Skip to content

Instantly share code, notes, and snippets.

@TheYkk

TheYkk/admin.php

Created Jan 15, 2019
Embed
What would you like to do?
admin page finder
<?php
set_time_limit(0);
?>
<html>
<head>
<title>
Admin Page Finder
</title>
</head>
<body background="http://fc00.deviantart.net/fs70/i/2011/324/9/2/black___purple_textures_by_paralyzinglove-d4gscvx.jpg">
<p align=center>
<img src="http://i67.photobucket.com/albums/h298/bcfcrule11/theAlchemist.png" alt="IP Grabber" /></p>
<p align="center"><font color="c0c0c0" size="5">Admin Page Finder</font></p>
<form method="POST" action="<?php $PHP_SELF; ?>">
<p align="center"><font color="c0c0c0">Enter website : </font>
<input type="text" name="url" value="http://"/>
<br>
<input type="submit" name="submit" value="Check"/>
</p>
<br>
<br>
<?php
//This code was created by The Alchemist
function xss_protect($data, $strip_tags = false, $allowed_tags = "") {
if($strip_tags) {
$data = strip_tags($data, $allowed_tags . "<b>");
}
if(stripos($data, "script") !== false) {
$result = str_replace("script","scr<b></b>ipt", htmlentities($data, ENT_QUOTES));
} else {
$result = htmlentities($data, ENT_QUOTES);
}
return $result;
}
function urlExist($url)
{
$handle = curl_init($url);
if (false === $handle)
{
return false;
}
curl_setopt($handle, CURLOPT_HEADER, false);
curl_setopt($handle, CURLOPT_FAILONERROR, true);
curl_setopt($handle, CURLOPT_HTTPHEADER, Array("User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/20080623 Firefox/2.0.0.15") ); // request as if Firefox
curl_setopt($handle, CURLOPT_NOBODY, true);
curl_setopt($handle, CURLOPT_RETURNTRANSFER, false);
$connectable = curl_exec($handle);
curl_close($handle);
return $connectable;
}
if(isset($_POST['submit']) && isset($_POST['url']))
{
$url= htmlentities(xss_protect($_POST['url']));
if(filter_var($url, FILTER_VALIDATE_URL))
{
$trying = array('admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/',
'usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/',
'panel-administracion/','instadmin/','memberadmin/','administratorlogin/','adm/','admin/account.php',
'admin/index.php','admin/login.php','admin/admin.php','admin/account.php','admin_area/admin.php',
'admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html',
'admin/index.html','admin/login.html','admin/admin.html','admin_area/index.php','bb-admin/index.php','bb-admin/login.php',
'bb-admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html','admin/controlpanel.php','admin.php',
'admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html',
'panel-administracion/login.html','admin/cp.php','cp.php','administrator/index.php','administrator/login.php',
'nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php','administrator/account.php',
'administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php',
'bb-admin/index.html','bb-admin/login.html','acceso.php','bb-admin/admin.html','admin/home.html',
'login.php','modelsearch/login.php','moderator.php','moderator/login.php','moderator/admin.php','account.php',
'pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php',
'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php',
'adminarea/index.html','adminarea/admin.html','webadmin.php','webadmin/index.php','webadmin/admin.php',
'admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.html',
'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html',
'login.html','modelsearch/login.html','moderator/login.html','adminarea/login.html','panel-administracion/index.html',
'panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admincontrol/login.html',
'adm/index.html','adm.html','moderator/admin.html','user.php','account.html','controlpanel.html','admincontrol.html',
'panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','admin.php',
'adminarea/index.php','adminarea/admin.php','adminarea/login.php','panel-administracion/index.php',
'panel-administracion/admin.php','modelsearch/index.php','modelsearch/admin.php','admincontrol/login.php',
'adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php','usuarios/login.php',
'adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php','admin.asp','admin/admin.asp',
'admin_area/admin.asp','admin_area/login.asp','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp',
'bb-admin/admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','user.asp','webadmin/index.asp',
'webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp',
'adminLogin.asp','admin/adminLogin.asp','home.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp',
'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp',
'admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2/login.asp','admin2/index.asp','adm/index.asp',
'adm.asp','affiliate.asp','adm_auth.asp','memberadmin.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp',
'admin.%EXT%',
'login.htm',
'login.html',
'login/',
'login.%EXT%',
'adm/',
'admin/',
'admin/account.html',
'admin/login.html',
'admin/login.htm',
'admin/home.%EXT%',
'admin/controlpanel.html',
'admin/controlpanel.htm',
'admin/cp.%EXT%',
'admin/adminLogin.html',
'admin/adminLogin.htm',
'admin/admin_login.%EXT%',
'admin/controlpanel.%EXT%',
'admin/admin-login.%EXT%',
'admin-login.%EXT%',
'admin/account.%EXT%',
'admin/admin.%EXT%',
'admin.htm',
'admin.html',
'adminitem/',
'adminitem.%EXT%',
'adminitems/',
'adminitems.%EXT%',
'administrator/',
'administrator/login.%EXT%',
'administrator.%EXT%',
'administration/',
'administration.%EXT%',
'adminLogin/',
'adminlogin.%EXT%',
'admin_area/admin.%EXT%',
'admin_area/',
'admin_area/login.%EXT%',
'manager/',
'manager.%EXT%',
'letmein/',
'letmein.%EXT%',
'superuser/',
'superuser.%EXT%',
'access/',
'access.%EXT%',
'sysadm/',
'sysadm.%EXT%',
'superman/',
'supervisor/',
'panel.%EXT%',
'control/',
'control.%EXT%',
'member/',
'member.%EXT%',
'members/',
'members.%EXT%',
'user/',
'user.%EXT%',
'cp/',
'uvpanel/',
'manage/',
'manage.%EXT%',
'management/',
'management.%EXT%',
'signin/',
'signin.%EXT%',
'log-in/',
'log-in.%EXT%',
'log_in/',
'log_in.%EXT%',
'sign_in/',
'sign_in.%EXT%',
'sign-in/',
'sign-in.%EXT%',
'users/',
'users.%EXT%',
'accounts/',
'accounts.%EXT%',
'wp-login.php',
'bb-admin/login.%EXT%',
'bb-admin/admin.%EXT%',
'bb-admin/admin.html',
'administrator/account.%EXT%',
'relogin.htm',
'relogin.html',
'check.%EXT%',
'relogin.%EXT%',
'blog/wp-login.%EXT%',
'user/admin.%EXT%',
'users/admin.%EXT%',
'registration/',
'processlogin.%EXT%',
'checklogin.%EXT%',
'checkuser.%EXT%',
'checkadmin.%EXT%',
'isadmin.%EXT%',
'authenticate.%EXT%',
'authentication.%EXT%',
'auth.%EXT%',
'authuser.%EXT%',
'authadmin.%EXT%',
'cp.%EXT%',
'modelsearch/login.%EXT%',
'moderator.%EXT%',
'moderator/',
'controlpanel/',
'controlpanel.%EXT%',
'admincontrol.%EXT%',
'adminpanel.%EXT%',
'fileadmin/',
'fileadmin.%EXT%',
'sysadmin.%EXT%',
'admin1.%EXT%',
'admin1.html',
'admin1.htm',
'admin2.%EXT%',
'admin2.html',
'yonetim.%EXT%',
