Skip to content
This repository has been archived by the owner on Mar 21, 2024. It is now read-only.

Commit

Permalink
3.0 -> added subdomain scanner
Browse files Browse the repository at this point in the history
  • Loading branch information
@lordbecvold
lordbecvold committed Jul 19, 2022
1 parent 9f150cf commit 7ed6414
Show file tree
Hide file tree
Showing 12 changed files with 191 additions and 76,981 deletions.
10 changes: 10 additions & 0 deletions directory.list
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
admin
admin1
admin2
admin3
panel
login
cloud
test
download
files
4 changes: 2 additions & 2 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,15 +5,15 @@
<modelVersion>4.0.0</modelVersion>

<properties>
<build.version>2.0.0</build.version>
<build.version>3.0.0</build.version>
<build.package>xyz.becvar.websitescanner</build.package>
<build.main>xyz.becvar.websitescanner.Main</build.main>
<build.java.version>17</build.java.version>
</properties>

<groupId>xyz.becvar.websitescanner</groupId>
<artifactId>WebsiteScanner</artifactId>
<version>2.0.0</version>
<version>3.0.0</version>
<packaging>jar</packaging>

<build>
Expand Down
11 changes: 9 additions & 2 deletions site.list
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,10 @@
google.com
becvold.xyz
example.com
example.com
stackoverflow.com
facebook.com
twitter.com
github.com
instagram.com
haveibeenpwned.com
cracked.to
nulled.to
2 changes: 1 addition & 1 deletion src/main/java/xyz/becvar/websitescanner/Getter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@

public class Getter {

//Function for get real website ip
//Gget real website ip or proxy server adress
public String getIP(String url) {
try {
InetAddress ip = InetAddress.getByName(new URL(url).getHost());
Expand Down
29 changes: 16 additions & 13 deletions src/main/java/xyz/becvar/websitescanner/Main.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,16 +5,12 @@
import xyz.becvar.websitescanner.utils.console.ConsoleUtils;
import xyz.becvar.websitescanner.utils.console.Logger;
import java.io.*;
import java.nio.file.Files;
import java.nio.file.StandardOpenOption;
import java.util.List;
import java.util.Scanner;
import java.util.stream.Collectors;

public class Main {

//Define basic vars
public static final String APP_NAME = "WebsiteScanner";
public static final String APP_NAME = "WS";

//Init main objects
public static Validator validator = new Validator();
Expand All @@ -38,8 +34,10 @@ public static void main(String[] args) {
//save list use ans
String useSiteList = scanner.nextLine();

//Check if site list usage enabled
if (useSiteList.equalsIgnoreCase("yes") || useSiteList.isEmpty()) {

//Check if site.list exist
if (!fileUtils.ifFileExist("site.list")) {
SystemUtil.kill("Error: site.list not exist please create site.list and put inside url list");
} else {
Expand All @@ -50,44 +48,50 @@ public static void main(String[] args) {
//save list use ans
String deleteafterscan = scanner.nextLine();

if (!deleteafterscan.equalsIgnoreCase("yes")) {
//Check if delete scanned sites enabled
if (!deleteafterscan.equalsIgnoreCase("yes") && !deleteafterscan.isEmpty()) {
Logger.log("Autoremove: -> no, urls will not be deleted after scanning");
}

//Try read site list file
try (BufferedReader br = new BufferedReader(new FileReader("site.list"))) {

//Define string for site names
String lineContent;

//Start scanning for individual sites
while ((lineContent = br.readLine()) != null) {

//Scanning

String lineContentToScan;

//Remove protocol from sites
if (lineContent.startsWith("http")) {
lineContent = lineContent.replace("https://", "");
lineContent = lineContent.replace("http://", "");
}

//Check if site running on https or http
if (validator.isHttpOrHttpsUrl("https://" + lineContent)) {
lineContentToScan = "https://" + lineContent;
} else {
lineContentToScan = "http://" + lineContent;
}

//Check if site is not null
if (getter.getIP(lineContentToScan) != null) {
siteScanner.scan(lineContentToScan);
}

