technion/phishget.rb

## phishget.rb
#!/usr/bin/env ruby
require 'httparty'

FILELIST = [
  '/dropbox.zip',
  '/robots.txt', # Not from the original list - this serves as a sanity check as it usually exists
  '/css/business-frontpage.css',
  '/newphase.zip',
  '/Doc.zip',
  '/wp-content.zip',
  '/auth.zip',
  '/Pdf.zip',
  '/secure-dropbox.zip',
  '/dropbox2016.zip',
  '/yahoo%202.txt',
  '/adobe.zip',
  '/mn.zip',
  '/Dropbox.zip',
  '/x.txt',
  '/dhl.zip',
  '/accepted_visitors.txt',
  '/GoogleDoc.zip',
  '/USAA2014.zip',
  '/docs.zip',
  '/8-login-form.zip',
  '/sent.zip',
  '/new2015.zip',
  '/Adobe.zip',
  '/G550.zip',
  '/info.txt',
  '/secured-view%20(2).zip',
  '/box.zip',
  '/rof.txt',
  '/webmail.zip',
  '/laXa1a1.txt',
  '/Drop.zip',
  '/page.zip',
  '/log.txt',
  '/adobelatest.zip',
  '/WellsLINK.zip',
  '/apple.zip',
  '/china.zip',
  '/License_linux.txt',
  '/new.zip',
  '/newp.zip',
  '/b1.txt',
  '/paypal.zip',
  '/ipad.zip',
  '/gmail.zip',
  '/Dropfile.zip',
  '/FE4Nt3a.zip',
  '/Arch.zip',
  '/IRS.zip',
  '/review.zip',
  '/yh.txt',
  '/eogpr.zip',
  '/dbfile.zip',
  '/1.txt',
  '/account.zip',
  '/godaddy.zip',
  '/PDF%20-01.zip',
  '/share.zip',
  '/secure.zip',
  '/login.alibaba.com.zip',
  '/Documentos.file.html.zip',
  '/pi9sI3ca6.zip',
  '/Gdoc.zip',
  '/as.txt',
  '/mam.txt',
  '/action.zip',
  '/office365.zip',
  '/la4BA0Re3L.zip',
  '/aol..txt',
  '/usaa.zip',
  '/MailVerification.zip',
  '/app.zip',
  '/pageo.zip',
  '/web1.zip',
  '/chq.zip',
  '/drop.zip',
  '/GOOGLENEWW.zip',
  '/admin.zip',
  '/nD.zip',
  '/Counter.zip',
  '/css.zip',
  '/survey.zip',
  '/CO9La3.zip',
  '/file.zip',
  '/ali.txt',
  '/logs.zip',
  '/account-liemted.info.zip',
  '/db.zip',
  '/zonalzone.zip',
  '/files.zip',
  '/adobeCom.zip',
  '/revalidate.zip',
  '/PDF.zip',
  '/google.zip',
  '/verify.zip',
  '/l0gz.txt',
  '/match2.zip',
  '/ww.zip',
  '/mobile.free.fr.zip',
  '/bmg.zip',
  '/Goldencat.zip',
  '/fA3NT3A.zip',
  '/Alibaba.com.zip',
  '/drive.zip',
  '/melog-india.txt',
  '/doc.zip',
  '/pagedoc.zip',
  '/art.zip',
  '/Google.zip',
  '/GD1.zip',
  '/googledoc.zip',
  '/wells.zip',
  '/New.zip',
  '/IR.zip',
  '/newhotmail.zip',
  '/gduc.zip',
  '/lnnn.zip',
  '/netflix.zip',
  '/example.zip',
  '/christianmingle.zip',
  '/payment.zip',
  '/2015.zip',
  '/googledrive.zip',
  '/Ameli.zip',
  '/update.zip',
  '/mgsnew..zip',
  '/note.txt',
  '/man.txt',
  '/hotmail.zip',
  '/login.zip',
  '/b4.txt',
  '/znD.zip',
  '/domain.zip',
  '/wellsfargo.zip',
  '/030317_akt.zip',
  '/newpage.zip',
  '/cnm.zip',
  '/irs.zip',
  '/Yahoo.zip',
  '/TT.zip',
  '/dp.zip',
  '/googledocs.zip',
  '/http.zip',
  '/ourtime.zip',
  '/m2u.zip',
  '/href.zip',
  '/Verify_now.zip',
  '/AOL.zip',
  '/changes.txt',
  '/1.zip',
  '/ipic.zip',
  '/remax.zip',
  '/kma.zip',
  '/Zone1.zip',
  '/2014gdocs.zip',
  '/msn.zip',
  '/users.txt',
  '/office.zip',
  '/g-doc-secure.zip',
  '/pdf.zip',
  '/rhb.com.my.zip',
  '/mgs.zip',
  '/ca7nA4la2.zip',
  '/Goldbook.zip',
  '/u1.zip',
  '/document.zip',
  '/m.zip',
  '/base.zip',
  '/docss.zip',
  '/bookmark.zip',
  '/Account.zip',
  '/Full.txt',
  '/cap1-360.zip',
  '/mint.zip',
  '/yahoo.zip',
  '/GD.zip',
  '/error_log.txt',
  '/host.zip',
  '/BDBB.zip',
  '/newdocxb.zip',
  '/License_windows.txt',
  '/Ed.zip',
  '/chm.zip',
  '/www.zip',
  '/upgrade.zip',
  '/ayo1.zip',
  '/wp-admin.zip',
  '/godaddyac.zip',
  '/ID.txt',
  '/drpbox.zip',
  '/dpbx.zip',
  '/web.zip',
  '/confirmation.zip',
  '/AmEx.zip',
  '/excel.zip',
  '/Login.zip',
  '/DHL.zip',
  '/logs.txt',
  '/gdocc.zip',
  '/Aol.txt',
  '/view.zip',
  '/ipaad.zip',
  '/Contact%20Logs.txt',
  '/succes.txt',
  '/cO9nI8C.zip',
  '/30horasdigitalmodulodesegurancafeitoparavoce.zip',
  '/agreement_docs2.zip',
  '/vu.txt',
  '/credits.txt',
  '/c6.zip',
  '/aol.zip',
  '/docx.zip',
  '/home.zip',
  '/onedrive.zip',
  '/STD.zip',
  '/gdoc.zip',
  '/drive.ggle.com.zip'
].freeze

if ARGV.length != 1
  puts "Usage: phishget.rb https://website.com"
  exit
end

address = ARGV[0]

FILELIST.each do |u|
  response = HTTParty.get("#{address}#{u}")
  puts "Interesting URL found: #{u}" if response.code == 200
end
puts "Successfully scanned #{FILELIST.length} URLs"
	#!/usr/bin/env ruby
	require 'httparty'

	FILELIST = [
	'/dropbox.zip',
	'/robots.txt', # Not from the original list - this serves as a sanity check as it usually exists
	'/css/business-frontpage.css',
	'/newphase.zip',
	'/Doc.zip',
	'/wp-content.zip',
	'/auth.zip',
	'/Pdf.zip',
	'/secure-dropbox.zip',
	'/dropbox2016.zip',
	'/yahoo%202.txt',
	'/adobe.zip',
	'/mn.zip',
	'/Dropbox.zip',
	'/x.txt',
	'/dhl.zip',
	'/accepted_visitors.txt',
	'/GoogleDoc.zip',
	'/USAA2014.zip',
	'/docs.zip',
	'/8-login-form.zip',
	'/sent.zip',
	'/new2015.zip',
	'/Adobe.zip',
	'/G550.zip',
	'/info.txt',
	'/secured-view%20(2).zip',
	'/box.zip',
	'/rof.txt',
	'/webmail.zip',
	'/laXa1a1.txt',
	'/Drop.zip',
	'/page.zip',
	'/log.txt',
	'/adobelatest.zip',
	'/WellsLINK.zip',
	'/apple.zip',
	'/china.zip',
	'/License_linux.txt',
	'/new.zip',
	'/newp.zip',
	'/b1.txt',
	'/paypal.zip',
	'/ipad.zip',
	'/gmail.zip',
	'/Dropfile.zip',
	'/FE4Nt3a.zip',
	'/Arch.zip',
	'/IRS.zip',
	'/review.zip',
	'/yh.txt',
	'/eogpr.zip',
	'/dbfile.zip',
	'/1.txt',
	'/account.zip',
	'/godaddy.zip',
	'/PDF%20-01.zip',
	'/share.zip',
	'/secure.zip',
	'/login.alibaba.com.zip',
	'/Documentos.file.html.zip',
	'/pi9sI3ca6.zip',
	'/Gdoc.zip',
	'/as.txt',
	'/mam.txt',
	'/action.zip',
	'/office365.zip',
	'/la4BA0Re3L.zip',
	'/aol..txt',
	'/usaa.zip',
	'/MailVerification.zip',
	'/app.zip',
	'/pageo.zip',
	'/web1.zip',
	'/chq.zip',
	'/drop.zip',
	'/GOOGLENEWW.zip',
	'/admin.zip',
	'/nD.zip',
	'/Counter.zip',
	'/css.zip',
	'/survey.zip',
	'/CO9La3.zip',
	'/file.zip',
	'/ali.txt',
	'/logs.zip',
	'/account-liemted.info.zip',
	'/db.zip',
	'/zonalzone.zip',
	'/files.zip',
	'/adobeCom.zip',
	'/revalidate.zip',
	'/PDF.zip',
	'/google.zip',
	'/verify.zip',
	'/l0gz.txt',
	'/match2.zip',
	'/ww.zip',
	'/mobile.free.fr.zip',
	'/bmg.zip',
	'/Goldencat.zip',
	'/fA3NT3A.zip',
	'/Alibaba.com.zip',
