body{font-family: monospace; background-color: #121212; color: #e0e0e0;}"; echo "

Scan Results (Mode: " . htmlspecialchars($mode) . ")

"; // =================================================================== // FAST MODE (using cURL Multi for parallel requests) // =================================================================== if ($mode === 'fast') { $multi_handle = curl_multi_init(); $curl_handles = []; $url_map = []; // 1. Initialize all cURL handles foreach ($urls as $url_input) { $url_input = trim($url_input); if (empty($url_input)) continue; // For direct scan, use the URL as-is if ($scan_type === 'direct') { $targets = [$url_input]; } else { // Custom scan - append extension to base URL $ext = trim($_POST['ext']); $base_url = preg_replace('/\/[^\/]*$/', '', $url_input); $targets = [rtrim($base_url, '/') . '/' . $ext]; } // Create cURL handles for each target foreach ($targets as $target) { if (!filter_var($target, FILTER_VALIDATE_URL)) { echo "[SKIP] Invalid URL: " . htmlspecialchars($target) . "
"; continue; } $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $target); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_HEADER, false); curl_setopt($ch, CURLOPT_TIMEOUT, 15); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.88 Safari/537.36'); curl_multi_add_handle($multi_handle, $ch); $curl_handles[] = $ch; $url_map[(string)$ch] = $target; // Map the handle resource to its target URL } } // 2. Execute all requests in parallel $running = null; do { curl_multi_exec($multi_handle, $running); usleep(100); } while ($running > 0); // 3. Process the results foreach ($curl_handles as $ch) { $target = $url_map[(string)$ch]; $resp = curl_multi_getcontent($ch); $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); $curl_error = curl_error($ch); if ($curl_error) { echo "[ERROR] " . htmlspecialchars($target) . " (cURL Error: " . htmlspecialchars($curl_error) . ")
"; } elseif ($http_code == 200 && $resp !== false) { // Check if keyword is found or if no keyword specified if (empty($keyword) || strpos($resp, $keyword) !== false) { echo "[FOUND] " . htmlspecialchars($target) . "
"; $found[] = $target; } else { echo "[MISS] " . htmlspecialchars($target) . " (Code: $http_code - Keyword not found)
"; } } else { echo "[MISS] " . htmlspecialchars($target) . " (Code: $http_code)
"; } curl_multi_remove_handle($multi_handle, $ch); ob_flush(); flush(); } curl_multi_close($multi_handle); // =================================================================== // NORMAL MODE (using file_get_contents for sequential requests) // =================================================================== } else { foreach ($urls as $url_input) { $url_input = trim($url_input); if (empty($url_input)) continue; // For direct scan, use the URL as-is if ($scan_type === 'direct') { $targets = [$url_input]; } else { // Custom scan - append extension to base URL $ext = trim($_POST['ext']); $base_url = preg_replace('/\/[^\/]*$/', '', $url_input); $targets = [rtrim($base_url, '/') . '/' . $ext]; } foreach ($targets as $target) { if (!filter_var($target, FILTER_VALIDATE_URL)) { echo "[SKIP] Invalid URL: " . htmlspecialchars($target) . "
"; continue; } $context = stream_context_create([ "ssl" => ["verify_peer" => false, "verify_peer_name" => false], "http" => [ "timeout" => 15, "user_agent" => 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.88 Safari/537.36' ] ]); $resp = @file_get_contents($target, false, $context); if ($resp) { // Check if keyword is found or if no keyword specified if (empty($keyword) || strpos($resp, $keyword) !== false) { echo "[FOUND] " . htmlspecialchars($target) . "
"; $found[] = $target; } else { echo "[MISS] " . htmlspecialchars($target) . " (Keyword not found)
"; } } else { echo "[MISS] " . htmlspecialchars($target) . "
"; } ob_flush(); flush(); } } } // Save found results to a file if (!empty($found)) { file_put_contents('found.txt', implode(PHP_EOL, $found) . PHP_EOL, FILE_APPEND); } echo "
Download found.txt"; } else { // =================================================================== // HTML FORM INTERFACE // =================================================================== ?> Mass Checker

Mass Checker

Contoh: http://example.com/wp-admin/shell.php
Select Scan Type:




Direct URL Scan: Directly scans full URLs that already contain file names.
Custom Extension Scan: Add extensions to the base URL.
Select Scan Mode: