login.php","bb-admin/admin.php","admin/home.php","admin_area/login.html","admin_area/index.html","admin/controlpanel.php","admin.php","admincp/index.asp","admincp/login.asp","admincp/index.html","admin/account.html","adminpanel.html","webadmin.html","webadmin/index.html","webadmin/admin.html","webadmin/login.html","admin/admin_login.html","admin_login.html","panel-administracion/login.html","admin/cp.php","cp.php","administrator/index.php","administrator/login.php","nsw/admin/login.php","webadmin/login.php","admin/admin_login.php","admin_login.php","administrator/account.php","administrator.php","admin_area/admin.html","pages/admin/admin-login.php","admin/admin-login.php","admin-login.php","bb-admin/index.html","bb-admin/login.html","acceso.php","bb-admin/admin.html","admin/home.html","login.php","modelsearch/login.php","moderator.php","moderator/login.php","moderator/admin.php","account.php","pages/admin/admin-login.html","admin/admin-login.html","admin-login.html","controlpanel.php","admincontrol.php","admin/adminLogin.html","adminLogin.html","admin/adminLogin.html","rcjakar/admin/login.php","adminarea/index.html","adminarea/admin.html","webadmin.php","webadmin/index.php","webadmin/admin.php","admin/controlpanel.html","admin.html","admin/cp.html","cp.html","adminpanel.php","moderator.html","administrator/index.html","administrator/login.html","user.html","administrator/account.html","administrator.html","login.html","modelsearch/login.html","moderator/login.html","adminarea/login.html","panel-administracion/index.html","panel-administracion/admin.html","modelsearch/index.html","modelsearch/admin.html","admincontrol/login.html","adm/index.html","adm.html","moderator/admin.html","user.php","account.html","controlpanel.html","admincontrol.html","panel-administracion/login.php","wp-login.php","adminLogin.php","admin/adminLogin.php","adminarea/index.php","adminarea/admin.php","adminarea/login.php","panel-administracion/index.php","panel-administracion/admin.php","modelsearch/index.php","modelsearch/admin.php","admincontrol/login.php","adm/admloginuser.php","admloginuser.php","admin2.php","admin2/login.php","admin2/index.php","usuarios/login.php","adm/index.php","adm.php","adm_auth.php","memberadmin.php","administratorlogin.php","account.asp","admin/account.asp","admin/index.asp","admin/login.asp","admin/admin.asp","admin_area/admin.asp","admin_area/login.asp","admin/account.html","admin/index.html","admin/login.html","admin/admin.html","admin_area/admin.html","admin_area/login.html","admin_area/index.html","admin_area/index.asp","bb-admin/index.asp","bb-admin/login.asp","bb-admin/admin.asp","bb-admin/index.html","bb-admin/login.html","bb-admin/admin.html","admin/home.html","admin/controlpanel.html","admin.html","admin/cp.html","cp.html","administrator/index.html","administrator/login.html","administrator/account.html","administrator.html","login.html","modelsearch/login.html","moderator.html","moderator/login.html","moderator/admin.html","account.html","controlpanel.html","admincontrol.html","admin_login.html","panel-administracion/login.html","admin/home.asp","admin/controlpanel.asp","admin.asp","pages/admin/admin-login.asp","admin/admin-login.asp","admin-login.asp","admin/cp.asp","cp.asp","administrator/account.asp","administrator.asp","acceso.asp","login.asp","admin/","login/","panel/","cp/","dashboard/","reserved/","admin_login","log-in/","admin_login.php","panel.php","dashboard.php","dashboard/index.php","account/","/account/login.php","adm.php","adm/","admin/menu.php","manager/","manager/login.php","manager/admin.php","manager/index.php","cms/login.php","cms/admin.php","news/login.php","news/admin.php","news/menu.php","editor/","editor/login.php","editor/admin.php","editor/index.php","panel/menu.php","panel/login.php","panel/admin.php","access.php","access/","access/login.php","access/admin.php","panel/index.php","adm/adm.php","adm/admin.php","adm/index.php","adm/login.php","account/admin.php","back/login.php","menu/","menu/login.php","menu/admin.php","administrator/login.php","administrator/admin.php","administrator/index.php","administer/login.php","administer/","cp/login.php","cp/","cp.php","cp/admin.php","panel/index.php","panel/login.php","reserved/login.php","reserved/index.php","panel/panel.php","panel/cp.php","cp/panel.php","signin.php","signin/","sign-in.php","sign-in/","admin/menu.php","admin/page.php","admin_page.php","admin-page.php","staff/","staff/login.php","staff/admin.php","adminpanel.php","admin-panel.php","admin_panel.php","admin_panel/","admin-panel/",              );foreach($listing as $listingg) {/*#Admin pages scanner*//*####################################################################################################################*/   if (false!