< | | | |___| (_| | / . \ |_| |______\__,_| /_/ \_\ [*]-----------------------------------------------------------------------[*] [+] Script Name : Joomla JCE Server Scanner [+] Use : php $_SERVER[PHP_SELF] [*]-----------------------------------------------------------------------[*] "; $a = true; while($a){ echo "[*] Server IP -> "; $ip = trim(fgets(STDIN,1024)); if(!checkIP($ip)){ echo "\n[~] Error. Please Set A Valid IP.\n\n"; }else{ $a = false; } } echo "\n"; $fp = fopen('jce-results.txt','a+'); fwrite($fp,"[*]-----------------------------------------------------------------------[*] rEd X [*]-----------------------------------------------------------------------[*] [+] Script Name : Joomla JCE Server Scanner [+] Version : 1.0 [+] Programed By : G-B [+] Email : g22b@hotmail.com [+] Result For : $ip [*]-----------------------------------------------------------------------[*] "); $dork = urlencode("ip:$ip index.php?option=com_"); $pages = pages($dork); $scanaed = array(); for($i=1;$i<=$pages;$i=$i+10){ $src = send("http://www.bing.com/search?q=$dork&first=$i"); preg_match_all('/(.*?)/',$src,$matches); $sites = $matches[1]; foreach($sites as $site){ $sitet = trim(str_replace('www.','',str_replace('/','',$site))); if(eregi('<',$sitet) || eregi('\?',$sitet)) continue; if(in_array($sitet,$scanaed)) continue; $scanaed[] = $sitet; echo "[~] check [ $site ] : "; $header = get_headers("http://$site/components/com_jce/index.html"); if(eregi('404',$header[0])){ echo "No.\n"; }else{ echo "Yes.\n"; fwrite($fp,"http://$site "); } } } fclose($fp); function send($url,$post=false,$ref=false,$follow=false){ $cookies = getcwd().'/cookies'; $header[0] = "Accept: text/xml,application/xml,application/xhtml+xml,"; $header[0] .= "text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5"; $header[] = "Cache-Control: max-age=0"; $header[] = "Connection: keep-alive"; $header[] = "Keep-Alive: 300"; $header[] = "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3"; $header[] = "Accept-Language: en-US,en;q=0.8 "; $header[] = "Pragma: "; $ch = curl_init(); curl_setopt($ch,CURLOPT_URL,$url); curl_setopt($ch,CURLOPT_SSL_VERIFYHOST,false); curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,false); curl_setopt($ch, CURLOPT_HTTPHEADER, $header); curl_setopt($ch,CURLOPT_COOKIEFILE,$cookies); curl_setopt($ch,CURLOPT_COOKIEJAR,$cookies); curl_setopt($ch,CURLOPT_RETURNTRANSFER,true); curl_setopt($ch,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; rv:17.0) Gecko/20100101 Firefox/17.0'); if($post){ curl_setopt($ch,CURLOPT_POST,true); curl_setopt($ch,CURLOPT_POSTFIELDS,$post); } if($follow) curl_setopt($ch,CURLOPT_FOLLOWLOCATION,true); if($ref) curl_setopt($ch,CURLOPT_REFERER,$ref); $return = curl_exec($ch); curl_close($ch); unlink($cookies); return $return; } function pages($dork){ $src = send("http://www.bing.com/search?q=$dork&go=&qs=n&sk=&filt=all&first=199&FORM=PERE3"); $ex = explode('',$src); $ex = explode('-',$ex['1']); return $ex[0]; } function checkIP( $ip ) { if( !empty( $ip ) && ip2long( $ip ) != 0 - 1 && ip2long( $ip ) != false ) { $private_ips = array( array( "0.0.0.0", "2.255.255.255" ), array( "10.0.0.0", "10.255.255.255" ), array( "127.0.0.0", "127.255.255.255" ), array( "169.254.0.0", "169.254.255.255" ), array( "172.16.0.0", "172.31.255.255" ), array( "192.0.2.0", "192.0.2.255" ), array( "192.168.0.0", "192.168.255.255" ), array( "255.255.255.0", "255.255.255.255" ) ); foreach( $private_ips as $r ) { $min = ip2long( $r[0] ); $max = ip2long( $r[1] ); if( $min <= ip2long( $ip ) && ip2long( $ip ) <= $max ) { return false; } } return true; } return false; } ?>