Warning: Cannot use a scalar value as an array in /home/admin/public_html/forum/include/fm.class.php on line 757

Warning: Invalid argument supplied for foreach() in /home/admin/public_html/forum/include/fm.class.php on line 770
Форумы портала PHP.SU :: Версия для печати :: ошибка в сканере
Форумы портала PHP.SU » » Вопросы новичков » ошибка в сканере

Страниц (1): [1]
 

1. foozzi - 15 Июля, 2011 - 05:12:49 - перейти к сообщению
вот код:
PHP:
скопировать код в буфер обмена
  1. <html>
  2. <head>
  3. <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  4. <title>PHP Admin Finder 0.0.1</title>
  5. </head>
  6. <body>
  7. <form action="" method="post">
  8. <p class="frontboxtext"><input name="hash_lol" class="textbox" type="text" size="30" value="http://www.example.com/"/>
  9. <input name="submit_lol" class="textbox" value="Submit Site" type="submit">
  10. </form>
  11. <?PHP
  13.  
  14. if (isset($_POST["submit_lol"])) {
  15. $url = $_POST['hash_lol'];
  16. echo "<br />Сканирование ".$url."<br /><br />";
  17.  
  18. $adminlocales = array("admin1.php", "admin1.html", "admin2.php", "admin2.html", "yonetim.php", "yonetim.html", "yonetici.php", "yonetici.html", "ccms/", "ccms/login.php", "ccms/index.php", "maintenance/", "webmaster/", "adm/", "configuration/", "configure/", "websvn/", "admin/", "admin/account.php", "admin/account.html". "admin/index.php", "admin/index.html", "admin/login.php". "admin/login.html", "admin/home.php", "admin/controlpanel.html", "admin/controlpanel.php", "admin.php", "admin.html", "admin/cp.php", "admin/cp.html", "cp.php", "cp.html", "administrator/", "administrator/index.html", "administrator/index.php", "administrator/login.html", "administrator/login.php", "administrator/account.html", "administrator/account.php", "administrator.php", "administrator.html", "login.php", "login.html", "modelsearch/login.php", "moderator.php", "moderator.html", "moderator/login.php", "moderator/login.html", "moderator/admin.php", "moderator/admin.html", "moderator/", "account.php", "account.html", "controlpanel/", "controlpanel.php", "controlpanel.html", "admincontrol.php", "admincontrol.html", "adminpanel.php", "adminpanel.html", "admin1.asp", "admin2.asp", "yonetim.asp", "yonetici.asp", "admin/account.asp", "admin/index.asp", "admin/login.asp", "admin/home.asp", "admin/controlpanel.asp", "admin.asp", "admin/cp.asp", "cp.asp", "administrator/index.asp", "administrator/login.asp", "administrator/account.asp", "administrator.asp", "login.asp", "modelsearch/login.asp", "moderator.asp", "moderator/login.asp", "moderator/admin.asp", "account.asp", "controlpanel.asp", "admincontrol.asp", "adminpanel.asp", "fileadmin/", "fileadmin.php", "fileadmin.asp", "fileadmin.html", "administration/", "administration.php", "administration.html", "sysadmin.php", "sysadmin.html", "phpmyadmin/", "myadmin/", "sysadmin.asp", "sysadmin/", "ur-admin.asp", "ur-admin.php", "ur-admin.html", "ur-admin/", "Server.php", "Server.html", "Server.asp", "Server/", "wp-admin/", "administr8.php", "administr8.html", "administr8/", "administr8.asp", "webadmin/", "webadmin.php", "webadmin.asp", "webadmin.html", "administratie/", "admins/", "admins.php", "admins.asp", "admins.html", "administrivia/", "Database_Administration/", "WebAdmin/", "useradmin/", "sysadmins/", "admin1/", "system-administration/", "administrators/", "pgadmin/", "directadmin/", "staradmin/", "ServerAdministrator/", "SysAdmin/", "administer/", "LiveUser_Admin/", "sys-admin/", "typo3/", "panel/", "cpanel/", "cPanel/", "cpanel_file/", "platz_login/", "rcLogin/", "blogindex/", "formslogin/", "autologin/", "support_login/", "meta_login/", "manuallogin/", "simpleLogin/", "loginflat/", "utility_login/", "showlogin/", "memlogin/", "members/", "login-redirect/", "sub-login/", "wp-login/", "login1/", "dir-login/", "login_db/", "xlogin/", "smblogin/", "customer_login/", "UserLogin/", "login-us/", "acct_login/", "admin_area/", "bigadmin/", "project-admins/", "phppgadmin/", "pureadmin/", "sql-admin/", "radmind/", "openvpnadmin/", "wizmysqladmin/", "vadmind/", "ezsqliteadmin/", "hpwebjetadmin/", "newsadmin/", "adminpro/", "Lotus_Domino_Admin/", "bbadmin/", "vmailadmin/", "Indy_admin/", "ccp14admin/", "irc-macadmin/", "banneradmin/", "sshadmin/", "phpldapadmin/", "macadmin/", "administratoraccounts/", "admin4_account/", "admin4_colon/", "radmind-1/", "Super-Admin/", "AdminTools/", "cmsadmin/", "SysAdmin2/", "globes_admin/", "cadmins/", "phpSQLiteAdmin/", "navSiteAdmin/", "server_admin_small/", "logo_sysadmin/", "server/", "database_administration/", "power_user/", "system_administration/", "ss_vms_admin_sm/");
  19.  
  20. foreach ($adminlocales as $admin){
  21. $headers = get_headers("$url$admin");
  22. if (eregi('200', $headers[0])) {
  23.     echo "<a href='$url$admin'>$url$admin</a> Найдено!<br />";
  24. }
  25. else {
  26.     echo "$url$admin Не найдено!<br />";
  27. }
  28. }
  29. }
  30. ?>
  31. </body>
  32. </html>



ввожу ссылку в поле, нажимаю сканировать, результат выдает правильно но ругается на ошибку, например:
PHP:
скопировать код в буфер обмена
  1. Deprecated: Function eregi() is deprecated in /opt/lampp/htdocs/xampp/php/admin_finder.php on line 22
  2. http://*****.ru/admin1.php Не найдено!


а если ввести в поле не правильный url ну например site.ru без http:// то ругается на ошибку:

PHP:
скопировать код в буфер обмена
  1.  
  2. Warning: get_headers() [function.get-headers]: This function may only be used against URLs in /opt/lampp/htdocs/xampp/tuxscan/admin_finder.php on line 21
  3.  
  4. Deprecated: Function eregi() is deprecated in /opt/lampp/htdocs/xampp/php/admin_finder.php on line 22
  5. www.example.comadmin1.php Не найдено!


что не правильно в коде подскажите?
2. DeepVarvar - 15 Июля, 2011 - 08:13:59 - перейти к сообщению
if (eregi('200', $headers[0]))
сменить на:
if (stristr($headers[0],"200"))
3. White - 15 Июля, 2011 - 08:26:18 - перейти к сообщению
foozzi пишет:
Warning: get_headers() [function.get-headers]: This function may only be used against URLs in /opt/lampp/htdocs/xampp/tuxscan/ admin_finder.php on line 21


PHP:
скопировать код в буфер обмена
  1.  
  2. if(substr($url, 0, 7)!=='http://') $url='http://'.$url;
  3.  

но лучше провести более глубокий анализ получаемых данных

 

Powered by ExBB FM 1.0 RC1