..we are going to create a new app for the hacksuite. We're not going to do anything fancy here, we will make a simple app to get familiar how to write compatible scripts for the..
AntiFTP uses wordlists in order to bruteforce FTP user accounts
<?php
/* Searches for browsable directories */
if(!defined("IN_SCRIPT")){
exit;
}
include_once($_PATHS['functions_root']."/simple_html_dom.php");
echo Screen("<br />\n<b>Searching browsable directories...</b><blockquote>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
// we want robots.txt, but we won't have to get it if we already did
if(!isset($_CONTEXT['browsedirs'])){
// let's get the file
$ch = curl_init();
$sTarget = $sHost."/robots.txt";
curl_setopt($ch, CURLOPT_URL, $sTarget);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101506 Ubuntu/10.04 (lucid) Firefox/3.6.13 GTB7.1');
$sResult = @curl_exec($ch);
$iHTTP = @curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if($iHTTP==200){
$_CONTEXT['browsedirs'] = $sResult;
}
}
$_CONTEXT['checkdirs'] = array();
// do we have the file content now?
if(isset($_CONTEXT['browsedirs'])){
preg_match_all("/Disallow: ([^\r\n]*)/",$_CONTEXT['browsedirs'],$aResult,PREG_SET_ORDER);
for($y=0;$y<count($aResult);$y++){
// extract dirs
if(strpos($aResult[$y][1],"?")===false && strpos($aResult[$y][1],".")===false){
$_CONTEXT['checkdirs'][] = str_replace("//","/",$sHost."/".$aResult[$y][1]);
}
}
}
$_CONTEXT['parsehtml2'] = array();
$oHTML = file_get_html($sHost);
// images
foreach($oHTML->find('img') as $oImages){
$_CONTEXT['parsehtml2'][] = $oImages->src;
}
// iframes
foreach($oHTML->find('iframe') as $oIframes){
$_CONTEXT['parsehtml2'][] = $oIframes->src;
}
// embeds
foreach($oHTML->find('embed') as $oEmbed){
$_CONTEXT['parsehtml2'][] = $oEmbed->src;
}
// scripts
foreach($oHTML->find('script') as $oScript){
$_CONTEXT['parsehtml2'][] = $oScript->src;
}
// links
foreach($oHTML->find('a') as $oHref){
$_CONTEXT['parsehtml2'][] = $oHref->href;
}
// parse all files
for($y=0;$y<count($_CONTEXT['parsehtml2']);$y++){
// absolute path
$aUrl = parse_url($_CONTEXT['parsehtml2'][$y]);
// is it the same host?
if(isset($aUrl['host']) && "http://".$aUrl['host']!=$sHost){
// nope, we're only interested in folders on this host
continue;
}
if(substr($_CONTEXT['parsehtml2'][$y],0,6)!="http://"){
$_CONTEXT['parsehtml2'][$y] = $sHost.($_CONTEXT['parsehtml2'][$y][0]=="/" ? "" : "/").$_CONTEXT['parsehtml2'][$y];
}
if($_CONTEXT['parsehtml2'][$y]==$sHost){
continue;
}
// does it have a path?
$iPath = @strlen($aUrl['path']);
if(!isset($aUrl['path']) || $iPath==1){
// nope, we're interested in folders only
continue;
}
// does it have a directory?
if(0==($iPos = strrpos($aUrl['path'],"/"))){
if(strpos($aUrl['path'],".")>0 || strpos($aUrl['path'],"?")>0){
continue;
}
// single directory
$_CONTEXT['checkdirs'][] = $sHost.$aUrl['path'];
}
else{
$_CONTEXT['checkdirs'][] = $sHost.substr($aUrl['path'],0,$iPos);
}
}
$_CONTEXT['checkdirs'] = array_unique($_CONTEXT['checkdirs']);
$_CONTEXT['checkdirs'] = array_values($_CONTEXT['checkdirs']);
$iBrowsable = 0;
for($y=0;$y<count($_CONTEXT['checkdirs']);$y++){
$bResult = false;
$iLen = strlen($_CONTEXT['checkdirs'][$y]);
$_CONTEXT['checkdirs'][$y] = ($_CONTEXT['checkdirs'][$y][$iLen-1]=="/" ? substr($_CONTEXT['checkdirs'][$y],0,-1) : $_CONTEXT['checkdirs'][$y]);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $_CONTEXT['checkdirs'][$y]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101506 Ubuntu/10.04 (lucid) Firefox/3.6.13 GTB7.1');
$sResult = @curl_exec($ch);
curl_close($ch);
$aFolder = explode("/",$_CONTEXT['checkdirs'][$y]);
$sFolder = "/".$aFolder[count($aFolder)-1];
$bResult = (strpos($sResult,"<title>Index of ".$sFolder."</title>")!=0 ? true : false);
if($bResult){
$iBrowsable++;
echo Screen("Folder: <a href=\"".$_CONTEXT['checkdirs'][$y]."\" target=\"blank\">".$sFolder."</a> > <b id=h6>BROWSABLE</b><br />\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
}
else{
echo Screen("Folder: ".$sFolder." > <b id=h7>NOT BROWSABLE</b><br />\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
}
flush();
ob_flush();
}
echo Screen("<br />\n<b>Found ".count($_CONTEXT['checkdirs'])." directories of which ".$iBrowsable." is/are browsable</b>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
echo Screen("</blockquote>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
flush();
ob_flush();
?>