API tools faq
paste
Advertisement
Fakhru

Untitled

Fakhru
May 16th, 2013
62
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.95 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /*
  3. jComDetect - Joomla Components Detection.
  4. Copyright (C) 2011 Ahlspiess <ahlspiess@tbdsecurity.com>
  5. Link: http://rempah-proj.googlecode.com/svn/trunk/PHP/jcomdetect.php
  6.  
  7. Ported By Wcypierre <wcypierre@gmail.com>
  8. http://intizone.net
  9.  
  10. This program is free software: you can redistribute it and/or modify
  11. it under the terms of the GNU General Public License as published by
  12. the Free Software Foundation, either version 3 of the License, or
  13. (at your option) any later version.
  14.  
  15. This program is distributed in the hope that it will be useful,
  16. but WITHOUT ANY WARRANTY; without even the implied warranty of
  17. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  18. GNU General Public License for more details.
  19.  
  20. You should have received a copy of the GNU General Public License
  21. along with this program. If not, see <http://www.gnu.org/licenses/>.
  22. */
  23.  
  24.  
  25. $jMe = new jComDetect($url);
  26.  
  27. class jComDetect {
  28. public $ip;
  29.  
  30. function __construct($url){
  31. $this->ip = $_GET['ip'];
  32. $this->init();
  33.  
  34. }
  35.  
  36. function init() {
  37.  
  38. $bingg = $this->bing($this->ip);
  39. foreach ($bingg as $key) {
  40. $this->msg("<br /> Website Url: <a href=\"http://".$key."\" target=\"_blank\">".$key."</a>");
  41. $content = $this->cURL($key);
  42. $check = preg_match_all("/Joomla\! (.*?) \-/", $content, $ver);
  43. if ($check) {
  44. $this->msg("[+] Joomla version ".$ver[1][0]);
  45. }
  46. else {
  47. $this->msg("This website is not using Joomla");
  48. }
  49. $this->jCheckComp($content);
  50. }
  51.  
  52.  
  53. }
  54.  
  55. function jCheckComp($content) {
  56. $dupe = array();
  57. $nstack = array();
  58.  
  59. #$nstack[] = "joomla ".$ver[1][0 ];
  60. preg_match_all("/\/component(s?)\/(.*?)\//", $content, $val_1);
  61. preg_match_all("/option=(.*?)\&/", $content, $val_2);
  62. $var1 = explode(',', str_replace("com_com_", "com_", join(',com_', $val_1[2])));
  63. $var2 = $val_2[1];
  64. $stack = array_merge($var1, $var2);
  65. foreach($stack as $unstack) {
  66. if(!isset($dupe[$unstack]) and !is_null($unstack) and !empty($unstack) and (preg_match("/com_/", $unstack))) {
  67. $this->msg("[+] {$unstack} Component(s) Found");
  68. $nstack[] = $unstack;
  69. $dupe[$unstack] = true;
  70. }
  71. }
  72. //echo "[Debug]".__fVULN__."\n";
  73. //$this->fVuln($nstack);
  74. }
  75.  
  76. function fVuln($c = array()) {
  77. $content = "";
  78. foreach($c as $com) {
  79. $content .= $this->cURL("http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description={$com}&filter_exploit_text=&filter_author=&filter_platform=31&filter_type=6&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve=");
  80. }
  81. preg_match_all("/\<a href=\"http\:\/\/www\.exploit\-db\.com\/exploits\/(.*?)\"\>(.*?)\n/", $content, $me);
  82. for($i=0;$i<count($me[1]);$i++) {
  83. $this->msg("[+] ".trim(str_replace("</a>", "", $me[2][$i]))."\n --> http://www.exploit-db.com/exploits/".trim($me[1][$i]));
  84. }
  85.  
  86. }
  87.  
  88. function cURL($url) {
  89. $ch = curl_init();
  90. curl_setopt($ch, CURLOPT_HEADER, 1);
  91. curl_setopt($ch, CURLOPT_TIMEOUT, 15);
  92. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  93. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  94. curl_setopt($ch, CURLOPT_URL, $url);
  95. curl_setopt($ch, CURLOPT_USERAGENT, "jVulnComponent Crawler v1-Ahlspiess, Ported by wcypierre");
  96. //curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  97. $data = curl_exec($ch);
  98. if($data) {
  99. return $data;
  100. } else {
  101. return 0;
  102. }
  103. }
  104.  
  105. function msg($x) {
  106. printf("%s<br />", $x);
  107. }
  108.  
  109. function bing($ip) {
  110. $npage = 1;
  111. $npages = 300;
  112. $allLinks = array();
  113. $lll = array();
  114. while($npage <= $npages) {
  115. $x = $this->cURL("http://www.bing.com/search?q=ip%3A" . $ip . "&first=" . $npage, $proxy);
  116. if ($x) {
  117. preg_match_all('(<div class="sb_tlst">.*<h3>.*<a href="(.*)".*>(.*)</a>.*</h3>.*</div>)siU', $x, $findlink);
  118. foreach ($findlink[1] as $fl) array_push($allLinks, $fl);
  119. $npage = $npage + 10;
  120. if (preg_match("(first=" . $npage . "&amp)siU", $x, $linksuiv) == 0) break;
  121. } else break;
  122. }
  123. $URLs = array();
  124. foreach($allLinks as $url){
  125. $exp = explode("/", $url);
  126. $URLs[] = $exp[2];
  127. }
  128. $array = array_filter($URLs);
  129. $array = array_unique($array);
  130. return $array;
  131. /** foreach ($array as $domain) {
  132. echo "<a href=\"http://".$domain."\">".$domain."</a><br>";
  133. **/
  134. }
  135. }
  136.  
  137.  
  138.  
  139. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!