Hello There, Guest! Login Register
Logo
Dismiss this notice
MaDLeeTs is not responsible for any attacks that are carried out on networks, websites or servers.
MaDLeeTs staff members cannot be held responsible.
All information on this forum is for educational purposes only.


Kyuubi R-admin Buster [Python]

  • 1 Vote(s) - 5 Average


06-24-2014, 07:33 PM #1
VIRkid Offline MadLeets Vip ******
V.I.P
Posts:62 Threads:9 Joined:Oct 2013 Reputation: 9
Mood: Blessed
Salam MaDs,
This is a small BUT powerful reverse IP admin finder c0ded by yours truly :p
It takes an IP address of a website ,Takes list of domains on same server from youget and then does admin panel search on the list. Smiley1

FEATURES:
  • proxy support
  • custom timeout setting
  • Multi-thread
  • Found admin logged to txt
  • list of domains stored in txt

SCREENSHOTS:
(Sample) Launch
[Image: 6xsxsx.png]

In Action
[Image: 23mrl1j.jpg]

the script has a small (VERY SMALL) list of admins paths ,If u want to include more . you can edit this line ..
[Image: 6omow6.jpg]
Took me a lot of time n effort to write this small script (noob) , Hope you like it Smiley1

ali ahmady, pHaNtOm_X,ch3rn0by1
Code:
#StaY MaD
#Reverse IP Mass Admin finder
#Kyubi referrence : #http://img1.wikia.nocookie.net/__cb20120730083419/powerlisting/images/1/1a/Kyuubi-fire-chakra.jpg
#http://naruto.wikia.com/wiki/Kurama
#Have fun     :::: MaDLeeTs.com ::::
import urllib2,urllib,socket,argparse,sys,os,threading,Queue,re,httplib

#list of admins , Extend it if you want more results results

getx=['/admin/','/administrator/','/admin-cp/','/webways-admin/','/admin_login/']

found=[]
#Queue

q=Queue.Queue()

#parser
parser=argparse.ArgumentParser(__file__,description="Reverse IP admin finder ./VIRkid @MaDLeeTs")
parser.add_argument("--timeout","-t", help="Custom connection timeout",type=float,default=2.0)
parser.add_argument("--target","-u", help="Specify the target URL/IP")
parser.add_argument("--proxy","-p",help="Proxy e.g 127.0.0.1:8080 ")
parser.add_argument("--thrd","-w",help="Number of threads",type=int,default=2)
args=parser.parse_args()
#cleaner
if sys.platform == "linux" or sys.platform == "linux2":
    cl = "clear"
else:
    cl="cls"
os.system(cl)
def banner():
    
    print "\t\t*********************************************"
    print "\t\t*                                           *"
    print "\t\t*        Kyuubi R-admin Buster              *"                                      
    print "\t\t*             .:VIRkid:.                    *"
    print "\t\t*       Usage: python script.py -help       *"
    print "\t\t*     ali ahmady , pHaNtOm_X ,Ch3rn0by1     *"
    print "\t\t*********************************************"
banner()

def stormer(q,getx):
    try:
        log=open('sites.txt','w')
        for adm in getx:
            while not q.empty():
                site=q.get(block=True, timeout=2)
            
            
                cn=urllib.urlopen('http://'+site+adm)
                
                if cn.getcode()==404:
                    pass
                else:
                    
                    rsp=cn.read()
                    rx=re.findall('type="Password"',rsp,re.I)
                    
                    
                    
                    
                    if  len(rx) ==1:
                    
                        print '[+] %s'%site+adm
                        
                        
                        found.append(site+adm)
                    else:
                                
                        pass
                
                q.task_done()
                
            
    except(socket.error,IOError,httplib.BadStatusLine):
        pass
    finally:
        for uri in found:
            log.write(uri+'\n')
        log.close()




def killa(nom):
            
    for i in xrange(nom):
        thread=threading.Thread(target=stormer,args=(q,getx,))
        thread.start()
    thread.join()
#target filter
try:
    target=args.target
    if target[-1]=='/':
        target=target.replace(target[-1],"")
        target=target.replace("http://","")
        

    yg=open('list.txt','w')
    target=socket.gethostbyname(target)
    print "\n"+"-"*25
    print 'Target : %s' %target
    print "-"*25
    #proxy
    proxy=args.proxy
    if proxy:
        opener=urllib2.build_opener(
        urllib2.HTTPHandler(),
        urllib2.HTTPSHandler(),
        urllib2.ProxyHandler({'http':'http://'+proxy}))
        urllib2.install_opener(opener)
    #request
    url = "http://domains.yougetsignal.com/domains.php"
    useragent = "Mozilla/5.0 (Windows NT 5.1; rv:24.0) Gecko/20100101 Firefox/24.0"
    postdata = {'remoteAddress':target,'key':''}
    postdata = urllib.urlencode(postdata)
    
    request = urllib2.Request(url, postdata)
    
    request.add_header("User-Agent", useragent)
    
    result = urllib2.urlopen(request)
    