==file("$victime_pars$listingg")) echo "<center><font color='lime'>Found:</font><div style='background-color: red; color: white;'><a href='$victime_pars$listingg'>$listingg</a></div></center>";                                                                                                         else echo "";     /*####################################################################################################################*/};print "<font color='white'><br>......................................................................................................................................................................................................................................................................................................................................................................................................<br></font>";print "<br><font color='red'><b>-> Admin Pages Scanner <- </b>(#ITA)</font><br>";/*#ITA*/$listing_ita = array("amministrazione/","gestione/","areariservata/","pannello/","area_riservata/","amministra/","gest/","area-riservata","amministrazione.php","gestione.php","areariservata.php","pannello.php","area_riservata.php","amministra.php","gest.php","area-riservata.php",);foreach($listing_ita as $listing_itaa) {/*#Ita Admin pages scanner*//*####################################################################################################################*/   if (false!==file("$victime_pars$listing_itaa")) echo "<center><font color='lime'>Found:</font><div style='background-color: red; color: white;'><a href='$victime_pars$listing_itaa'>$listing_itaa</a></div></center>";                                                                                                                 else echo "";     /*####################################################################################################################*/};;print "<font color='white'><br>......................................................................................................................................................................................................................................................................................................................................................................................................<br></font>";print "<br><font color='red'><b>-> UPLOAD Pages Scanner <-</b></font><br>";$listing_upload = array("upload.php","uploads.php","upload/","upload/upload.php","upload/index.php","upload/uploads.php","upload/index.php","upload/file.php","upload/files.php","upload/admin.php","upload/login.php","uploads/","uploads/upload.php","uploads/index.php","uploads/uploads.php","uploads/index.php","uploads/file.php","uploads/files.php","uploads/admin.php","uploads/login.php","pdf/upload.php","pdf/uploads.php","files/upload.php","file/upload.php","file/uploads.php","files/upload.php","images/upload.php","images/uploads.php","img/upload.php","img/uploads.php","admin/upload.php","admin/uploads.php","document/upload.php","documents/upload.php","documents/uploads.php","document/uploads.php","upload/pdf.php","uploads/pdf.php","upload/document.php","upload/documents.php","uploads/document.php","uploads/documents.php",);foreach($listing_upload as $listing_uploadd) {/*#File Upload testing*//*####################################################################################################################*/   if (false!==file("$victime_pars$listing_uploadd")) echo "<center><font color='lime'>Found:</font><div style='background-color: red; color: white;'><a href='$victime_pars$listing_uploadd'>$listing_uploadd</a></div></center>";                                                                                                                       else echo "";     /*####################################################################################################################*/};;;;print "<font color='white'><br>......................................................................................................................................................................................................................................................................................................................................................................................................