//End of scanning functions

//Remove url from list after scan (if enabled)
if (deleteafterscan.equalsIgnoreCase("yes")) {
if (deleteafterscan.equalsIgnoreCase("yes") || deleteafterscan.isEmpty()) {
fileUtils.removeLineFromFile("site.list", lineContent);
}
}
} catch (IOException e) {
throw new RuntimeException(e);
}
}

} else {

//Print ans fro get target url
Expand All @@ -103,14 +107,13 @@ public static void main(String[] args) {

//Check if url is valid
if (!validator.isURL(targetURL)) {
SystemUtil.kill("error target url is invalid! [https://www.example.com]");
SystemUtil.kill("error target url is invalid! [https://example.com]");
} else {

//Set main scan phase
siteScanner.scan(targetURL);
}
}

}
}
}
172 changes: 138 additions & 34 deletions src/main/java/xyz/becvar/websitescanner/SiteScanner.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,11 @@ public class SiteScanner {
public Validator validator = new Validator();
public FileUtils fileUtils = new FileUtils();

//Found res
public int foundDirs = 0;
public int foundSubs = 0;

//Main init functions
public void scan(String url) {
//Delete old log if exist
fileUtils.deleteFile("scanned_logs/" + validator.urlStrip(url) + ".log");
Expand All @@ -28,6 +33,12 @@ public void scan(String url) {
//Print real ip and save to log file
realIPScan(url);

//Save to log file
fileUtils.saveMessageLog("\n\nFound dirs & subdomains " + url, "scanned_logs/" + validator.urlStrip(url) + ".log");

//Subdomain scan
subdomainScan(url);

//File system scan
fileSystemScan(url);
}
Expand All @@ -45,86 +56,179 @@ public void realIPScan(String url) {
fileUtils.saveMessageLog("REAL IP: " + realIP, "scanned_logs/" + validator.urlStrip(url) + ".log");
}

//Scan page subdomain
public void subdomainScan(String url) {

int file = 1;

//init basic protocol
String protocol = "http://";

//Get url and remmove /
url = validator.removeLastSlash(url);

//Check if subdomain.list file exist
if (fileUtils.ifFileExist("subdomain.list")) {
try (BufferedReader br = new BufferedReader(new FileReader("subdomain.list"))) {
String line;
while ((line = br.readLine()) != null) {
try {

//Remove protocols from urls
if (url.startsWith("https://")) {
url = url.replace("https://", "");
} else {
url = url.replace("http://", "");
}

//Set valid
if (validator.isHttpOrHttpsUrl("https://" + url)) {
protocol = "https://";
}

//Disable redirect scann
HttpURLConnection.setFollowRedirects(false);

//Define http connection
HttpURLConnection con = (HttpURLConnection) new URL(protocol + line + "." + url).openConnection();

//Set User-agent
//con.setRequestProperty("User-Agent", "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36");
con.setRequestProperty("User-Agent", "https://becvold.xyz site scanner bot");

//Set request method
con.setRequestMethod("HEAD");

//Set maximal connection timetou 5000 = 5second
con.setConnectTimeout(5000);

//Connect to connection define
con.connect();