    #reading youget response
    dom=result
    dom=dom.read()
    #filter
    dom=dom.replace("[","").replace("]","").replace("\"\"","").replace(", ,",",").replace("{","").replace("}","").replace(", ",",").replace("'","").        replace(":",",").replace('"','').replace("1","")
    dom=dom
    dom=str(dom)
    #stripper ;)
    dom=dom.split(",",1000000)
    domf=dom[15:]
    l=len(domf)
    l=l-1
    while l:
        if l==-1:
            print "[-]Reverse IP limit reached"
            break
        print "-"*25
        print "[+] Domain list fetch complete \n[+] Domain count : %s"%l
        print "-"*25
        #writer
        with open('list.txt','w') as yg:
            for each in domf:
                yg.write(each+'\n')
        #REverse IP COmplete
        if proxy:
            print "-"*25+'\n'+'Proxy : %s'%proxy+'\n'+"-"*25
        if args.thrd:
            print "-"*25+'\n'+'Threads: %s'%args.thrd+'\n'+"-"*25
        if args.timeout:
            print "-"*25+'\n'+'Timeout: %s Seconds'%args.timeout+'\n'+"-"*25
        #Start of Admin buster
        
        lstx=open('list.txt','r')
        sites=lstx.readlines()
        print"\n"+"-"*25
        print ' Rsp | \tURL'
        print '-'*25
        socket.setdefaulttimeout(args.timeout)
        for each in sites:
            each=each.replace("\n","").replace("\r","")
        
            q.put(each)
        break

    while not q.empty():
        killa(args.thrd)
except TypeError:
    print "[-] NO target specified"
except socket.gaierror:
    print "[-]NOPE WRONG URL"
except KeyboardInterrupt:
    print "[-] Abort signal Detected"
except httplib.BadStatusLine:
    print "[-] Something went wrong try again or let it go"
paste: http://pastebin.com/PsgCj0yp

06-24-2014, 07:37 PM #2
ali ahmady Offline Sheller *****
Respected
Posts:247 Threads:15 Joined:Jun 2013 Reputation: 3
Mood: None
wow dude!!!
works like a charm
congrats
:x
keep up great work

ali ahmady

http://zone-h.org/archive/notifier=ali%20ahmady

[Image: 78445698726923881361.gif]
skype : snip3r_ir[At]hotmail.com
jabber : [email protected]

06-24-2014, 07:40 PM #3
sniffer Offline Bug Researchers **********
Junior Administrator
Posts:878 Threads:126 Joined:Sep 2012 Reputation: 12
Mood: Happy
Nice Share keep it up Smiley1

jabber : [email protected]

06-24-2014, 11:24 PM #4
TR4CK3R Offline MadLeets Vip ******
V.I.P
Posts:451 Threads:76 Joined:Mar 2013 Reputation: 0
Mood: In Love
Awesome Share bro Smiley1 Keep it up <3

[Image: 213qbgp.jpg]


06-25-2014, 03:01 AM #5
cyber killer Offline Hacking is Not A crime ***
TeaM MaDLeeTs
Posts:46 Threads:11 Joined:Mar 2014 Reputation: 3
Mood: Mad
Nice Work Bro

[Image: cyber_killer.png]

[#] Code Name : Cyber Killer
[#] Email : c[email protected]

06-25-2014, 12:05 PM #6
Malik Haxor Offline TeaM MaDLeeTs ***
TeaM MaDLeeTs
Posts:86 Threads:32 Joined:Apr 2014 Reputation: 5
Mood: Happy
How To Use This code

[Image: respected.gif][Image: vr9h11E.png] [Image: jpdRVZA.png]

06-25-2014, 12:39 PM #7
skywalk3r Offline Programmers Of The Mad House ******
Mad Coder's
Posts:121 Threads:28 Joined:Aug 2012 Reputation: 6
Mood: What
good one wink keep it up bro !!

06-25-2014, 07:32 PM #8
VIRkid Offline MadLeets Vip ******
V.I.P
Posts:62 Threads:9 Joined:Oct 2013 Reputation: 9
Mood: Blessed
Thanks Buddies ^_^
FOR USAGE:
see first screenshot launch one
and or more help u can try "python script.py --help "
if u still have issues don't hesitate to contact

07-03-2014, 08:43 PM #9
KaMi HaXor Offline Any Help ContaCt *****
Respected
Posts:508 Threads:264 Joined:Feb 2013 Reputation: 23
Mood: Zombie
Nice Work DUDE | keep It up Smiley1

[Image: un7oYOs.png]
[Image: FL8ZXnw.gif]






Forum Jump:


Users browsing this thread:1 Guest(s)