Started working on google dorking, created new file: googledork.py

2024-09-20 15:26:31 +08:00 · 2018-10-18 13:14:30 -04:00 · 2018-10-18 13:14:30 -04:00 · b964623a6b
parent 4f902a688c
commit b964623a6b
3 changed files with 108 additions and 4 deletions
--- a/discovery/googledork.py
+++ b/discovery/googledork.py
@ -0,0 +1,56 @@
+import string
+import sys
+import myparser
+import re
+import time
+import requests
+
+class google_dork:
+
+    def __init__(self, target, limit, start):
+        self.target = target
+        self.results = ""
+        self.totalresults = ""
+        self.dorks = []
+        self.links = []
+        self.database = "https://www.google.com/search?q="
+        self.userAgent = "(Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6"
+        self.quantity = "100"
+        self.limit = limit
+        self.counter = start
+
+    def append_dorks(self):
+        try: #wrap in try-except incase filepaths are messed up
+            with open('../theHarvester/wordlists/dorks.txt',mode='r') as fp:
+                for dork in fp:
+                    self.dorks.append(dork)
+        except IOError as error:
+            print(error)
+
+    def construct_dorks(self):
+        #format is: site:targetwebsite.com + space + inurl:admindork
+        colon = "%3A"
+        plus = "%2B"
+        space = '+'
+        #populate links list
+        self.links = [self.database + space + str(dork).replace(':',colon).replace('+',plus) for dork in self.dorks]
+
+    def temp(self):
+        for link in self.links:
+            print('link is: link')
+
+    def do_search(self):
+        for link in self.links:
+              try:
+                  req = requests.get(link)
+                  time.sleep(0.2)
+                  self.results = req.content
+                  self.totalresults += self.results
+              except Exception: #if something happens
+                  continue
+
+    def get_emails(self):
+        pass
+
+    def get_files(self):
+        pass
--- a/theHarvester.py
+++ b/theHarvester.py
@ -45,6 +45,7 @@ def usage():
    print """       -b: data source: baidu, bing, bingapi, dogpile, google, googleCSE,
                        googleplus, google-profiles, linkedin, pgp, twitter, vhost, 
                        virustotal, threatcrowd, crtsh, netcraft, yahoo, all\n"""
+    print "       -g: perform google dorking"
    print "       -s: start in result number X (default: 0)"
    print "       -v: verify host name via dns resolution and search for virtual hosts"
    print "       -f: save the results into an HTML and XML file (both)"
@ -68,7 +69,7 @@ def start(argv):
        usage()
        sys.exit()
    try:
-        opts, args = getopt.getopt(argv, "l:d:b:s:vf:nhcpte:")
+        opts, args = getopt.getopt(argv, "l:d:b:s:vf:nghcpte:")
    except getopt.GetoptError:
        usage()
        sys.exit()
@ -85,6 +86,7 @@ def start(argv):
    dnsbrute = False
    dnstld = False
    shodan = False
+    google_dorking = False
    vhost = []
    virtual = False
    ports_scanning = False
@ -96,6 +98,8 @@ def start(argv):
            limit = int(arg)
        elif opt == '-d':
            word = arg
+        elif opt == '-g':
+            google_dorking = True
        elif opt == '-s':
            start = int(arg)
        elif opt == '-v':
@ -355,7 +359,7 @@ def start(argv):
        all_emails.extend(emails)
        #Clean up email list, sort and uniq
        all_emails=sorted(set(all_emails))
-    
+
    #Results############################################################
    print("\n\033[1;32;40m Harvesting results")
    print "\n\n[+] Emails found:"
@ -509,8 +513,6 @@ def start(argv):
        print "------------------"
        for x in shodanres:
            print x.split("SAPO")[0] + ":" + x.split("SAPO")[1]
-    else:
-        pass

    ###################################################################
    # Here i need to add explosion mode.
@ -528,6 +530,18 @@ def start(argv):
    else:
        pass

+    # Google Dorking####################################################
+    info_found = []
+    if google_dorking == True:
+        print "Starting Google Dorking: "
+        search = googledork(target='www.microsoft.com',
+                            limit=10, start=0)
+        search.append_dorks()
+        search.construct_dorks()
+        search.temp()
+    else:
+        pass
+
    #Reporting#######################################################
    if filename != "":
        try:
--- a/wordlists/dorks.txt
+++ b/wordlists/dorks.txt
@ -0,0 +1,34 @@
+inurl:/careers-detail.asp?id=
+inurl:/*.php?id=
+inurl:/os_view_full.php?
+intext:"Powered By : SE Software Technologies" filetype:php
+inurl:/calendar.php?token=
+inurl:sql.php?id=
+inurl:download.php?id=
+inurl:main.php?id=
+inurl:Pageid=
+inurl:"id=" & intext:"Warning: pg_exec()
+inurl:"id=" & intext:"Warning: session_start()
+intext:"Fill out the form below completely to change your password and user name. If new username is left blank, your old one will be assumed." -edu
+intitle:"Content Management System" "user name"|"password"|"admin" "Microsoft IE 5.5" -mambo
+intitle:"EXTRANET login" -.edu -.mil -.gov
+intitle:"Login -
+intitle:"phpPgAdmin - Login" Language
+inurl:":10000" intext:webmin
+inurl:"usysinfo?login=true"
+index.php?body=
+main.php?x=
+index.php?loc=
+page.php?doc=
+administrator/components/com_webring/admin.webring.docs.php?component_dir=
+sub*.php?channel=
+press.php?*[*]*=
+admin/account.html
+admin/adminLogin.html
+login.html
+login.%XT%
+administrator/account.%XT%
+Database_Administration/
+phpSQLiteAdmin/
+0admin/
+super_login%XT%