//Print urů and code to console
if (con.getResponseCode() == 200 || con.getResponseCode() == 202 || con.getResponseCode() == 201) {
Logger.log(ConsoleColors.CODES.ANSI_GREEN + file + ":" + protocol + line + "." + url + " -> " + new String(String.valueOf(con.getResponseCode())));
} else if (con.getResponseCode() == 301 || con.getResponseCode() == 302 || con.getResponseCode() == 303 || con.getResponseCode() == 304 || con.getResponseCode() == 305 || con.getResponseCode() == 308 || con.getResponseCode() == 307) {
Logger.log(ConsoleColors.CODES.ANSI_YELLOW + file + ":" + protocol + line + "." + url + " -> " + new String(String.valueOf(con.getResponseCode())));
} else if (con.getResponseCode() == 400 || con.getResponseCode() == 401 || con.getResponseCode() == 402 || con.getResponseCode() == 403 || con.getResponseCode() == 404 || con.getResponseCode() == 406 || con.getResponseCode() == 409 || con.getResponseCode() == 411 || con.getResponseCode() == 414 || con.getResponseCode() == 423|| con.getResponseCode() == 426 || con.getResponseCode() == 429 || con.getResponseCode() == 451) {
Logger.log(ConsoleColors.CODES.ANSI_RED + file + ":" + protocol + line + "." + url + " -> " + new String(String.valueOf(con.getResponseCode())));
} else if (con.getResponseCode() == 500 || con.getResponseCode() == 501 || con.getResponseCode() == 502 || con.getResponseCode() == 503 || con.getResponseCode() == 504 || con.getResponseCode() == 505 || con.getResponseCode() == 506 || con.getResponseCode() == 507 || con.getResponseCode() == 508 || con.getResponseCode() == 509 || con.getResponseCode() == 510|| con.getResponseCode() == 511) {
Logger.log(ConsoleColors.CODES.ANSI_PURPLE + file + ":" + protocol + line + "." + url + " -> " + new String(String.valueOf(con.getResponseCode())));
} else {
Logger.log(file + ":" + protocol + line + "." + url + " -> " + new String(String.valueOf(con.getResponseCode())));
}
//End of path print

//file count +1
file++;

//Save to log file if response code not 404, 403, 400
if (con.getResponseCode() != 404 && con.getResponseCode() != 400 && con.getResponseCode() != 403 && con.getResponseCode() != 301 && con.getResponseCode() != 302 && con.getResponseCode() != 308 && con.getResponseCode() != 301 && con.getResponseCode() != 429) {

//Found subdomain + 1
foundSubs++;

//Save found to log file
fileUtils.saveMessageLog(protocol + line + "." + url + " - " + new String(String.valueOf(con.getResponseCode())), "scanned_logs/" + validator.urlStrip(url) + ".log");
}
} catch (Exception e) {

//Print not found to console
Logger.log(ConsoleColors.CODES.ANSI_RED + e.getMessage() + " -> subdomain not found");
}
}
} catch (IOException e) {
Logger.log(e.getMessage());
}
} else {

//Print error if subdomain wordlist not found
SystemUtil.kill("error subdomain.list not found, please check your file or try reinstall this app");
}
}

//Scan page file system
public void fileSystemScan(String url) {

int file = 1;
int foundFiles = 1;

//Get url and remmove /
url = validator.removeLastSlash(url);

//Save to log file
fileUtils.saveMessageLog("\n\n\nFiles and directoryes found on " + url + "\n", "scanned_logs/" + validator.urlStrip(url) + ".log");

if (fileUtils.ifFileExist("word.list")) {
try (BufferedReader br = new BufferedReader(new FileReader("word.list"))) {
//Check if directory.list file exist
if (fileUtils.ifFileExist("directory.list")) {
try (BufferedReader br = new BufferedReader(new FileReader("directory.list"))) {
String line;
while ((line = br.readLine()) != null) {
try {

//Disable redirect scan
HttpURLConnection.setFollowRedirects(false);

//Define http connection
HttpURLConnection con = (HttpURLConnection) new URL(url + "/" + line).openConnection();

con.setRequestProperty("User-Agent", "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36");
//Set User-agent
//con.setRequestProperty("User-Agent", "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36");
con.setRequestProperty("User-Agent", "https://becvold.xyz site scanner bot");

//Set connection method
con.setRequestMethod("HEAD");

//Set maximal connection timetou 5000 = 5second
con.setConnectTimeout(5000);

//Connect to define connection
con.connect();

//Print path and code to console

//Succesful
if (con.getResponseCode() == 200 || con.getResponseCode() == 202 || con.getResponseCode() == 201) {
Logger.log(ConsoleColors.CODES.ANSI_GREEN + file + ":" + url + "/" + line + " code: " + new String(String.valueOf(con.getResponseCode())));

//Redirection
Logger.log(ConsoleColors.CODES.ANSI_GREEN + file + ":" + url + "/" + line + " -> " + new String(String.valueOf(con.getResponseCode())));
} else if (con.getResponseCode() == 301 || con.getResponseCode() == 302 || con.getResponseCode() == 303 || con.getResponseCode() == 304 || con.getResponseCode() == 305 || con.getResponseCode() == 308 || con.getResponseCode() == 307) {
Logger.log(ConsoleColors.CODES.ANSI_YELLOW + file + ":" + url + "/" + line + " code: " + new String(String.valueOf(con.getResponseCode())));