'yonetim.html',
'yonetici.%EXT%',
'yonetici.html',
'phpmyadmin/',
'myadmin/',
'ur-admin.%EXT%',
'ur-admin/',
'Server.%EXT%',
'Server/',
'wp-admin/',
'administr8.%EXT%',
'administr8/',
'webadmin/',
'webadmin.%EXT%',
'administratie/',
'admins/',
'admins.%EXT%',
'administrivia/',
'Database_Administration/',
'useradmin/',
'sysadmins/',
'admin1/',
'system-administration/',
'administrators/',
'pgadmin/',
'directadmin/',
'staradmin/',
'ServerAdministrator/',
'SysAdmin/',
'administer/',
'LiveUser_Admin/',
'sys-admin/',
'typo3/',
'panel/',
'cpanel/',
'cpanel_file/',
'platz_login/',
'rcLogin/',
'blogindex/',
'formslogin/',
'autologin/',
'support_login/',
'meta_login/',
'manuallogin/',
'simpleLogin/',
'loginflat/',
'utility_login/',
'showlogin/',
'memlogin/',
'login-redirect/',
'sub-login/',
'wp-login/',
'login1/',
'dir-login/',
'login_db/',
'xlogin/',
'smblogin/',
'customer_login/',
'UserLogin/',
'login-us/',
'acct_login/',
'bigadmin/',
'project-admins/',
'phppgadmin/',
'pureadmin/',
'sql-admin/',
'radmind/',
'openvpnadmin/',
'wizmysqladmin/',
'vadmind/',
'ezsqliteadmin/',
'hpwebjetadmin/',
'newsadmin/',
'adminpro/',
'Lotus_Domino_Admin/',
'bbadmin/',
'vmailadmin/',
'Indy_admin/',
'ccp14admin/',
'irc-macadmin/',
'banneradmin/',
'sshadmin/',
'phpldapadmin/',
'macadmin/',
'administratoraccounts/',
'admin4_account/',
'admin4_colon/',
'radmind-1/',
'Super-Admin/',
'AdminTools/',
'cmsadmin/',
'SysAdmin2/',
'globes_admin/',
'cadmins/',
'phpSQLiteAdmin/',
'navSiteAdmin/',
'server_admin_small/',
'logo_sysadmin/',
'power_user/',
'system_administration/',
'ss_vms_admin_sm/',
'bb-admin/',
'panel-administracion/',
'instadmin/',
'memberadmin/',
'administratorlogin/',
'adm.%EXT%',
'admin_login.%EXT%',
'panel-administracion/login.%EXT%',
'pages/admin/admin-login.%EXT%',
'pages/admin/',
'acceso.%EXT%',
'admincp/login.%EXT%',
'admincp/',
'adminarea/',
'admincontrol/',
'affiliate.%EXT%',
'adm_auth.%EXT%',
'memberadmin.%EXT%',
'administratorlogin.%EXT%',
'modules/admin/',
'administrators.%EXT%',
'siteadmin/',
'siteadmin.%EXT%',
'adminsite/',
'kpanel/',
'vorod/',
'vorod.%EXT%',
'vorud/',
'vorud.%EXT%',
'adminpanel/',
'PSUser/',
'secure/',
'webmaster/',
'webmaster.%EXT%',
'autologin.%EXT%',
'userlogin.%EXT%',
'admin_area.%EXT%',
'cmsadmin.%EXT%',
'security/',
'usr/',
'root/',
'secret/',
'admin/login.%EXT%',
'admin/adminLogin.%EXT%',
'moderator.php',
'moderator.html',
'moderator/login.%EXT%',
'moderator/admin.%EXT%',
'yonetici.%EXT%',
'0admin/',
'0manager/',
'aadmin/',
'cgi-bin/login%EXT%',
'login1%EXT%',
'login_admin/',
'login_admin%EXT%',
'login_out/',
'login_out%EXT%',
'login_user%EXT%',
'loginerror/',
'loginok/',
'loginsave/',
'loginsuper/',
'loginsuper%EXT%',
'login%EXT%',
'logout/',
'logout%EXT%',
'secrets/',
'super1/',
'super1%EXT%',
'super_index%EXT%',
'super_login%EXT%',
'supermanager%EXT%',
'superman%EXT%',
'superuser%EXT%',
'supervise/',
'supervise/Login%EXT%',
'super%EXT%'
);
foreach($trying as $sec)
{
$urll=$url.'/'.$sec;
if(urlExist($urll))
{
echo '<p align="center"><font color="00FF00">'.$urll.' exists.<br>MATCH FOUND!!!</font></p>';
exit;
}
else
{
echo '<p align="center"><font color="FFFF00">'.$urll.' does not exist.</font></p>';
}
}
echo '<p align="center"><font color="c0c0c0" size="5">Could not find admin page.</font></p>';
}
else
{
echo '<p align="center"><font color="c0c0c0" size="5">Invalid URL entered.</font></p>';
}
}
?>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment