Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- # ShinChan - N45HT - N45HT.WEB.ID
- # fb.com/angelia.put - fb.com/ShinChan.admin - fb.com/N45HTOfficial - fb.com/groups/N45HTOfficial
- # shinchan0x1945@gmail.com
- # Joomla Vulnerability Scanner - coded by ShinChan | copyright ShinChan@2017#
- echo "
- ___ _ _ __ _ _ __ _ _ __ _ _ _ _ ____ ___
- / __)( )( )( )( \( )/ _)( )( ) ( ) ( \( ) ( \/\/ )(_ _)( _)
- \__ \ )__( )( ) (( (_ )__( /__\ ) ( ___\ / )( ) _)
- (___/(_)(_)(__)(_)\_)\__)(_)(_)(_)(_)(_)\_)(___)\/\/ (__) (_)
- Joomla Vulnerability Scanner - coded by ShinChan
- Thanks to : PETR03X - Comod0x - SCYTHE404_LOL - Grav3
- All Members N45HT
- ";
- echo "Input your target (ex:victim.com) : ";
- $target = trim(fgets(STDIN));
- $totalvuln = "0";
- $totalnotvuln = "0";
- if(!preg_match("/^http:\/\//",$target) AND !preg_match("/^https:\/\//",$target)){
- $targets = "http://$target";
- }else{
- $targets = $target;
- }
- echo "\n[~] Scanning => $targets";
- /* Exploit COM SEXY - ShinChan - N45HT */
- echo "\n\n[+] Testing Exploit COM_SEXY";
- $urlsexy = "$targets/components/com_sexycontactform/fileupload/index.php";
- $curlsexy = curl_init();
- curl_setopt($curlsexy, CURLOPT_URL, $urlsexy);
- curl_setopt($curlsexy, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($curlsexy, CURLOPT_RETURNTRANSFER, 1);
- $response = curl_exec($curlsexy);
- $httpCode = curl_getinfo($curlsexy, CURLINFO_HTTP_CODE);
- curl_close($curlsexy);
- if($httpCode == 200){
- echo "\n > Result : 200 ok";
- echo "\n > Exploit : COM_SEXY";
- echo "\n > Tutorial : http://yobuilder.com/8uWs\n";
- $totalvuln = $totalvuln + 1;
- }else{
- echo "\n > Result : 404";
- echo "\n > Not Vulnerable";
- $totalnotvuln = $totalnotvuln + 1;
- }
- /* Exploit COM SEXY - ShinChan - N45HT */
- /* Exploit COM jDownloads - ShinChan - N45HT */
- echo "\n\n[+] Testing Exploit COM_jDownloads";
- $urljdownloads = "$targets/index.php?option=com_jdownloads&Itemid=1&view=upload";
- $curljdownloads = curl_init();
- curl_setopt($curljdownloads, CURLOPT_URL, $urljdownloads);
- curl_setopt($curljdownloads, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($curljdownloads, CURLOPT_RETURNTRANSFER, 1);
- $response = curl_exec($curljdownloads);
- $httpCode = curl_getinfo($curljdownloads, CURLINFO_HTTP_CODE);
- curl_close($curljdownloads);
- if($httpCode == 200){
- echo "\n > Result : 200 ok";
- echo "\n > Exploit : COM_jDownloads";
- echo "\n > Tutorial : http://yobuilder.com/8tlO\n";
- $totalvuln = $totalvuln + 1;
- }else{
- echo "\n > Result : 404";
- echo "\n > Not Vulnerable";
- $totalnotvuln = $totalnotvuln + 1;
- }
- /* Exploit COM jDownloads - ShinChan - N45HT */
- /* Exploit COM MEDIA - ShinChan - N45HT */
- echo "\n\n[+] Testing Exploit COM_MEDIA";
- $urlmedia = "$targets/index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=";
- $curlmedia = curl_init();
- curl_setopt($curlmedia, CURLOPT_URL, $urlmedia);
- curl_setopt($curlmedia, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($curlmedia, CURLOPT_RETURNTRANSFER, 1);
- $response = curl_exec($curlmedia);
- $httpCode = curl_getinfo($curlmedia, CURLINFO_HTTP_CODE);
- curl_close($curlmedia);
- if($httpCode == 200){
- echo "\n > Result : 200 ok";
- echo "\n > Exploit : COM_MEDIA";
- echo "\n > Tutorial : http://yobuilder.com/8uUU\n";
- $totalvuln = $totalvuln + 1;
- }else{
- echo "\n > Result : 404";
- echo "\n > Not Vulnerable";
- $totalnotvuln = $totalnotvuln + 1;
- }
- /* Exploit COM MEDIA - ShinChan - N45HT */
- /* Exploit COM Jfuploader - ShinChan - N45HT */
- echo "\n\n[+] Testing Exploit COM_Jfuploader";
- $urljfuploader = "$targets/index.php?option=com_jfuploader&Itemid=1";
- $curljfuploader = curl_init();
- curl_setopt($curljfuploader, CURLOPT_URL, $urljfuploader);
- curl_setopt($curljfuploader, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($curljfuploader, CURLOPT_RETURNTRANSFER, 1);
- $response = curl_exec($curljfuploader);
- $httpCode = curl_getinfo($curljfuploader, CURLINFO_HTTP_CODE);
- curl_close($curljfuploader);
- if($httpCode == 200){
- echo "\n > Result : 200 ok";
- echo "\n > Exploit : COM_Jfuploader";
- echo "\n > Tutorial : http://yobuilder.com/8uBj\n";
- $totalvuln = $totalvuln + 1;
- }else{
- echo "\n > Result : 404";
- echo "\n > Not Vulnerable";
- $totalnotvuln = $totalnotvuln + 1;
- }
- /* Exploit COM Jfuploader - ShinChan - N45HT */
- /* Exploit COM USERS - ShinChan - N45HT */
