核心函数
get_headers 获取url head信息
parse_url 获取url信息 详细参阅帮助文档
gethostbyname 获取url IP地址
下面的例子参照 暗月大牛 用
php写的目录扫描脚本
也写了一个 简单的目录探测脚本
*实际用途中并不适合
php 不支持多线程 所以扫描起来速度超慢
仅仅做代码学习
56_3710_efc84ea6fce5c74.jpg[删除]
<?
phperror_reporting(E_ERROR);
set_time_limit(0);
if($argc<3){
print("
Usage :
php $argv[0] url *.txt
Example:
php $argv[0]
www.atcpu.com/bbs x.txt
");
exit;
}
function curl($url,$fuck){
$head=get_headers($url);
if($head){
if($head[0]=='HTTP/1.1 200 OK' or $head[0]=='HTTP/1.1 403 Forbidden' ){
$info=parse_url($url,
php_URL_PATH);
print(" Fund: "."$info ".'('.$head[0].')'." !!!rn");
}
}
else{
$hostname=parse_url($url,
php_URL_HOST);
echo "[+] Resolving Ip of {$hostname}... Failed! rn";
exit;
}
}
$sb=$argv[1];
$preg='|^
http://|';
if(!preg_match($preg,$sb)) {
$sb='http://'.$sb;
}
$server=get_headers($sb,1);
$server=$server['Server'];
if($server){
$hostname=parse_url($sb,
php_URL_HOST);
$ip=gethostbyname($hostname);
echo "-----------------------------------------------------------------";
echo "rn"." Resolving Ip of {$hostname} ...rnrn OK: "."$iprnrn";
echo " Trying To Get Server Type... Succeed!rnrn";
echo " Server Type: ";
print_r ($server);
echo "rnrn";
echo "-------------------------------------------------------------------rn";
echo " Scaning...rnrn";
}
else{
echo "[+] Trying To Get Server Type... Failed! rn";
}
$u=file("$argv[2]");
foreach ($u as $url){
$url=trim($sb.$url);
curl($url,$argv[1]);
}
?>
