├── README.md
├── apafi.png
└── apafi.py
/README.md:
--------------------------------------------------------------------------------
1 | # APAFI
2 | APAFI is admin panel finder tool, its useful to find hidden admin panel.
3 |
4 | 
5 |
--------------------------------------------------------------------------------
/apafi.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Gameye98/APAFI/561b2cf09970d8630db4a6424fea96b7ae5af1ff/apafi.png
--------------------------------------------------------------------------------
/apafi.py:
--------------------------------------------------------------------------------
1 | #!/system/bin/python
2 | """
3 | APAFI 1.0
4 | Date. : 14-08-2017
5 | Author : DedSecTL
6 | Purpose : Admin Panel Finder
7 |
8 | Copyright (c) 2017, DedSecTL All rights reserved.
9 |
10 | Redistribution and use in source and binary forms, with or without modification,
11 | are permitted provided that the following conditions are met: * Redistributions
12 | of source code must retain the above copyright notice, this list of conditions and
13 | the following disclaimer. * Redistributions in binary form must reproduce the above
14 | copyright notice, this list of conditions and the following disclaimer in the
15 | documentation and/or other materials provided with the distribution. * Neither the
16 | name of the nor the names of its contributors may be used to endorse or promote
17 | products derived from this software without specific prior written permission.
18 |
19 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
21 | THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
22 | DISCLAIMED. IN NO EVENT SHALL CHRISTOPHER DUFFY BE LIABLE FOR ANY DIRECT, INDIRECT,
23 | INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
24 | PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 | LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
27 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | """
29 | import os, httplib, time
30 |
31 | os.system("clear")
32 | print ":::'###::::'########:::::'###::::'########:'####:::::::'##::::::::::'#####::::::"
33 | print "::'## ##::: ##.... ##:::'## ##::: ##.....::. ##::::::'####:::::::::'##.. ##:::::"
34 | print ":'##:. ##:: ##:::: ##::'##:. ##:: ##:::::::: ##::::::.. ##::::::::'##:::: ##::::"
35 | print "'##:::. ##: ########::'##:::. ##: ######:::: ##:::::::: ##:::::::: ##:::: ##::::"
36 | print " #########: ##.....::: #########: ##...::::: ##:::::::: ##:::::::: ##:::: ##::::"
37 | print " ##.... ##: ##:::::::: ##.... ##: ##:::::::: ##:::::::: ##:::'###:. ##:: ##:::::"
38 | print " ##:::: ##: ##:::::::: ##:::: ##: ##:::::::'####:::::'######: ###::. #####::::::"
39 | print "..:::::..::..:::::::::..:::::..::..::::::::....::::::......::...::::.....:::::::"
40 | print " -=[ APAFI 1.0 -- Admin Panel Finder ]=-"
41 | print " -=[ Author : DedSecTL ]=-"
42 | print " -=[ AndroSec1337 Cyber Team ]=-"
43 | print
44 | sitiu = raw_input("Domain (ex: www.site.com): ")
45 | situs = sitiu.replace("http://","").rsplit("/",1)[0]
46 | situs = situs.lower()
47 |
48 | admin_path = ['admin1.php','admin1.html','admin2.php','admin2.html','yonetim.php','yonetim.html','yonetici.php','yonetici.html','ccms/','ccms','login.php','ccms/index.php','maintenance/','webmaster/','adm/','configuration/','configure/','websvn/','admin/','admin/account.php','admin/account.html','admin/index.php','admin/index.html','admin/login.php','admin/login.html','admin/home.php','admin/controlpanel.html','admin/controlpanel.php','admin.php','admin.html','admin/cp.php','admin/cp.html','cp.php','cp.html','administrator/','administrator/index.html','administrator/index.php','administrator/login.html','administrator/login.php','administrator/account.html','administrator/account.php','administrator.php','administrator.html','login.php','login.html','modelsearch/login.php','moderator.php','moderator.html','moderator/login.php','moderator/login.html','moderator/admin.php','moderator/admin.html','moderator/','account.php','account.html','controlpanel/','controlpanel.php','controlpanel.html','admincontrol.php','admincontrol.html','adminpanel.php','adminpanel.html','admin1.asp','admin2.asp','yonetim.asp','yonetici.asp','admin/account.asp','admin/index.asp','admin/login.asp','admin/home.asp','admin/controlpanel.asp','admin.asp','admin/cp.asp','cp.asp','administrator/index.asp','administrator/login.asp','administrator/account.asp','administrator.asp','login.asp','modelsearch/login.asp','moderator.asp','moderator/login.asp','moderator/admin.asp','account.asp','controlpanel.asp','admincontrol.asp','adminpanel.asp','fileadmin/','fileadmin.php','fileadmin.asp','fileadmin.html