Skip to content

Instantly share code, notes, and snippets.

@technion

technion/phishget.rb

Last active May 11, 2020
Star
Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
Raw
phishget.rb
#!/usr/bin/env ruby
require 'httparty'
FILELIST = [
'/dropbox.zip',
'/robots.txt', # Not from the original list - this serves as a sanity check as it usually exists
'/css/business-frontpage.css',
'/newphase.zip',
'/Doc.zip',
'/wp-content.zip',
'/auth.zip',
'/Pdf.zip',
'/secure-dropbox.zip',
'/dropbox2016.zip',
'/yahoo%202.txt',
'/adobe.zip',
'/mn.zip',
'/Dropbox.zip',
'/x.txt',
'/dhl.zip',
'/accepted_visitors.txt',
'/GoogleDoc.zip',
'/USAA2014.zip',
'/docs.zip',
'/8-login-form.zip',
'/sent.zip',
'/new2015.zip',
'/Adobe.zip',
'/G550.zip',
'/info.txt',
'/secured-view%20(2).zip',
'/box.zip',
'/rof.txt',
'/webmail.zip',
'/laXa1a1.txt',
'/Drop.zip',
'/page.zip',
'/log.txt',
'/adobelatest.zip',
'/WellsLINK.zip',
'/apple.zip',
'/china.zip',
'/License_linux.txt',
'/new.zip',
'/newp.zip',
'/b1.txt',
'/paypal.zip',
'/ipad.zip',
'/gmail.zip',
'/Dropfile.zip',
'/FE4Nt3a.zip',
'/Arch.zip',
'/IRS.zip',
'/review.zip',
'/yh.txt',
'/eogpr.zip',
'/dbfile.zip',
'/1.txt',
'/account.zip',
'/godaddy.zip',
'/PDF%20-01.zip',
'/share.zip',
'/secure.zip',
'/login.alibaba.com.zip',
'/Documentos.file.html.zip',
'/pi9sI3ca6.zip',
'/Gdoc.zip',
'/as.txt',
'/mam.txt',
'/action.zip',
'/office365.zip',
'/la4BA0Re3L.zip',
'/aol..txt',
'/usaa.zip',
'/MailVerification.zip',
'/app.zip',
'/pageo.zip',
'/web1.zip',
'/chq.zip',
'/drop.zip',
'/GOOGLENEWW.zip',
'/admin.zip',
'/nD.zip',
'/Counter.zip',
'/css.zip',
'/survey.zip',
'/CO9La3.zip',
'/file.zip',
'/ali.txt',
'/logs.zip',
'/account-liemted.info.zip',
'/db.zip',
'/zonalzone.zip',
'/files.zip',
'/adobeCom.zip',
'/revalidate.zip',
'/PDF.zip',
'/google.zip',
'/verify.zip',
'/l0gz.txt',
'/match2.zip',
'/ww.zip',
'/mobile.free.fr.zip',
'/bmg.zip',
'/Goldencat.zip',
'/fA3NT3A.zip',
'/Alibaba.com.zip',
'/drive.zip',
'/melog-india.txt',
'/doc.zip',
'/pagedoc.zip',
'/art.zip',
'/Google.zip',
'/GD1.zip',
'/googledoc.zip',
'/wells.zip',
'/New.zip',
'/IR.zip',
'/newhotmail.zip',
'/gduc.zip',
'/lnnn.zip',
'/netflix.zip',
'/example.zip',
'/christianmingle.zip',
'/payment.zip',
'/2015.zip',
'/googledrive.zip',
'/Ameli.zip',
'/update.zip',
'/mgsnew..zip',
'/note.txt',
'/man.txt',
'/hotmail.zip',
'/login.zip',
'/b4.txt',
'/znD.zip',
'/domain.zip',
'/wellsfargo.zip',
'/030317_akt.zip',
'/newpage.zip',
'/cnm.zip',
'/irs.zip',
'/Yahoo.zip',
'/TT.zip',
'/dp.zip',
'/googledocs.zip',
'/http.zip',
'/ourtime.zip',
'/m2u.zip',
'/href.zip',
'/Verify_now.zip',
'/AOL.zip',
'/changes.txt',
'/1.zip',
'/ipic.zip',
'/remax.zip',
'/kma.zip',
'/Zone1.zip',
'/2014gdocs.zip',
'/msn.zip',
'/users.txt',
'/office.zip',
'/g-doc-secure.zip',
'/pdf.zip',
'/rhb.com.my.zip',
'/mgs.zip',
'/ca7nA4la2.zip',
'/Goldbook.zip',
'/u1.zip',
'/document.zip',
'/m.zip',
'/base.zip',
'/docss.zip',
'/bookmark.zip',
'/Account.zip',
'/Full.txt',
'/cap1-360.zip',
'/mint.zip',
'/yahoo.zip',
'/GD.zip',
'/error_log.txt',
'/host.zip',
'/BDBB.zip',
'/newdocxb.zip',
'/License_windows.txt',
'/Ed.zip',
'/chm.zip',
'/www.zip',
'/upgrade.zip',
'/ayo1.zip',
'/wp-admin.zip',
'/godaddyac.zip',
'/ID.txt',
'/drpbox.zip',
'/dpbx.zip',
'/web.zip',
'/confirmation.zip',
'/AmEx.zip',
'/excel.zip',
'/Login.zip',
'/DHL.zip',
'/logs.txt',
'/gdocc.zip',
'/Aol.txt',
'/view.zip',
'/ipaad.zip',
'/Contact%20Logs.txt',
'/succes.txt',
'/cO9nI8C.zip',
'/30horasdigitalmodulodesegurancafeitoparavoce.zip',
'/agreement_docs2.zip',
'/vu.txt',
'/credits.txt',
'/c6.zip',
'/aol.zip',
'/docx.zip',
'/home.zip',
'/onedrive.zip',
'/STD.zip',
'/gdoc.zip',
'/drive.ggle.com.zip'
].freeze
if ARGV.length != 1
puts "Usage: phishget.rb https://website.com"
exit
end
address = ARGV[0]
FILELIST.each do |u|
response = HTTParty.get("#{address}#{u}")
puts "Interesting URL found: #{u}" if response.code == 200
end
puts "Successfully scanned #{FILELIST.length} URLs"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment