Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- jComDetect - Joomla Components Detection.
- Copyright (C) 2011 Ahlspiess <ahlspiess@tbdsecurity.com>
- Link: http://rempah-proj.googlecode.com/svn/trunk/PHP/jcomdetect.php
- Ported By Wcypierre <wcypierre@gmail.com>
- http://intizone.net
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation, either version 3 of the License, or
- (at your option) any later version.
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
- $jMe = new jComDetect($url);
- class jComDetect {
- public $ip;
- function __construct($url){
- $this->ip = $_GET['ip'];
- $this->init();
- }
- function init() {
- $bingg = $this->bing($this->ip);
- foreach ($bingg as $key) {
- $this->msg("<br /> Website Url: <a href=\"http://".$key."\" target=\"_blank\">".$key."</a>");
- $content = $this->cURL($key);
- $check = preg_match_all("/Joomla\! (.*?) \-/", $content, $ver);
- if ($check) {
- $this->msg("[+] Joomla version ".$ver[1][0]);
- }
- else {
- $this->msg("This website is not using Joomla");
- }
- $this->jCheckComp($content);
- }
- }
- function jCheckComp($content) {
- $dupe = array();
- $nstack = array();
- #$nstack[] = "joomla ".$ver[1][0 ];
- preg_match_all("/\/component(s?)\/(.*?)\//", $content, $val_1);
- preg_match_all("/option=(.*?)\&/", $content, $val_2);
- $var1 = explode(',', str_replace("com_com_", "com_", join(',com_', $val_1[2])));
- $var2 = $val_2[1];
- $stack = array_merge($var1, $var2);
- foreach($stack as $unstack) {
- if(!isset($dupe[$unstack]) and !is_null($unstack) and !empty($unstack) and (preg_match("/com_/", $unstack))) {
- $this->msg("[+] {$unstack} Component(s) Found");
- $nstack[] = $unstack;
- $dupe[$unstack] = true;
- }
- }
- //echo "[Debug]".__fVULN__."\n";
- //$this->fVuln($nstack);
- }
- function fVuln($c = array()) {
- $content = "";
- foreach($c as $com) {
- $content .= $this->cURL("http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description={$com}&filter_exploit_text=&filter_author=&filter_platform=31&filter_type=6&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve=");
- }
- preg_match_all("/\<a href=\"http\:\/\/www\.exploit\-db\.com\/exploits\/(.*?)\"\>(.*?)\n/", $content, $me);
- for($i=0;$i<count($me[1]);$i++) {
- $this->msg("[+] ".trim(str_replace("</a>", "", $me[2][$i]))."\n --> http://www.exploit-db.com/exploits/".trim($me[1][$i]));
- }
- }
- function cURL($url) {
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_HEADER, 1);
- curl_setopt($ch, CURLOPT_TIMEOUT, 15);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt($ch, CURLOPT_URL, $url);
- curl_setopt($ch, CURLOPT_USERAGENT, "jVulnComponent Crawler v1-Ahlspiess, Ported by wcypierre");
- //curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- $data = curl_exec($ch);
- if($data) {
- return $data;
- } else {
- return 0;
- }
- }
- function msg($x) {
- printf("%s<br />", $x);
- }
- function bing($ip) {
- $npage = 1;
- $npages = 300;
- $allLinks = array();
- $lll = array();
- while($npage <= $npages) {
- $x = $this->cURL("http://www.bing.com/search?q=ip%3A" . $ip . "&first=" . $npage, $proxy);
- if ($x) {
- preg_match_all('(<div class="sb_tlst">.*<h3>.*<a href="(.*)".*>(.*)</a>.*</h3>.*</div>)siU', $x, $findlink);
- foreach ($findlink[1] as $fl) array_push($allLinks, $fl);
- $npage = $npage + 10;
- if (preg_match("(first=" . $npage . "&)siU", $x, $linksuiv) == 0) break;
- } else break;
- }
- $URLs = array();
- foreach($allLinks as $url){
- $exp = explode("/", $url);
- $URLs[] = $exp[2];
- }
- $array = array_filter($URLs);
- $array = array_unique($array);
- return $array;
- /** foreach ($array as $domain) {
- echo "<a href=\"http://".$domain."\">".$domain."</a><br>";
- **/
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement