darkTouch is a fuzzer that attempts to fingerprint the structure of a website. Written in Python.
86a99f55e9fc32eee675bdba41eff23d4356b6004f52b1c0b400498cbd083d37#!/usr/bin/env python
################################################################
# .___ __ _______ .___ #
# __| _/____ _______| | __ ____ \ _ \ __| _/____ #
# / __ |\__ \\_ __ \ |/ // ___\/ /_\ \ / __ |/ __ \ #
# / /_/ | / __ \| | \/ <\ \___\ \_/ \/ /_/ \ ___/ #
# \____ |(______/__| |__|_ \\_____>\_____ /\_____|\____\ #
# \/ \/ \/ #
# ___________ ______ _ __ #
# _/ ___\_ __ \_/ __ \ \/ \/ / #
# \ \___| | \/\ ___/\ / #
# \___ >__| \___ >\/\_/ #
# est.2007 \/ \/ forum.darkc0de.com #
################################################################
# website structure fingerprinting ...the dirty way
# thanks to baltazar/adminfinder for inspiration
#
# darkc0de Crew
# www.darkc0de.com
# code low1z
#
# Greetz to
# d3hydr8, rsauron, baltazar, inkubus, kopele
# and the rest of the Darkc0de members
import urllib2, sys, httplib, threading, sets, socket, time, re
#site = sys.argv[1].replace("http://","").split("/",1)[0]
timeout = 2
socket.setdefaulttimeout(timeout)
threads = []
numthreads = 8
extensions = ['php','asp','aspx','cfm','html','htm']
tmptable = []
found = []
final = []
collected = []
ldm = 'apr-24-09'
version = '0.2'
fuzztable = ['index', 'Index', 'About', 'view', 'access', 'account', 'act_hit', 'activate', 'adclick',
'add_channel', 'addfeed', 'addtestimonial', 'adentry', 'ad_link', 'admin', 'admin_upload', 'adn_count',
'adverclick', 'affi', 'afgb', 'afi', 'agt', 'album', 'albums', 'animation', 'annonces-add', 'announce_detail',
'announcement_content', 'apply', 'apricot', 'ARead', 'art', 'art_desc', 'article', 'article2', 'article_detail_parse',
'ArticleInfo', 'article_read', 'Article_Show', 'article_show_full', 'article_view', 'ArticleView', 'author',
'author_album', 'author_price', 'base', 'basket', 'batch', 'bbs', 'bbs_detail', 'bencandy', 'billboard01', 'b_link',
'blog', 'blogdetails', 'blog-entry', 'bloggermeet', 'blog_groups', 'blogind', 'blog_show', 'blog_story', 'board',
'board1', 'board_detail', 'book', 'bookmark', 'Books', 'browse', 'browse_image', 'BusinessReport',
'button', 'camp_detail', 'candidatedetails', 'cardshow', 'catalog', 'categories', 'category', 'cfidata', 'channel',
'Checkout', 'checkout_shipping', 'clanek_ukaz', 'clap', 'class_04', 'click', 'clickin', 'clickprod', 'CollectionList',
'collegeprice', 'columns', 'comeoncool', 'comment', 'comments', 'Community', 'company', 'company_search', 'contact',
'content', 'Content', 'content_new', 'contestant', 'control', 'coolfreelist', 'countblogstar', 'counter',
'examine_list', 'external', 'ExtLink', 'faculty_profile', 'fair_homepage', 'faq', 'features_show2a', 'file', 'files',
'films', 'form', 'formular', 'forum', 'forumdisplay', 'forumhome', 'forummessage', 'forum_messageDetail', 'forum_posts',
'forum_sub_posts', 'frame', 'fullstory', 'gbook', 'get', 'getInPageTarget', 'GetRelease',
'gocity', 'goodh', 'goods_comment', 'goout', 'goto', 'goto_freetel', 'gp_nl', 'graduate', 'group_page', 'group_topic',
'guest', 'guestbook', 'guestbook_new', 'GuestMagBN', 'heihei', 'help', 'hitlink', 'home', 'hrbclick', 'iboard',
'idevaffiliate', 'iframe', 'Image', 'img', 'include', 'index1', 'index2', 'index4', 'index_fo',
'indexmain', 'indexnew', 'index_u', 'Individual', 'info', 'infoadd', 'infopage', 'infoshow2', 'insert_post',
'institutiondetail', 'international', 'into', 'invitation', 'inviteshow', 'isomil_valentine2_detail', 'item',
'item_detail', 'item_groups', 'j140s', 'Job', '_jobposting', 'jobs', 'join',
'newsmain', 'news_show', 'news_view', 'newthread', 'noscript', 'noticedet', 'notify', 'ocean-tracking', 'ocitview',
'offices-ser_news', 'OpenAd', 'optionmmi', 'original_index', 'out', 'page', 'pages',
'page-sanmin2', 'pageShw', 'parking', 'partydetails', 'permalink', 'PersonalSpace', 'plan', 'play', 'Play', 'player',
'pleasure', 'plugin', 'plugins', 'point', 'poll', 'pollbooth',
'pollsshow', 'post', 'postcard', 'posting', 'price', 'PriceList', 'print',
'pro_def', 'product', 'product_detail', 'ProductDetails', 'product_info', 'products', 'profile',
'profilesdetail', 'programimglist', 'projectdetails', 'projects', 'providepassword', 'psview',
'publicrelationView', 'publisher_titles', 'pub-stats', 'qk_qklx', 'qoblog', 'quickadd', 'quotations', 'rank', 'ranking',
'ranklink', 'read', 'readarticle', 'ReadNews', 'read_user', 'recruit', 'redir', 'redirect',
'regdom', 'regist', 'register', 'report_get', 'req', 'RequestQuote', 'Results', 'ribbon_link', 'rin', 'rsd', 'rss',
'rssFeed_it', 'rwcomments', 'sch', 'schedule', 'scielo', 'search', 'Search', 'search2',
'search_form', 'searchpicsnap', 'searchresults', 'selectintro', 'select_tokucho', 'sendemail', 'sendmessage', 'serve',
'shop', 'shop_fair', 'shopper_new', 'shopping_cart', 'show', 'ShowArtiChannel', 'showarticle',
'showblog', 'showcard', 'showclass', 'showhistory', 'show_miniworld', 'shownews', 'showNews', 'ShowNewsDetail',
'show_oc', 'showpage', 'show_photo', 'showpkn', 'showpost', 'showprofile', 'showquestion', 'showsp', 'showstats',
'showthread', 'showtrackback', 'show_want', 'signup', 'single', 'site', 'sitecome', 'smsmain',
'snapshots', 'soft_detail', 'sondages', 'sort', 'source', 'space', 'spacecp', 'special', 'specials',
'spip', 'spurl', 'start', 'stat', 'statistics', 'statistik', 'stats', 'sub', 'subcate_list', 'subforum',
'submit', 'subscribe', 'subscription', 'support', 'survey', 'tags', 'takeinfo_more', 'tana', 'task', 'tbh_sub',
'tblogread', 'tchinfo', 'teacher', 'tech_details', 'tenders', 'terms', 'T_examinat', 'thread', 'thumbnails', 'tier',
'top', 'topic', 'topicdetail', 'topics', 'topsites', 'tradeinfo', 'training', 'transfer', 'trip_detail',
'trpSupport', 'tr_set', 'tryout_item', 'two', 'type', 'Type', 'ucp', 'user',
'User', 'userblog', 'userinfo', 'user_profile', 'user_register', 'usersettings',
'user_view', 'vanessa_video', 'vbimghost', 'video', 'videoByTag', 'videos', 'View', 'viewad',
'viewall', 'view_all_gallery', 'view_clip', 'viewdoc', 'viewEvent', 'viewfaculty',
'viewforum', 'viewinfo', 'view_inside', 'ViewItem', 'viewmessage', 'viewnews', 'view_news', 'ViewNews', 'viewphotos',
'viewpro', 'viewscat', 'viewstory', 'viewthread', 'viewtop', 'viewtopic', 'viewuser', 'view_video', 'viewwz',
'VIP_showLawyer_article', 'visit', 'vote', 'votealbum', 'voteArticle', 'wall', 'webarticle', 'webarticle2', 'webboard',
'webcounter', 'websearch', 'weekend_news_detail', 'welcome', 'wenji', 'whoischeck', 'worldwide', 'wp-login',
'wp-profile1', 'xiti', 'zoom']
def pContent(url):
try:
request_web = urllib2.Request(url);agent = 'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.6)'
request_web.add_header('User-Agent', agent);opener_web = urllib2.build_opener()
text = opener_web.open(request_web).read();strreg = re.compile('(?<=href=")(.*?)(?=")')
names = strreg.findall(text);opener_web.close()
for name in names:
if site in name or '=' in name or name.startswith('/'):
global collected
collected.append(name)
elif site in name and EXT in name:
collected.append(name)
elif 'http://' in name:
collected.append(name)
except:
pass
def Fuzz(entry):
try:
entry = "/" + entry
connection = httplib.HTTPConnection(site)
connection.request("GET",entry)
response = connection.getresponse()
if response.status == 200:
str = 'http://'+site+entry
print "Found : %s " % (str)
found.append(str)
else:
pass
except(KeyboardInterrupt,SystemExit):
raise
except:
pass
if len(sys.argv) <= 1:
print "\tno url - no fuzz\n"
sys.exit(1)
else:
site = sys.argv[1].replace("http://","").split("/",1)[0]
cnt = 1
print " _ _ _____ _ "
print " _| |___ ___| |_|_ _|___ _ _ ___| |_ author : low1z"
print "| . | .'| _| '_| | | | . | | | _| | date :",ldm
print "|___|__,|_| |_,_| |_| |___|___|___|_|_| version :",version
print "\n Website Structure Fingerprinting *beta*"
print "- keep in mind, we only collect = links here -\n"
for val in extensions: print cnt,":", val;cnt += 1
EXTnr = raw_input('\nChoose Server FileExtension [1-5]:')
EXT = extensions[int(EXTnr)-1]
for entry in fuzztable:
tmptable.append(entry+'.'+EXT)
print "\n>> Fuzzing for ."+EXT+" Files....\n"
for entry in tmptable: Fuzz(entry)
for entry in found: pContent(entry)
for entry in collected:
if entry.startswith('/') and EXT in entry and '=' in entry:
final.append('http://'+site+entry)
elif entry.startswith('http://') and site in entry and EXT in entry:
final.append(entry)
else:
pass
if len(final) > 2:
final.sort();lastEntry = final[-1]
for e in range(len(final)-2, -1, -1):
try:
LE = lastEntry.split('?')
fURLS = final[e].split('?')
if LE[0] == fURLS[0]:
del final[e]
else:
lastEntry = final[e]
except(IndexError):
pass
print "\n>> Found :", len(final), "Strings\n"
for entry in final:
print entry
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed