网站后台扫描

#coding=utf-8

import urllib2
import sys
import getopt

def urlcheck(url, path, ext):
    ext = '.' + ext
    req = urllib2.Request(url+path+ext)

    try:
        fp = urllib2.urlopen(req)
    except urllib2.URLError:
        pass
        return (False,0)
    else:
        return (True,url+path+ext)

def usage():
    print "[!]Usage  :%s -u <url> -e <extend>" % sys.argv[0]
    print "[!]Example:%s -u http://www.google.com/ -e asp" %sys.argv[0]
    raise SystemExit

def main():
    _path_list=("admin","admin/admin","admin/index","admin/login","login","login/admin","login/index","ad_login","ad_manage","addmember","adduser","adm_login","admin/manage","admin_admin","admin_edit","admin_index","admin_login","admin_main","admin_pass","admin_user","adminadduser","adminlogin","adminuser","chkadmin","login/manage","login/manager","user/admin","usr/admin","user/index","usr/index","manage","manage/admin","manage,login","manage/index","manager","manager/login","manager/index","manager/admin","administrator","administrator/login","guanli")
    opts,args = getopt.getopt(sys.argv[1:],'e:u:')
    for o,a in opts:
        if o == '-u':
            url = a
        if o == '-e':
            ext = a
        _result = []
    print
    for path in _path_list:
                   ck = urlcheck(url, path, ext)
                   print "[+] Trying %s" % (url+path+'.'+ext)
                   if ck[0]:
                            _result.append(ck[1])
    print "[!] Done\n"
    print "===================================================================="
    print "[!] The adminpath maybe following items:\n"
    for index,result in enumerate(_result):
              print "%2d: %s" %(index+1,result)
    print

if __name__ == "__main__":
     main()