PHP Site Scanner

Written by Tully on July 27, 2009 Categories: PHP Tags: , , ,

This is a script I wrote to go through a list of URLS and return the Server Response code. This can be used to look for site vulnerabilities such as hidden directories. This example only has a few pages in the array. If you have a big list of common directories, the best way would be to have the script load those directories line by line from the file. Also, if you were looking for a particular response code you could either pipe the output to grep, or add the response code after the “HTTP/1.1″ in the strstr function.


<?php

$host "www.google.com";
$port 80;
$pages = array("/cgi-bin","/admin","/test","/beta");

foreach ($pages as $page) {
 $fp fsockopen($host,$port,$errno,$errstr,30);
 if (!$fp) {
  echo "$errstr ($errno)";
 } else {
 $out "GET $page HTTP/1.1rn";
 $out.= "Host: $hostrn";
 $out .= "Connection: Closernrn";
 fwrite($fp,$out);
 while (!feof($fp)) {
  $data fread($fp20);
  if (strstr($data,'HTTP/1.1')) {
   echo " Site: $host n Page: $page n Code: $data nn";
  } 
 } 
 unset($data);
 unset($out);
 fclose($fp);
 }
}

?>

No Comments

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

«  —  »