','administration/','administration.php','administration.html','sysadmin.php','sysadmin.html','phpmyadmin/','myadmin/','sysadmin.asp','sysadmin/','ur-admin.asp','ur-admin.php','ur-admin.html','ur-admin/','Server.php','Server.html','Server.asp','Server/','wp-admin/','administr8.php','administr8.html','administr8/','administr8.asp','webadmin/','webadmin.php','webadmin.asp','webadmin.html','administratie/','admins/','admins.php','admins.asp','admins.html','administrivia/','Database_Administration/','WebAdmin/','useradmin/','sysadmins/','admin1/','system-administration/','administrators/','pgadmin/','directadmin/','staradmin/','ServerAdministrator/','SysAdmin/','administer/','LiveUser_Admin/','sys-admin/','typo3/','panel/','cpanel/','cPanel/','cpanel_file/','platz_login/','rcLogin/','blogindex/','formslogin/','autologin/','support_login/','meta_login/','manuallogin/','simpleLogin/','loginflat/','utility_login/','showlogin/','memlogin/','members/','login-redirect/','sub-login/','wp-login/','login1/','dir-login/','login_db/','xlogin/','smblogin/','customer_login/','UserLogin/','login-us/','acct_login/','admin_area/','bigadmin/','project-admins/','phppgadmin/','pureadmin/','sql-admin/','radmind/','openvpnadmin/','wizmysqladmin/','vadmind/','ezsqliteadmin/','hpwebjetadmin/','newsadmin/','adminpro/','Lotus_Domino_Admin/','bbadmin/','vmailadmin/','Indy_admin/','ccp14admin/','irc-macadmin/','banneradmin/','sshadmin/','phpldapadmin/','macadmin/','administratoraccounts/','admin4_account/','admin4_colon/','radmind-1/','Super-Admin/','AdminTools/','cmsadmin/','SysAdmin2/','globes_admin/','cadmins/','phpSQLiteAdmin/','navSiteAdmin/','server_admin_small/','logo_sysadmin/','server/','database_administration/','power_user/','system_administration/','ss_vms_admin_sm/','adminarea/','bb-admin/','adminLogin/','panel-administracion/','instadmin/','memberadmin/','administratorlogin/','admin/admin.php','admin_area/admin.php','admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/admin.html','admin_area/index.php','bb-admin/index.php','bb-admin/login.php','bb-admin/admin.php','admin_area/login.html','admin_area/index.html','admincp/index.asp','admincp/login.asp','admincp/index.html','webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html','nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php','bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','admin/adminLogin.html','adminLogin.html','home.html','rcjakar/admin/login.php','adminarea/index.html','adminarea/admin.html','webadmin/index.php','webadmin/admin.php','user.html','modelsearch/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admincontrol/login.html','adm/index.html','adm.html','user.php','panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','adminarea/index.php','adminarea/admin.php','adminarea/login.php','panel-administracion/index.php','panel-administracion/admin.php','modelsearch/index.php','modelsearch/admin.php','admincontrol/login.php','adm/admloginuser.php','admloginuser.php','admin2/login.php','admin2/index.php','adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php','admin/admin.asp','admin_area/admin.asp','admin_area/login.asp','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp','bb-admin/admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','user.asp','webadmin/index.asp','webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp','adminLogin.asp','admin/adminLogin.asp','home.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp','panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp','admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2/login.asp','admin2/index.asp','adm/index.asp','adm.asp','affiliate.asp','adm_auth.asp','memberadmin.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp','ADMIN/','paneldecontrol/','login/','cms/','panel.php','admin/login.php','login.php','adm.php','administracion.php','administrator/','admon/','ADMON/','administrador/','ADMIN/login.php','panelc/','ADMIN/login.html','admin./','adm./','admincp./','admcp./','cp./','modcp./','moderatorcp./','adminare./','admins./','cpanel./','controlpanel./','redaktor','@webadmin','redaktorweb','adm','rehasia','rehasiaweb']
49 |
50 | print
51 |
52 | try:
53 | for admin in admin_path:
54 | admin = admin.replace("\n","")
55 | admin = "/" + admin
56 | connection = httplib.HTTPConnection(situs)
57 | connection.request("GET",admin)
58 | response = connection.getresponse()
59 | print "APAFI: [%s]-[%s]-[%s]" % (admin, response.status, response.reason)
60 | except(KeyboardInterrupt,SystemExit):
61 | raise
62 | except:
63 | pass
--------------------------------------------------------------------------------