mirror of
https://github.com/laramies/theHarvester.git
synced 2024-09-20 15:26:31 +08:00
Started working on google dorking, created new file: googledork.py
This commit is contained in:
parent
4f902a688c
commit
b964623a6b
56
discovery/googledork.py
Normal file
56
discovery/googledork.py
Normal file
|
@ -0,0 +1,56 @@
|
|||
import string
|
||||
import sys
|
||||
import myparser
|
||||
import re
|
||||
import time
|
||||
import requests
|
||||
|
||||
class google_dork:
|
||||
|
||||
def __init__(self, target, limit, start):
|
||||
self.target = target
|
||||
self.results = ""
|
||||
self.totalresults = ""
|
||||
self.dorks = []
|
||||
self.links = []
|
||||
self.database = "https://www.google.com/search?q="
|
||||
self.userAgent = "(Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6"
|
||||
self.quantity = "100"
|
||||
self.limit = limit
|
||||
self.counter = start
|
||||
|
||||
def append_dorks(self):
|
||||
try: #wrap in try-except incase filepaths are messed up
|
||||
with open('../theHarvester/wordlists/dorks.txt',mode='r') as fp:
|
||||
for dork in fp:
|
||||
self.dorks.append(dork)
|
||||
except IOError as error:
|
||||
print(error)
|
||||
|
||||
def construct_dorks(self):
|
||||
#format is: site:targetwebsite.com + space + inurl:admindork
|
||||
colon = "%3A"
|
||||
plus = "%2B"
|
||||
space = '+'
|
||||
#populate links list
|
||||
self.links = [self.database + space + str(dork).replace(':',colon).replace('+',plus) for dork in self.dorks]
|
||||
|
||||
def temp(self):
|
||||
for link in self.links:
|
||||
print('link is: link')
|
||||
|
||||
def do_search(self):
|
||||
for link in self.links:
|
||||
try:
|
||||
req = requests.get(link)
|
||||
time.sleep(0.2)
|
||||
self.results = req.content
|
||||
self.totalresults += self.results
|
||||
except Exception: #if something happens
|
||||
continue
|
||||
|
||||
def get_emails(self):
|
||||
pass
|
||||
|
||||
def get_files(self):
|
||||
pass
|
|
@ -45,6 +45,7 @@ def usage():
|
|||
print """ -b: data source: baidu, bing, bingapi, dogpile, google, googleCSE,
|
||||
googleplus, google-profiles, linkedin, pgp, twitter, vhost,
|
||||
virustotal, threatcrowd, crtsh, netcraft, yahoo, all\n"""
|
||||
print " -g: perform google dorking"
|
||||
print " -s: start in result number X (default: 0)"
|
||||
print " -v: verify host name via dns resolution and search for virtual hosts"
|
||||
print " -f: save the results into an HTML and XML file (both)"
|
||||
|
@ -68,7 +69,7 @@ def start(argv):
|
|||
usage()
|
||||
sys.exit()
|
||||
try:
|
||||
opts, args = getopt.getopt(argv, "l:d:b:s:vf:nhcpte:")
|
||||
opts, args = getopt.getopt(argv, "l:d:b:s:vf:nghcpte:")
|
||||
except getopt.GetoptError:
|
||||
usage()
|
||||
sys.exit()
|
||||
|
@ -85,6 +86,7 @@ def start(argv):
|
|||
dnsbrute = False
|
||||
dnstld = False
|
||||
shodan = False
|
||||
google_dorking = False
|
||||
vhost = []
|
||||
virtual = False
|
||||
ports_scanning = False
|
||||
|
@ -96,6 +98,8 @@ def start(argv):
|
|||
limit = int(arg)
|
||||
elif opt == '-d':
|
||||
word = arg
|
||||
elif opt == '-g':
|
||||
google_dorking = True
|
||||
elif opt == '-s':
|
||||
start = int(arg)
|
||||
elif opt == '-v':
|
||||
|
@ -355,7 +359,7 @@ def start(argv):
|
|||
all_emails.extend(emails)
|
||||
#Clean up email list, sort and uniq
|
||||
all_emails=sorted(set(all_emails))
|
||||
|
||||
|
||||
#Results############################################################
|
||||
print("\n\033[1;32;40m Harvesting results")
|
||||
print "\n\n[+] Emails found:"
|
||||
|
@ -509,8 +513,6 @@ def start(argv):
|
|||
print "------------------"
|
||||
for x in shodanres:
|
||||
print x.split("SAPO")[0] + ":" + x.split("SAPO")[1]
|
||||
else:
|
||||
pass
|
||||
|
||||
###################################################################
|
||||
# Here i need to add explosion mode.
|
||||
|
@ -528,6 +530,18 @@ def start(argv):
|
|||
else:
|
||||
pass
|
||||
|
||||
# Google Dorking####################################################
|
||||
info_found = []
|
||||
if google_dorking == True:
|
||||
print "Starting Google Dorking: "
|
||||
search = googledork(target='www.microsoft.com',
|
||||
limit=10, start=0)
|
||||
search.append_dorks()
|
||||
search.construct_dorks()
|
||||
search.temp()
|
||||
else:
|
||||
pass
|
||||
|
||||
#Reporting#######################################################
|
||||
if filename != "":
|
||||
try:
|
||||
|
|
34
wordlists/dorks.txt
Normal file
34
wordlists/dorks.txt
Normal file
|
@ -0,0 +1,34 @@
|
|||
inurl:/careers-detail.asp?id=
|
||||
inurl:/*.php?id=
|
||||
inurl:/os_view_full.php?
|
||||
intext:"Powered By : SE Software Technologies" filetype:php
|
||||
inurl:/calendar.php?token=
|
||||
inurl:sql.php?id=
|
||||
inurl:download.php?id=
|
||||
inurl:main.php?id=
|
||||
inurl:Pageid=
|
||||
inurl:"id=" & intext:"Warning: pg_exec()
|
||||
inurl:"id=" & intext:"Warning: session_start()
|
||||
intext:"Fill out the form below completely to change your password and user name. If new username is left blank, your old one will be assumed." -edu
|
||||
intitle:"Content Management System" "user name"|"password"|"admin" "Microsoft IE 5.5" -mambo
|
||||
intitle:"EXTRANET login" -.edu -.mil -.gov
|
||||
intitle:"Login -
|
||||
intitle:"phpPgAdmin - Login" Language
|
||||
inurl:":10000" intext:webmin
|
||||
inurl:"usysinfo?login=true"
|
||||
index.php?body=
|
||||
main.php?x=
|
||||
index.php?loc=
|
||||
page.php?doc=
|
||||
administrator/components/com_webring/admin.webring.docs.php?component_dir=
|
||||
sub*.php?channel=
|
||||
press.php?*[*]*=
|
||||
admin/account.html
|
||||
admin/adminLogin.html
|
||||
login.html
|
||||
login.%XT%
|
||||
administrator/account.%XT%
|
||||
Database_Administration/
|
||||
phpSQLiteAdmin/
|
||||
0admin/
|
||||
super_login%XT%
|
Loading…
Reference in a new issue