php简单实现网站信息探测
核心函数
get_headers 获取url head信息
parse_url 获取url信息 详细参阅帮助文档
gethostbyname 获取url IP地址
下面的例子参照 暗月大牛 用php写的目录扫描脚本
也写了一个 简单的目录探测脚本
*实际用途中并不适合 php 不支持多线程 所以扫描起来速度超慢
仅仅做代码学习
error_reporting(E_ERROR);
set_time_limit(0);
if($argc<3){
print("
Usage :php $argv[0] url *.txt
Example:php $argv[0] www.90sec.org x.txt
");
exit;
}
function curl($url,$fuck){
$head=get_headers($url);
if($head){
if($head[0]=='HTTP/1.1 200 OK' or $head[0]=='HTTP/1.1 403 Forbidden' ){
$info=parse_url($url, PHP_URL_PATH);
print(" Fund: "."$info ".'('.$head[0].')'." !!!\r\n");
}
}
else{
$hostname=parse_url($url, PHP_URL_HOST);
echo "[+] Resolving Ip of {$hostname}... Failed! \r\n";
exit;
}
}
www.zzzyk.com
$sb=$argv[1];
$preg='|^http://|';
if(!preg_match($preg,$sb)) {
$sb='http://'.$sb;
}
$server=get_headers($sb,1);
$server=$server['Server'];
if($server){
$hostname=parse_url($sb, PHP_URL_HOST);
$ip=gethostbyname($hostname);
echo "-----------------------------------------------------------------";
echo "\r\n"." Resolving Ip of {$hostname} ...\r\n\r\n OK: "."$ip\r\n\r\n";
echo " Trying To Get Server Type... Succeed!\r\n\r\n";
echo " Server Type: ";
print_r ($server);
echo "\r\n\r\n";
echo "-------------------------------------------------------------------\r\n";
echo " Scaning...\r\n\r\n";
}
else{
echo "[+] Trying To Get Server Type... Failed! \r\n";
}
$u=file("$argv[2]");
foreach ($u as $url){
$url=trim($sb.$url);
curl($url,$argv[1]);
}
?>
摘自 hi.baidu.com/nginxshell
补充:综合编程 , 安全编程 ,