//Client Error
Logger.log(ConsoleColors.CODES.ANSI_YELLOW + file + ":" + url + "/" + line + " -> " + new String(String.valueOf(con.getResponseCode())));
} else if (con.getResponseCode() == 400 || con.getResponseCode() == 401 || con.getResponseCode() == 402 || con.getResponseCode() == 403 || con.getResponseCode() == 404 || con.getResponseCode() == 406 || con.getResponseCode() == 409 || con.getResponseCode() == 411 || con.getResponseCode() == 414 || con.getResponseCode() == 423|| con.getResponseCode() == 426 || con.getResponseCode() == 429 || con.getResponseCode() == 451) {
Logger.log(ConsoleColors.CODES.ANSI_RED + file + ":" + url + "/" + line + " code: " + new String(String.valueOf(con.getResponseCode())));

//Server Error
Logger.log(ConsoleColors.CODES.ANSI_RED + file + ":" + url + "/" + line + " -> " + new String(String.valueOf(con.getResponseCode())));
} else if (con.getResponseCode() == 500 || con.getResponseCode() == 501 || con.getResponseCode() == 502 || con.getResponseCode() == 503 || con.getResponseCode() == 504 || con.getResponseCode() == 505 || con.getResponseCode() == 506 || con.getResponseCode() == 507 || con.getResponseCode() == 508 || con.getResponseCode() == 509 || con.getResponseCode() == 510|| con.getResponseCode() == 511) {
Logger.log(ConsoleColors.CODES.ANSI_PURPLE + file + ":" + url + "/" + line + " code: " + new String(String.valueOf(con.getResponseCode())));


Logger.log(ConsoleColors.CODES.ANSI_PURPLE + file + ":" + url + "/" + line + " -> " + new String(String.valueOf(con.getResponseCode())));
} else {

//All others codes
Logger.log(file + ":" + url + "/" + line + " code: " + new String(String.valueOf(con.getResponseCode())));
}
//End of path print




//File count + 1
file++;


//Save to log file if response code not 404, 403, 400
if (con.getResponseCode() != 404 && con.getResponseCode() != 400 && con.getResponseCode() != 403 && con.getResponseCode() != 301 && con.getResponseCode() != 302 && con.getResponseCode() != 308 && con.getResponseCode() != 301 && con.getResponseCode() != 429) {
foundFiles++;

//Found dirs + 1
foundDirs++;

//Save found to log
fileUtils.saveMessageLog(url + "/" + line + " - " + new String(String.valueOf(con.getResponseCode())), "scanned_logs/" + validator.urlStrip(url) + ".log");
}
}
catch (Exception e) {
Logger.log(e.getMessage());
} catch (Exception e) {

//Print error for try catch
Logger.log(ConsoleColors.CODES.ANSI_RED + "connction error: " + e.getMessage());
}
}
} catch (IOException e) {
Logger.log(e.getMessage());
}
Logger.log("Scanner: exited with " + foundFiles + " found files.");
if (foundFiles > 3000) {

//Print final found count
Logger.log("Scanner: exited with " + foundDirs + " found files & " + foundSubs + " subdomains");

//Check if found is not fakes
if (foundDirs > 3000 || foundSubs > 3000 || (foundDirs == 0 & foundSubs == 0)) {
Logger.log("Scanner: the scanned data will not be saved.");
fileUtils.deleteFile("scanned_logs/" + validator.urlStrip(url) + ".log");
} else {
Logger.log("Scanner: the scanned data saved to scanned_logs/" + "scanned_logs/" + validator.urlStrip(url) + ".log");
}
} else {
SystemUtil.kill("error word.list not found, please check your file or try reinstall this app");
SystemUtil.kill("error directory.list not found, please check your file or try reinstall this app");
}
}
}
Loading

0 comments on commit 7ed6414

Please sign in to comment.