<br></font>";$listing_applications = array("forum/","forum/index.php","forum/forum.php","forum/topic.php","forum/post.php","forum/page.php","forum.php","forum_post.php","forum_topic.php","forum/view_topic.php","forums.php","forums/","guestbook/","guestbook/login.php","guestbook/index.php","guestbook.php","gb/guestbook.php","guest_book.php","gb/","guestbook/post.php","guestbook/comments.php","blog/","blog/article.php","blog/post.php","blog/comments.php","blog.php","blog/blog.php","blog/index.php","blog/login.php","board.php","board/board.php","board/forum.php","forum/board.php","board/","board/index.php","thread.php","forum/thread.php","new_thread.php","forum/new_thread.php",);print "<br><font color='red'><b>-> Dynamic applications Scanner <-</b></font><br>";foreach($listing_applications as $listing_apps) {/*#Applications finder*//*####################################################################################################################*/   if (false!==file("$victime_pars$listing_apps")) echo "<center><font color='lime'>Found:</font><div style='background-color: red; color: white;'><a href='$victime_pars$listing_apps'>$listing_apps</a></div></center>";                                                                                                                 else echo "";     /*####################################################################################################################*/};print "<font color='white'><br>......................................................................................................................................................................................................................................................................................................................................................................................................<br></font>";echo "<br><font color='red'><b>-> E-mails finder <-</b></font><br>";$textt=file_get_contents("$victime");$res = preg_match_all("/[a-z0-9]+[_a-z0-9\.-]*[a-z0-9]+@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})/i",$textt,$matches);if ($res) {foreach(array_unique($matches[0]) as $email) {echo "<font color='lime'>Found:</font><div style='background-color: lime; color: white;'>";echo $email . "<br />";echo "</div>";}}else {echo "<font color='white'>No emails found.</font>";}print "<font color='white'><br>......................................................................................................................................................................................................................................................................................................................................................................................................<br></font>";print "<font color='red'><b>-> ModSecurity check <-</b></font><br>";/*#ModSecurity testing*/$XSS = "XSS.php?id=<script>alert(1);</script>";$sqli = "Sqli.php?id=1+union+select+";$LFI = "LFI.php?id=../../../../../../../../../../../../etc/passwd";print "<center><font color='lime'>check1:</font><br>";function get_http_response_code($victime) {  $headers = get_headers("$victime$XSS");        return substr($headers[0], 9, 3); }$get_http_response_code = get_http_response_code("$victime$XSS");      if ( $get_http_response_code == 404 ) {  echo "<div style='background-color: lime; color: white;'>XSS protection: OFF</div>";} elseif ( $get_http_response_code == 403 ) {   echo "<div style='background-color: red; color: white;'>XSS protection: ON</div>";}print "<center><font color='lime'>check2:</font><br>";function get_http_response_codee($victime) {  $headers = get_headers("$victime$sqli");         return substr($headers[0], 9, 3); }$get_http_response_codee = get_http_response_code("$victime$sqli");      if ( $get_http_response_codee == 404 ) {  echo "<div style='background-color: lime; color: white;'>SQL injection protection: OFF</div>";} elseif ( $get_http_response_codee == 403 ) {    echo "<div style='background-color: red; color: white;'>SQL injection protection: ON</div>";}print "<center><font color='lime'>check3:</font><br>";function get_http_response_codeee($victime) {  $headers = get_headers("$victime$LFI");        return substr($headers[0], 9, 3); }$get_http_response_codeee = get_http_response_code("$victime$LFI");      if ( $get_http_response_codeee == 404 ) {  echo "<div style='background-color: lime; color: white;'>LFI protection: OFF</div>";} elseif ( $get_http_response_codeee == 403 ) {    echo "<div style='background-color: red; color: white;'>LFI protection: ON</div>";}print "<font color='white'><br>......................................................................................................................................................................................................................................................................................................................................................................................................<br></font>";print "<a href='http://nullsite.altervista.org'>~Visit My Site</a><font color='white'> - Developed By Emiliano Febbi #2024</font>";};;;?></center></font></body></html>[/code]

Packet Storm: Latest News

Ivanti EPM Agent Portal Command Execution