Konuyu Oyla:
  • Derecelendirme: 0/5 - 0 oy
  • 1
  • 2
  • 3
  • 4
  • 5
Private host scan
#1
PHP Kod:
<html>
<
head>
    <
title></title>
</
head>
<
body>
    <
h1></h1>
    <
form action=-?- method="GET">
        <
input type="text" name="host" value=-<?PHP echo isset($_GET['host']) ? $_GET['host'] : 'www.example.com'?>- />
        <input type="submit" value="mandale gas" />
    </form>
    <br><br>
    <?PHP analizar($_GET['host']); ?>
</body>
</html>
<?PHP
//reversedns bing ()
//reversedns gigablast ()
//whoishostingthis ()
//google/bing/otros dorks
//dns lookups ()
//transferencias de zona
//brute force de subdominios ()
function analizar($host){
    
error_reporting(999999999);
    
error_reporting(0);
    
set_time_limit(0);

    echo 
'Host: -. htmlentities($host, ENT_QUOTES, 'UTF-8').-<br>-;
    echo -<table><tr><td>IP</td><td>Reverse</td><td>Long ip</td><td>ISP</td><td>Ciudad</td><td>Region</td><td>Pais</td></tr>-;
    $ip = gethostbynamel($host);
    foreach ($ip as $this_ip){
        $reverse = gethostbyaddr($this_ip);
        if ( $reverse == $this_ip ) {
            $reverse = --;
        }
        echo -<tr><td>-.htmlentities($this_ip, ENT_QUOTES, '
UTF-8').-</td>-;
        echo -<td>-.htmlentities($reverse, ENT_QUOTES, '
UTF-8').-</td>-;
        echo -<td>-.htmlentities(sprintf(-%u", ip2long(trim($this_ip))), ENT_QUOTES, '
UTF-8').-</td>-;
        $temp = file_get_contents("http://www.melissadata.com/lookups/iplocation.asp?ipaddress=-.$this_ip);
//            print_R($temp);
        preg_match(-@<tr class='
tdresul01'><td class='columresult'>ISP</td><td align='left'><b>([^&]+)&nbsp;</b></td></tr>@-,$temp,$match);
        echo -<td>- . htmlentities($match[1], ENT_QUOTES, '
UTF-8') . -</td>-;
        preg_match(-@<tr><td class='
columresult'>City</td><td align='left'><b>(.+)</b></td></tr>@-,$temp,$match);
        echo -<td>- . htmlentities($match[1], ENT_QUOTES, '
UTF-8') . -</td>-;
        preg_match(-@<tr class='
tdresul01'><td class='columresult'>State or Region</td><td align='left'><b>(.+)</b></td></tr>@-,$temp,$match);
        echo -<td>- . htmlentities($match[1], ENT_QUOTES, '
UTF-8') . -</td>-;
        preg_match(-@<tr><td class='
columresult'>Country</td><td align='left'><b>(.+)</b></td></tr>@-,$temp,$match);
        echo -<td>- . htmlentities($match[1], ENT_QUOTES, '
UTF-8') . -</td></tr>-;
    }
   echo -</table><br>-;
  
  //dns
    $resultado_dns = dns_get_record($host, DNS_ANY, $authdns);
    foreach ($resultado_dns as $dns){
        if ($dns["type"]=="A"){
            echo -[-.$dns["host"].-] -.$dns["type"].- => -.$dns["ip"].- (ttl -.$dns["ttl"].-)-.-<br>-;
        }elseif ($dns["type"]=="MX"){
            echo -[-.$dns["host"].-] -.$dns["type"].- => -.$dns["target"].- (-.$dns["pri"].-) (ttl -.$dns["ttl"].-)-.-<br>-;
        }elseif (($dns["type"]=="CNAME") or ($dns["type"]=="NS") or ($dns["type"]=="PTR")){
            echo -[-.$dns["host"].-] -.$dns["type"].- => -.$dns["target"].- (ttl -.$dns["ttl"].-)-.-<br>-;
        }elseif ($dns["type"]=="TXT"){
            echo -[-.$dns["host"].-] -.$dns["type"].- => -.$dns["txt"].- (ttl -.$dns["ttl"].-)-.-<br>-;
        }elseif ($dns["type"]=="HINFO"){
            echo -[-.$dns["host"].-] -.$dns["type"].- => CPU: -.$dns["cpu"].- OS: -.$dns["os"].- (ttl -.$dns["ttl"].-)-.-<br>-;
        }elseif ($dns["type"]=="SOA"){
            echo -[-.$dns["host"].-] -.$dns["type"].- => -.$dns["mname"].- - Email: -.$dns["rname"].- - Serial: -.$dns["serial"].- - Refresh: -.$dns["refresh"].- - Retry: -.$dns["retry"].- - Expire: -.$dns["expire"].- - Minimum-ttl: -.$dns["minimum-ttl"].- (ttl -.$dns["ttl"].-)-.-<br>-;
        }elseif ($dns["type"]=="AAA"){
            echo -[-.$dns["host"].-] -.$dns["type"].- => -.$dns["ipv6"].- (ttl -.$dns["ttl"].-)-.-<br>-;
        }elseif ($dns["type"]=="A6"){
            echo -[-.$dns["host"].-] -.$dns["type"].- => -.$dns["masklen"].- - -.$dns["ipv6"].- - -.$dns["chain"].- - -.- (ttl -.$dns["ttl"].-)-.-<br>-;
        }elseif ($dns["type"]=="SRV"){
            echo -[-.$dns["host"].-] -.$dns["type"].- => -.$dns["pri"].- - -.$dns["weight"].- - -.$dns["target"].-:-.$dns["port"].- (ttl -.$dns["ttl"].-)-.-<br>-;
        }elseif ($dns["type"]=="NAPTR"){
            echo -[-.$dns["host"].-] -.$dns["type"].- => -.$dns["order"].- - -.$dns["pref"].- - -.$dns["flags"].- - -.$dns["services"].- - -.$dns["regex"].- - -.$dns["replacement"].- (ttl -.$dns["ttl"].-)-.-<br>-;
        }else{
            echo -<br>-;
        }
    }
    
    foreach ($authdns as $this_authdns) {
        echo -[-.$dns["host"].-] -.$dns["type"].- => -.$dns["target"].- - -.$dns["class"].- (ttl -.$dns["ttl"].-)-.-<br>-;
    }

    $temp = file_get_contents("http://www.whoishostingthis.com/-.$host);
    preg_match(-@<a href="http://www.whoishostingthis.com/linkout/?.*-;[^>]*?>([^<]+)</a>@i'
,$temp,$match);
    echo -<
br>Hosted by: - . (isset($match[1]) ? $match[1] : 'Unknown') . -<br>-;


    
//reverse dns (bing)
    
echo -<table><tr><td>IP</td><td>Bing (confirmados)</td><td>Bing(Sin confirmar)</td><td>GigaBlast (confirmados)</td><td>GigaBlast (sin confirmar)</td><td>Total (confirmados)</td><td>Total (sin confirmar)</td></tr>-;
    foreach (
$ip as $this_ip) {
        echo -<
tr><td>-.$this_ip.-</td>-;
        
//Bing
        
$offset 0;
        
$confirmed_domains_bing = array();
        
$no_confirmed_domains_bing = array();
        
$url_dns = array();
        
$pasado null;
        do{
            unset(
$url_dns); 
            
$url 'http://api.search.live.net/json.aspx?AppId=7066FAEB6435DB963AE3CD4AC79CBED8B962779C&Query=IP:-.$this_ip.-&Sources=web&Web.Offset=-.$offset;
            $data  = json_decode(file_get_contents($url));
            
            foreach($data->SearchResponse->Web->Results as $value){
                $dms = parse_url($value->Url, PHP_URL_HOST);
                if ( (!in_array ($dms, $confirmed_domains_bing)) and (!in_array ($dms, $no_confirmed_domains_bing)) ){
                    if ( in_array($this_ip, gethostbynamel($dms)) ) {
                        $confirmed_domains_bing[] = $dms;
                    }else{
                        $no_confirmed_domains_bing[] = $dms;
                    }
                }
                $url_dns[] = $dms;
            }
            
            if ($offset % 4 == 0 ) {
                $actual = $url_dns;
            }else{
                $pasado = $url_dns;
            }
            $offset = $offset + 10;
           
