Well it’s been a while since my last post, well yeah that’s what I almost say always xD.
My today’s post has a short story, and I’ll try to rush through it to not overwhelm you with emotions, and stuff yeah I have emotions 😀 see that’s an emotion. Enough with joking, well 2 days ago Kingcope an Exploit developer/research/legend has published an 0day exploit for plesk panel’s yay! so I had an idea, damn wouldn’t it be cool, to have a scanner which goes through a given list of host’s and checks them for Plesk Panel’s, rather then trying them one by one.
It’s always cooler to automate processes like that, so (Yeah I know I can use Google dorks) I wrote a little PHP script that does exactly that, based on patterns it goes through you’re given hosts if an host matches a pattern It’s probably hosting a plesk panel.
All this runs in the background of as I use ajax to show real time data.
Tada! we got a beautiful tiny scanner.
The scanner looks something like this:
The usage is pretty simple, you have to enter some hosts to scan divided by a comma the next step would be you to hit check pages and there you go.. brum brum
Please don’t scan any sites that you’re not allowed too, before going through a scanning process ask the administrators for permit to perform a scan, enough said the script can be found here GITHUB and please don’t use this EXPLOIT to do evil.
As i wrote this script king in a rush, it may contain bugs, but as always I welcome any king of suggestion and feedback.
p.s. before using the script you have to do go into you’re php directory and open the file php.ini and uncomment line extension=php_openssl.dll this is required because we have to perform some HTTPS requests.