这是一段通过字典进行网站后台扫描的代码,为什么找到存在的网站后循环就终止了,整段就这样停止了?
php = ['admin/', 'administrator/', 'admin1/', 'admin2/', 'admin3/', 'admin4/', 'admin5/', 'usuarios/', 'usuario/',
'administrator/', 'moderator/', 'webadmin/', 'adminarea/', 'bb-admin/', 'adminLogin/', 'admin_area/',
'panel-administracion/', 'instadmin/',
'memberadmin/', 'administratorlogin/', 'adm/', 'admin/account.php', 'admin/index.php', 'admin/login.php',
'admin/admin.php', 'admin/account.php',
'admin_area/admin.php', 'admin_area/login.php', 'siteadmin/login.php', 'siteadmin/index.php',
'siteadmin/login.html', 'admin/account.html', 'admin/index.html', 'admin/login.html', 'admin/admin.html',
'admin_area/index.php', 'bb-admin/index.php', 'bb-admin/login.php', 'bb-admin/admin.php', 'admin/home.php',
'admin_area/login.html', 'admin_area/index.html',
'admin/controlpanel.php', 'admin.php', 'admincp/index.asp', 'admincp/login.asp', 'admincp/index.html',
'admin/account.html', 'adminpanel.html', 'webadmin.html',..............]
try:
var1=0
var2=0
try:
site=target
site = site.replace("http://","")
print ("\tChecking website " + site + "...")
conn = httplib.HTTPConnection(site)
conn.connect()
print "\t[$] Yes... Server is Online."
except (httplib.HTTPResponse, socket.error) as Exit:
print 'error'
# raw_input("\t [!] Oops Error occured, Server offline or invalid URL")
db.close()
return
print("\t [+] Scanning " + site + "...\n\n")
for admin in php:
admin = admin.replace("\n", "")
admin = "/" + admin
host = site + admin
print ("\t [#] Checking " + host + "...")
connection = httplib.HTTPConnection(site)
connection.request("GET", admin)
response = connection.getresponse()
var2 = var2 + 1
if response.status == 200:
var1 = var1 + 1
print "%s %s" % ("\n\n>>>" + host, "Admin page found!")
try:
sqlAdd='insert into webmanager(webmanager)VALUES ("%s")'%host
cursor.execute(sqlAdd)
db.commit()
except Exception,e:
print 'sqlAdd--error!',e
# f=open('./result/webmanager.txt','w')
# f.write(host)
# f.close()
db.close()
return
elif response.status == 404:
var2 = var2
elif response.status == 302:
print "%s %s" % ("\n>>>" + host, "Possible admin page (302 - Redirect)")
else:
print "%s %s %s" % (host, " Interesting response:", response.status)
connection.close()
print("\n\nPHP Completed \n")
print var1, " Admin pages found"
print var2, " total pages scanned"
except (httplib.HTTPResponse, socket.error):
print "\n\t[!] Session Cancelled; Error occured. Check internet settings"
db.close()
return
except (KeyboardInterrupt, SystemExit):
print "\n\t[!] Session cancelled"
db.close()
return