frsy
AdminFinder
AdminFinder is an advanced tool designed to locate admin login pages on websites. By leveraging a wordlist, multithreading, and smart detection techniques, this tool efficiently scans for potential admin panel paths.
Features
- Fast and Efficient: Utilizes multithreading for rapid scanning.
- Smart 404 Detection: Identifies disguised 404 pages using content analysis, title comparison, and redirect checks.
- Proxy Support: Supports HTTP and SOCKS proxies for anonymity.
- Flexible Wordlists: Works with both default and custom wordlists.
- Color-Coded Output: Displays results with clear, color-coded status codes.
Installation
- Clone the Repository:
git clone https://github.com/Amirprx3/AdminFinder.git
cd AdminFinder
Install Dependencies:
Ensure you have Python 3 installed. Then, install the required packages:
pip install -r requirements.txt
Required packages:
httpx[socks]fake-useragentbeautifulsoup4
Usage
AdminFinder supports various options for scanning websites.
Using Default Wordlist
python adminfinder.py -u <target_url> -d
Using Custom Wordlist
python adminfinder.py -u <target_url> -w <path_to_wordlist>
Using Proxies
python adminfinder.py -u <target_url> -d -pf <proxy_file>
Example Commands
python adminfinder.py -u http://example.com -d -t 20
python adminfinder.py -u http://example.com -w custom_wordlist.txt -pf proxies.txt
python adminfinder.py -u http://example.com -w custom_wordlist.txt -pf proxies.txt
Options
-u, --url: Target URL (required)-d, --default: Use default wordlist-w, --wordlist: Path to custom wordlist-p, --proxy: Single proxy (e.g.,http://user:pass@host:portorsocks5://host:port)-pf, --proxyfile: Path to proxy list file-t, --threads: Number of threads (default: 10)
Output
The output displays the status of each path with color-coded indicators:
- Green [200]: Found a potential admin page
- Red [404]: Page not found (includes disguised 200s)
- Yellow [500]: Server error
- Yellow [!]: Warnings (e.g., WAF detection, Cloudflare)
Example Output
[*] URL provided: http://example.com
[*] Successfully reached the URL: http://example.com
[*] Using default wordlist from: wordlist.txt
<-----------------------------START----------------------------->
[404] Page not found (disguised as 200) - URL: http://example.com/admin1.php
[200] Found a potential admin page - URL: http://example.com/admin/login.php
[500] Server error - URL: http://example.com/server.php
[!] Blocked by WAF - URL: http://example.com/adm/
Author
Developed by Amirprx3.
License
This project is open-source and available under the MIT License.
Additional Instructions
- To Execute Without .py Extension:
- Unix-based Systems (Linux, macOS):
chmod +x adminfinder
./adminfinder -u http://example.com -d - Proxy File Format: Example
proxies.txt:http://60.187.75.70:8085
socks5://117.74.65.207:80
dmyn fyndr
bzr AdminFinder yh bzr pyshrfthst khh bry pyd khrdn SfHt wrwd dmyn twy wbsyth TrHy shdh. yn bzr b stfdh z wrdlyst, chndnkhy w tkhnykhhy tshkhyS hwshmnd, msyrhy Htmly pnl dmyn rw b sr`t bl skhn mykhnh.
wyjgyh
sry` w khramd: z chndnkhy bry skhn sry` stfdh mykhnh.tshkhyS hwshmnd 404: SfHt 404 j`ly rw b tHlyl mHtw, mqysh `nwn w brrsy rydyrkhth tshkhyS mydh.pshtybny z prkhsy: z prkhsyhy HTTP w SOCKS bry nshns mwndn pshtybny mykhnh.wrdlyst n`Tfpdhyr: b wrdlyst pyshfrD w sfrshy khr mykhnh.khrwjy rngy: ntyj rw b khdhy wD`yt rngy wDH nshwn mydh.
nSb
dryft mkhzn:
git clone https://github.com/Amirprx3/AdminFinder.git
cd AdminFinder
cd AdminFinder
nSb pyshnyzh:
mTmy'n shw khh pytwn 3 nSb dry. b`d bsthhy mwrd nyz rw nSb khn:
pip install -r requirements.txt
bsthhy lzm:
httpx[socks]fake-useragentbeautifulsoup4
nHwh stfdh
AdminFinder gzynhhy mkhtlfy bry skhn wbsyth drh.
stfdh z wrdlyst pyshfrD
python adminfinder.py -u <target_url> -d
stfdh z wrdlyst sfrshy
python adminfinder.py -u <target_url> -w <path_to_wordlist>
stfdh z prkhsy
python adminfinder.py -u <target_url> -d -pf <proxy_file>
mthl dstwrt
python adminfinder.py -u http://example.com -d -t 20
python adminfinder.py -u http://example.com -w custom_wordlist.txt -pf proxies.txt
python adminfinder.py -u http://example.com -w custom_wordlist.txt -pf proxies.txt
gzynhh
-u, --url: adrs hdf (jbry)-d, --default: stfdh z wrdlyst pyshfrD-w, --wordlist: msyr wrdlyst sfrshy-p, --proxy: yh prkhsy tkhy (mthl,http://user:pass@host:portysocks5://host:port)-pf, --proxyfile: msyr fyl lyst prkhsy-t, --threads: t`dd nkhh (pyshfrD: 10)
khrwjy
khrwjy wD`yt hr msyr rw b rnghy mshkhS nshwn mydh:
sbz [200]: yh SfHh dmyn Htmly pyd shdhqrmz [404]: SfHh pyd nshdh (shml 200hy j`ly)zrd [500]: khTy srwrzrd [!]: hshdrh (mthl tshkhyS WAF y Cloudflare)
nmwnh khrwjy
[*] URL provided: http://example.com
[*] Successfully reached the URL: http://example.com
[*] Using default wordlist from: wordlist.txt
<-----------------------------START----------------------------->
[404] Page not found (disguised as 200) - URL: http://example.com/admin1.php
[200] Found a potential admin page - URL: http://example.com/admin/login.php
[500] Server error - URL: http://example.com/server.php
[!] Blocked by WAF - URL: http://example.com/adm/
szndh
skhth shdh twsT Amirprx3
mjwz
yn prwjh mtnbzh w tHt mjwz MIT dr dstrsh.
dstwrl`mlhy Dfy
- jry skhrypt bdwn pswnd .py:
- systmhy ywnykhs (lynwkhs, mkh):
chmod +x adminfinder
./adminfinder -u http://example.com -d - frmt fyl prkhsy: nmwnh
proxies.txt:http://60.187.75.70:8085
socks5://117.74.65.207:80