        }while ($actual != $pasado);
    
        sort($confirmed_domains_bing);
        sort($no_confirmed_domains_bing);
        echo -<td><textarea cols="30" rows="15">-.sizeof($confirmed_domains_bing).-\n".htmlentities(implode(-\n", $confirmed_domains_bing), ENT_QUOTES, '
UTF-8').-</textarea></td><td><textarea cols="30" rows="15">-.sizeof($no_confirmed_domains_bing).-\n".htmlentities(implode(-\n", $no_confirmed_domains_bing), ENT_QUOTES, 'UTF-8').-</textarea></td>-;

        //Reverse dns Giga Blast
        $offset = 0;
        $confirmed_domains_gigablast = array();
        $no_confirmed_domains_gigablast = array();
        $pasado = null;
        for($i=0; $i<10;$i++){
            $links = file_get_contents('
http://www.gigablast.com/search?q=ip:-.urlencode($this_ip).-&n=50&sc=0&dr=0&raw=1&nrt=110&spell=0&s=-.($i*50));
            
$links explode(-\n", $links);
            unset(
$links[0]$links[sizeof($links)]);
            foreach (
$links as $link) {
                
$dms = parse_url($link, PHP_URL_HOST);
                if ( (!in_array (
$dms$confirmed_domains_gigablast)) and (!in_array ($dms$no_confirmed_domains_gigablast)) ){
                    if ( in_array(
$this_ip, gethostbynamel($dms)) ) {
                        
$confirmed_domains_gigablast[] = $dms;
                    }else{
                        
$no_confirmed_domains_gigablast[] = $dms;
                    }
                }
            }
        }
       
        sort(
$confirmed_domains_gigablast);
        sort(
$no_confirmed_domains_gigablast);
        echo -<td><textarea cols="
30" rows="15">-.sizeof($confirmed_domains_gigablast).-\n".htmlentities(implode(-\n", $confirmed_domains_gigablast), ENT_QUOTES, 'UTF-8').-</textarea></td><td><textarea cols="30" rows="15">-.sizeof($no_confirmed_domains_gigablast).-\n".htmlentities(implode(-\n", $no_confirmed_domains_gigablast), ENT_QUOTES, 'UTF-8').-</textarea></td>-;
        
        
$confirmed_domains = array_unique(array_merge($confirmed_domains_bing$confirmed_domains_gigablast));
        sort(
$confirmed_domains);
        
$no_confirmed_domains = array_unique(array_merge($no_confirmed_domains_bing$no_confirmed_domains_gigablast));
        sort(
$no_confirmed_domains);
        echo -<td><textarea cols="
30" rows="15">-.sizeof($confirmed_domains).-\n".htmlentities(implode(-\n", $confirmed_domains), ENT_QUOTES, 'UTF-8').-</textarea></td><td><textarea cols="30" rows="15">-.sizeof($no_confirmed_domains).-\n".htmlentities(implode(-\n", $no_confirmed_domains), ENT_QUOTES, 'UTF-8').-</textarea></td></tr>-;
    }
    echo -</table>-;
    
    //sub domain brute force
    echo -<br><br>Bruteando subdominios:<br>-;
    
$subdomains = file_get_contents('subdomains.txt');
    
$subdomains = explode(-\n"$subdomains);
    foreach(
$subdomains as $subdomain){
        if(
gethostbyname($subdomain.-.-.$host) != $subdomain.-.-.$host){
            echo 
$subdomain.-.-.$host.-<br>-;
        }
    }
}







?>
Ara
Cevapla


Konu ile Alakalı Benzer Konular
Konular Yazar Yorumlar Okunma Son Yorum
  Single Bitcoin Private Key Cracking Tool [priv8] redkit 10 1,398 03.01.2018, Saat:20:02
Son Yorum: sami19
  Host'ta Programsız Admin Mail Adresi Tarama... Trsz_kwT 2 531 17.10.2017, Saat:15:44
Son Yorum: YerelDisk-C
  Canoas Web Host Admin Page Bypass morena 15 2,247 14.10.2017, Saat:11:23
Son Yorum: d0rbx1
  Private SQL Dorkları StifLer 43 4,923 22.11.2016, Saat:02:28
Son Yorum: qxygene
  404 Private Shell decoded :) G3nzo 21 3,768 30.10.2016, Saat:16:09
Son Yorum: Fanetsa

Hızlı Menü:


Konuyu Okuyanlar: 1 Ziyaretçi
escort mersin- ankara escort-