	'/drive.zip',
	'/melog-india.txt',
	'/doc.zip',
	'/pagedoc.zip',
	'/art.zip',
	'/Google.zip',
	'/GD1.zip',
	'/googledoc.zip',
	'/wells.zip',
	'/New.zip',
	'/IR.zip',
	'/newhotmail.zip',
	'/gduc.zip',
	'/lnnn.zip',
	'/netflix.zip',
	'/example.zip',
	'/christianmingle.zip',
	'/payment.zip',
	'/2015.zip',
	'/googledrive.zip',
	'/Ameli.zip',
	'/update.zip',
	'/mgsnew..zip',
	'/note.txt',
	'/man.txt',
	'/hotmail.zip',
	'/login.zip',
	'/b4.txt',
	'/znD.zip',
	'/domain.zip',
	'/wellsfargo.zip',
	'/030317_akt.zip',
	'/newpage.zip',
	'/cnm.zip',
	'/irs.zip',
	'/Yahoo.zip',
	'/TT.zip',
	'/dp.zip',
	'/googledocs.zip',
	'/http.zip',
	'/ourtime.zip',
	'/m2u.zip',
	'/href.zip',
	'/Verify_now.zip',
	'/AOL.zip',
	'/changes.txt',
	'/1.zip',
	'/ipic.zip',
	'/remax.zip',
	'/kma.zip',
	'/Zone1.zip',
	'/2014gdocs.zip',
	'/msn.zip',
	'/users.txt',
	'/office.zip',
	'/g-doc-secure.zip',
	'/pdf.zip',
	'/rhb.com.my.zip',
	'/mgs.zip',
	'/ca7nA4la2.zip',
	'/Goldbook.zip',
	'/u1.zip',
	'/document.zip',
	'/m.zip',
	'/base.zip',
	'/docss.zip',
	'/bookmark.zip',
	'/Account.zip',
	'/Full.txt',
	'/cap1-360.zip',
	'/mint.zip',
	'/yahoo.zip',
	'/GD.zip',
	'/error_log.txt',
	'/host.zip',
	'/BDBB.zip',
	'/newdocxb.zip',
	'/License_windows.txt',
	'/Ed.zip',
	'/chm.zip',
	'/www.zip',
	'/upgrade.zip',
	'/ayo1.zip',
	'/wp-admin.zip',
	'/godaddyac.zip',
	'/ID.txt',
	'/drpbox.zip',
	'/dpbx.zip',
	'/web.zip',
	'/confirmation.zip',
	'/AmEx.zip',
	'/excel.zip',
	'/Login.zip',
	'/DHL.zip',
	'/logs.txt',
	'/gdocc.zip',
	'/Aol.txt',
	'/view.zip',
	'/ipaad.zip',
	'/Contact%20Logs.txt',
	'/succes.txt',
	'/cO9nI8C.zip',
	'/30horasdigitalmodulodesegurancafeitoparavoce.zip',
	'/agreement_docs2.zip',
	'/vu.txt',
	'/credits.txt',
	'/c6.zip',
	'/aol.zip',
	'/docx.zip',
	'/home.zip',
	'/onedrive.zip',
	'/STD.zip',
	'/gdoc.zip',
	'/drive.ggle.com.zip'
	].freeze

	if ARGV.length != 1
	puts "Usage: phishget.rb https://website.com"
	exit
	end

	address = ARGV[0]

	FILELIST.each do \|u\|
	response = HTTParty.get("#{address}#{u}")
	puts "Interesting URL found: #{u}" if response.code == 200
	end
	puts "Successfully scanned #{FILELIST.length} URLs"