-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathinfo_disclosure.py
124 lines (114 loc) · 3.59 KB
/
info_disclosure.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
import sys
import time
import requests
class info():
def __init__(self):
pass
def get_robots_txt(self, target):
req = requests.get(target+"/robots.txt")
r = req.text
print(r)
def get_dot_git(self, target):
req = requests.get(target+"/.git/")
r = req.status_code
if r == 200:
subprocess.call("wget -r"+target, shell=True)
elif r == 403:
print("Found .git, Forbidden")
else:
print("NO .git folder found")
def get_dot_svn(self, target):
req = requests.get(target+"/.svn/entries")
r = req.status_code
if r == 200:
print(r)
elif r == 403:
print("Forbidden")
else:
print("NO .SVN folder found")
def get_dot_htaccess(self, target):
req = requests.get(target+"/.htaccess")
r = req.text
statcode = req.status_code
if statcode == 403:
print("403 Forbidden")
else:
print(r)
def get_index(self, target):
req = requests.get(target+"/index.php~")
r = req.text
statcode = req.status_code
if statcode == 200:
print("Found VIM swap file")
print("===============================================")
print(r)
print("===============================================")
else:
print("Moving on from index.php")
def get_indexphps(self, target):
req = requests.get(target+"/index.phps")
r = req.text
statcode = req.status_code
if statcode == 200:
print("Found something interesting")
print("===============================================")
print(r)
print("===============================================")
else:
print("Moving on from index.phps")
def get_dotbak(self, target):
common_file_names = ['index', 'old']
for i in common_file_names:
req = requests.get(target+"/"+i+".bak")
r = req.text
statcode = req.status_code
if statcode == 200:
print(r)
# elif statcode == 200:
# req = requests.get(target+"/"+i+".BAK")
# r = req.txt
# statcode = req.status_code
# if statcode == 200:
# print(r)
else:
print(i + ".bak files not found")
def get_dotold(self,target):
req = requests.get(target+"/index.old")
r = req.text
statcode = req.status_code
if statcode == 200:
print(r)
if __name__=='__main__':
obj=info()
print("Checking for Robots.txt")
print("=======================")
time.sleep(1)
obj.get_robots_txt(sys.argv[1])
print("Checking for .git")
print("=================")
time.sleep(1)
obj.get_dot_git(sys.argv[1])
print("Checking for .htaccess")
print("=================")
time.sleep(1)
obj.get_dot_htaccess(sys.argv[1])
print("Checking for .svn")
print("=================")
time.sleep(1)
obj.get_dot_svn(sys.argv[1])
print("Checking for index file")
print("=================")
time.sleep(1)
obj.get_index(sys.argv[1])
print("Checking for VIM swap file")
print("=================")
time.sleep(1)
obj.get_indexphps(sys.argv[1])
print("Checking for .bak/.BAK")
print("=================")
time.sleep(1)
obj.get_dotbak(sys.argv[1])
print("Checking for .old/.OLD")
print("=================")
time.sleep(1)
obj.get_dotold(sys.argv[1])