├── .gitignore ├── README.md ├── cgi.list ├── simple.list └── wwwscan.py /.gitignore: -------------------------------------------------------------------------------- 1 | *.html 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # wwwscan 2 | Web Scanner by python 3 | web目录扫描器 4 | 5 | Usage: 6 | * python wwwsacn.py host 7 | -------------------------------------------------------------------------------- /cgi.list: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aducode/wwwscan/b9c65763f7f41268fd39c4603fc3d15d87078b23/cgi.list -------------------------------------------------------------------------------- /simple.list: -------------------------------------------------------------------------------- 1 | /admin 2 | /admin:$i30:$INDEX_ALLOCATION/index.php 3 | /admin::$INDEX_ALLOCATION/index.php 4 | -------------------------------------------------------------------------------- /wwwscan.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | #-*- coding:utf-8 -*- 3 | import requests 4 | import sys 5 | import platform 6 | if platform.system() == 'Linux': 7 | def linux_print(msg, not_found=True): 8 | if not_found: 9 | print '\033[1;32;40m' 10 | print msg 11 | print '\033[0m' 12 | else: 13 | print msg 14 | _print = linux_print 15 | elif platform.system() == 'Windows': 16 | from ctypes import * 17 | windll.Kernel32.GetStdHandle.restype = c_ulong 18 | h = windll.Kernel32.GetStdHandle(c_ulong(0xfffffff5)) 19 | globals().update(h=h) 20 | def windows_print(msg, not_found=True): 21 | if not_found: 22 | windll.Kernel32.SetConsoleTextAttribute(h,10) 23 | print msg 24 | windll.Kernel32.SetConsoleTextAttribute(h,7) 25 | else: 26 | print msg 27 | _print = windows_print 28 | 29 | if len(sys.argv) < 2: 30 | print 'Usage:wwwscan.py xxxx' 31 | sys.exit(1) 32 | url = sys.argv[1] 33 | outfile = url 34 | if ':' in outfile: 35 | outfile = outfile.split(':')[0] 36 | out = open(outfile+'.html','a') 37 | url = 'http://%s' % url 38 | response = requests.get(url) 39 | server = response.headers.get('Server',None) or response.headers.get('server', None) or response.headers.get('SERVER',None) 40 | print '--------------------------------------' 41 | print '[Server]:\t%s' % server 42 | print '--------------------------------------' 43 | dictinory = 'cgi.list' 44 | if len(sys.argv)>2: 45 | dictinory = sys.argv[2] 46 | paths = open(dictinory,'r') 47 | for path in paths: 48 | path = path.strip() 49 | if not path.startswith('/'): 50 | path = '/' + path 51 | response = requests.get(url+path) 52 | if response.status_code != 404: 53 | out.write('%s %s
\n' % (url, path, path, response.status_code, )) 54 | out.flush() 55 | _print('%d\t%s'%(response.status_code, path,), response.status_code == 404) 56 | out.close() 57 | paths.close() 58 | 59 | --------------------------------------------------------------------------------