- echo "\n\n[+] Testing Exploit COM_USERS";
- $urlusers = "$targets/index.php?option=com_users&view=registration";
- $curlusers = curl_init();
- curl_setopt($curlusers, CURLOPT_URL, $urlusers);
- curl_setopt($curlusers, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($curlusers, CURLOPT_RETURNTRANSFER, 1);
- $response = curl_exec($curlusers);
- $httpCode = curl_getinfo($curlusers, CURLINFO_HTTP_CODE);
- curl_close($curlusers);
- if($httpCode == 200){
- echo "\n > Result : 200 ok";
- echo "\n > Exploit : COM_USERS";
- echo "\n > Tutorial : http://yobuilder.com/94tM\n";
- $totalvuln = $totalvuln + 1;
- }else{
- echo "\n > Result : 404";
- echo "\n > Not Vulnerable";
- $totalnotvuln = $totalnotvuln + 1;
- }
- /* Exploit COM USERS - ShinChan - N45HT */
- /* Exploit COM KSAdvertiser - ShinChan - N45HT */
- echo "\n\n[+] Testing Exploit COM_KSAdvertiser";
- $urlksadviser = "$targets/index.php?option=com_user&view=login";
- $curlksadviser = curl_init();
- curl_setopt($curlksadviser, CURLOPT_URL, $urlksadviser);
- curl_setopt($curlksadviser, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($curlksadviser, CURLOPT_RETURNTRANSFER, 1);
- $response = curl_exec($curlksadviser);
- $httpCode = curl_getinfo($curlksadviser, CURLINFO_HTTP_CODE);
- curl_close($curlksadviser);
- if($httpCode == 200){
- echo "\n > Result : 200 ok";
- echo "\n > Exploit : COM_KSAdvertiser";
- echo "\n > Tutorial : http://yobuilder.com/8uHb\n";
- $totalvuln = $totalvuln + 1;
- }else{
- echo "\n > Result : 404";
- echo "\n > Not Vulnerable";
- $totalnotvuln = $totalnotvuln + 1;
- }
- /* Exploit COM KSAdvertiser - ShinChan - N45HT */
- /* Exploit COM OSProperty - ShinChan - N45HT */
- echo "\n\n[+] Testing Exploit COM_OSProperty";
- $urlosproperty = "$targets/component/osproperty/?task=agent_register";
- $curlosproperty = curl_init();
- curl_setopt($curlosproperty, CURLOPT_URL, $urlosproperty);
- curl_setopt($curlosproperty, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($curlosproperty, CURLOPT_RETURNTRANSFER, 1);
- $response = curl_exec($curlosproperty);
- $httpCode = curl_getinfo($curlosproperty, CURLINFO_HTTP_CODE);
- curl_close($curlosproperty);
- if($httpCode == 200){
- echo "\n > Result : 200 ok";
- echo "\n > Exploit : COM_OSProperty";
- echo "\n > Tutorial : http://yobuilder.com/8uNE\n";
- $totalvuln = $totalvuln + 1;
- }else{
- echo "\n > Result : 404";
- echo "\n > Not Vulnerable";
- $totalnotvuln = $totalnotvuln + 1;
- }
- /* Exploit COM OSProperty - ShinChan - N45HT */
- /* Exploit COM FABRIK - ShinChan - N45HT */
- echo "\n\n[+] Testing Exploit COM_FABRIK";
- $urlfabrik = "$targets/index.php?option=com_fabrik&c=import&view=import&filetype=csv&table=1";
- $curlfabrik = curl_init();
- curl_setopt($curlfabrik, CURLOPT_URL, $urlfabrik);
- curl_setopt($curlfabrik, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($curlfabrik, CURLOPT_RETURNTRANSFER, 1);
- $response = curl_exec($curlfabrik);
- $httpCode = curl_getinfo($curlfabrik, CURLINFO_HTTP_CODE);
- curl_close($curlfabrik);
- if($httpCode == 200){
- echo "\n > Result : 200 ok";
- echo "\n > Exploit : COM_FABRIK";
- echo "\n > Tutorial : http://yobuilder.com/94tM\n";
- $totalvuln = $totalvuln + 1;
- }else{
- echo "\n > Result : 404";
- echo "\n > Not Vulnerable";
- $totalnotvuln = $totalnotvuln + 1;
- }
- /* Exploit COM FABRIK - ShinChan - N45HT */
- /* Exploit COM Collector - ShinChan - N45HT */
- echo "\n\n[+] Testing Exploit COM_Collector";
- $urlcollector = "$targets/index.php?option=com_collector&view=filelist&tmpl=component&folder=&type=1";
- $curlcollector = curl_init();
- curl_setopt($curlcollector, CURLOPT_URL, $urlcollector);
- curl_setopt($curlcollector, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($curlcollector, CURLOPT_RETURNTRANSFER, 1);
- $response = curl_exec($curlcollector);
- $httpCode = curl_getinfo($curlcollector, CURLINFO_HTTP_CODE);
- curl_close($curlcollector);
- if($httpCode == 200){
- echo "\n > Result : 200 ok";
- echo "\n > Exploit : COM_Collector";
- echo "\n > Tutorial : http://yobuilder.com/8uP0\n";
- $totalvuln = $totalvuln + 1;
- }else{
- echo "\n > Result : 404";
- echo "\n > Not Vulnerable";
- $totalnotvuln = $totalnotvuln + 1;
- }
- /* Exploit COM Collector - ShinChan - N45HT */
- echo "\n\n [x] Result :";
- echo "\n [~] Total Vulnerability = $totalvuln";
- echo "\n [~] Total Not Vulnerability = $totalnotvuln\n\n";
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement