SHARE
TWEET

Joomla Vulnerability Scanner by ShinChan

choirurrizal Oct 14th, 2017 (edited) 1,140 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. # ShinChan - N45HT - N45HT.WEB.ID
  3. # fb.com/angelia.put - fb.com/ShinChan.admin - fb.com/N45HTOfficial - fb.com/groups/N45HTOfficial
  4. # shinchan0x1945@gmail.com
  5.  
  6. # Joomla Vulnerability Scanner - coded by ShinChan | copyright ShinChan@2017#
  7.  
  8. echo "
  9.  ___  _  _  __  _  _  __  _  _   __   _  _     _    _  ____  ___
  10. / __)( )( )(  )( \( )/ _)( )( ) (  ) ( \( )   ( \/\/ )(_  _)(  _)
  11. \__ \ )__(  )(  )  (( (_  )__(  /__\  )  (  ___\    /   )(   ) _)
  12. (___/(_)(_)(__)(_)\_)\__)(_)(_)(_)(_)(_)\_)(___)\/\/   (__) (_)  
  13.        Joomla Vulnerability Scanner - coded by ShinChan
  14.  
  15.     Thanks to :  PETR03X - Comod0x - SCYTHE404_LOL - Grav3
  16.                        All Members N45HT
  17.  
  18.  
  19. ";
  20. echo "Input your target (ex:victim.com) : ";
  21. $target = trim(fgets(STDIN));
  22. $totalvuln = "0";
  23. $totalnotvuln = "0";
  24.  
  25. if(!preg_match("/^http:\/\//",$target) AND !preg_match("/^https:\/\//",$target)){
  26.     $targets = "http://$target";
  27. }else{
  28.     $targets = $target;
  29. }
  30.  
  31. echo "\n[~] Scanning => $targets";
  32.  
  33. /* Exploit COM SEXY - ShinChan - N45HT */
  34. echo "\n\n[+] Testing Exploit COM_SEXY";
  35. $urlsexy = "$targets/components/com_sexycontactform/fileupload/index.php";
  36. $curlsexy = curl_init();
  37. curl_setopt($curlsexy, CURLOPT_URL, $urlsexy);
  38. curl_setopt($curlsexy, CURLOPT_FOLLOWLOCATION, 1);
  39. curl_setopt($curlsexy, CURLOPT_RETURNTRANSFER, 1);
  40. $response = curl_exec($curlsexy);
  41. $httpCode = curl_getinfo($curlsexy, CURLINFO_HTTP_CODE);
  42. curl_close($curlsexy);
  43. if($httpCode == 200){
  44.     echo "\n    > Result : 200 ok";
  45.     echo "\n    > Exploit : COM_SEXY";
  46.     echo "\n    > Tutorial : http://yobuilder.com/8uWs\n";
  47.     $totalvuln = $totalvuln + 1;
  48. }else{
  49.     echo "\n    > Result : 404";
  50.     echo "\n    > Not Vulnerable";
  51.     $totalnotvuln = $totalnotvuln + 1;
  52. }
  53. /* Exploit COM SEXY - ShinChan - N45HT */
  54.  
  55. /* Exploit COM jDownloads - ShinChan - N45HT */
  56. echo "\n\n[+] Testing Exploit COM_jDownloads";
  57. $urljdownloads = "$targets/index.php?option=com_jdownloads&Itemid=1&view=upload";
  58. $curljdownloads = curl_init();
  59. curl_setopt($curljdownloads, CURLOPT_URL, $urljdownloads);
  60. curl_setopt($curljdownloads, CURLOPT_FOLLOWLOCATION, 1);
  61. curl_setopt($curljdownloads, CURLOPT_RETURNTRANSFER, 1);
  62. $response = curl_exec($curljdownloads);
  63. $httpCode = curl_getinfo($curljdownloads, CURLINFO_HTTP_CODE);
  64. curl_close($curljdownloads);
  65. if($httpCode == 200){
  66.     echo "\n    > Result : 200 ok";
  67.     echo "\n    > Exploit : COM_jDownloads";
  68.     echo "\n    > Tutorial : http://yobuilder.com/8tlO\n";
  69.     $totalvuln = $totalvuln + 1;
  70. }else{
  71.     echo "\n    > Result : 404";
  72.     echo "\n    > Not Vulnerable";
  73.     $totalnotvuln = $totalnotvuln + 1;
  74. }
  75. /* Exploit COM jDownloads - ShinChan - N45HT */
  76.  
  77. /* Exploit COM MEDIA - ShinChan - N45HT */
  78. echo "\n\n[+] Testing Exploit COM_MEDIA";
  79. $urlmedia = "$targets/index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=";
  80. $curlmedia = curl_init();
  81. curl_setopt($curlmedia, CURLOPT_URL, $urlmedia);
  82. curl_setopt($curlmedia, CURLOPT_FOLLOWLOCATION, 1);
  83. curl_setopt($curlmedia, CURLOPT_RETURNTRANSFER, 1);
  84. $response = curl_exec($curlmedia);
  85. $httpCode = curl_getinfo($curlmedia, CURLINFO_HTTP_CODE);
  86. curl_close($curlmedia);
  87. if($httpCode == 200){
  88.     echo "\n    > Result : 200 ok";
  89.     echo "\n    > Exploit : COM_MEDIA";
  90.     echo "\n    > Tutorial : http://yobuilder.com/8uUU\n";
  91.     $totalvuln = $totalvuln + 1;
  92. }else{
  93.     echo "\n    > Result : 404";
  94.     echo "\n    > Not Vulnerable";
  95.     $totalnotvuln = $totalnotvuln + 1;
  96. }
  97. /* Exploit COM MEDIA - ShinChan - N45HT */
  98.  
  99. /* Exploit COM Jfuploader - ShinChan - N45HT */
  100. echo "\n\n[+] Testing Exploit COM_Jfuploader";
  101. $urljfuploader = "$targets/index.php?option=com_jfuploader&Itemid=1";
  102. $curljfuploader = curl_init();
  103. curl_setopt($curljfuploader, CURLOPT_URL, $urljfuploader);
  104. curl_setopt($curljfuploader, CURLOPT_FOLLOWLOCATION, 1);
  105. curl_setopt($curljfuploader, CURLOPT_RETURNTRANSFER, 1);
  106. $response = curl_exec($curljfuploader);
  107. $httpCode = curl_getinfo($curljfuploader, CURLINFO_HTTP_CODE);
  108. curl_close($curljfuploader);
  109. if($httpCode == 200){
  110.     echo "\n    > Result : 200 ok";
  111.     echo "\n    > Exploit : COM_Jfuploader";
  112.     echo "\n    > Tutorial : http://yobuilder.com/8uBj\n";
  113.     $totalvuln = $totalvuln + 1;
  114. }else{
  115.     echo "\n    > Result : 404";
  116.     echo "\n    > Not Vulnerable";
  117.     $totalnotvuln = $totalnotvuln + 1;
  118. }
  119. /* Exploit COM Jfuploader - ShinChan - N45HT */
  120.  
  121. /* Exploit COM USERS - ShinChan - N45HT */
  122. echo "\n\n[+] Testing Exploit COM_USERS";
  123. $urlusers = "$targets/index.php?option=com_users&view=registration";
  124. $curlusers = curl_init();
  125. curl_setopt($curlusers, CURLOPT_URL, $urlusers);
  126. curl_setopt($curlusers, CURLOPT_FOLLOWLOCATION, 1);
  127. curl_setopt($curlusers, CURLOPT_RETURNTRANSFER, 1);
  128. $response = curl_exec($curlusers);
  129. $httpCode = curl_getinfo($curlusers, CURLINFO_HTTP_CODE);
  130. curl_close($curlusers);
  131. if($httpCode == 200){
  132.     echo "\n    > Result : 200 ok";
  133.     echo "\n    > Exploit : COM_USERS";
  134.     echo "\n    > Tutorial : http://yobuilder.com/94tM\n";
  135.     $totalvuln = $totalvuln + 1;
  136. }else{
  137.     echo "\n    > Result : 404";
  138.     echo "\n    > Not Vulnerable";
  139.     $totalnotvuln = $totalnotvuln + 1;
  140. }
  141. /* Exploit COM USERS - ShinChan - N45HT */
  142.  
  143. /* Exploit COM KSAdvertiser - ShinChan - N45HT */
  144. echo "\n\n[+] Testing Exploit COM_KSAdvertiser";
  145. $urlksadviser = "$targets/index.php?option=com_user&view=login";
  146. $curlksadviser = curl_init();
  147. curl_setopt($curlksadviser, CURLOPT_URL, $urlksadviser);
  148. curl_setopt($curlksadviser, CURLOPT_FOLLOWLOCATION, 1);
  149. curl_setopt($curlksadviser, CURLOPT_RETURNTRANSFER, 1);
  150. $response = curl_exec($curlksadviser);
  151. $httpCode = curl_getinfo($curlksadviser, CURLINFO_HTTP_CODE);
  152. curl_close($curlksadviser);
  153. if($httpCode == 200){
  154.     echo "\n    > Result : 200 ok";
  155.     echo "\n    > Exploit : COM_KSAdvertiser";
  156.     echo "\n    > Tutorial : http://yobuilder.com/8uHb\n";
  157.     $totalvuln = $totalvuln + 1;
  158. }else{
  159.     echo "\n    > Result : 404";
  160.     echo "\n    > Not Vulnerable";
  161.     $totalnotvuln = $totalnotvuln + 1;
  162. }
  163. /* Exploit COM KSAdvertiser - ShinChan - N45HT */
  164.  
  165. /* Exploit COM OSProperty - ShinChan - N45HT */
  166. echo "\n\n[+] Testing Exploit COM_OSProperty";
  167. $urlosproperty = "$targets/component/osproperty/?task=agent_register";
  168. $curlosproperty = curl_init();
  169. curl_setopt($curlosproperty, CURLOPT_URL, $urlosproperty);
  170. curl_setopt($curlosproperty, CURLOPT_FOLLOWLOCATION, 1);
  171. curl_setopt($curlosproperty, CURLOPT_RETURNTRANSFER, 1);
  172. $response = curl_exec($curlosproperty);
  173. $httpCode = curl_getinfo($curlosproperty, CURLINFO_HTTP_CODE);
  174. curl_close($curlosproperty);
  175. if($httpCode == 200){
  176.     echo "\n    > Result : 200 ok";
  177.     echo "\n    > Exploit : COM_OSProperty";
  178.     echo "\n    > Tutorial : http://yobuilder.com/8uNE\n";
  179.     $totalvuln = $totalvuln + 1;
  180. }else{
  181.     echo "\n    > Result : 404";
  182.     echo "\n    > Not Vulnerable";
  183.     $totalnotvuln = $totalnotvuln + 1;
  184. }
  185. /* Exploit COM OSProperty - ShinChan - N45HT */
  186.  
  187. /* Exploit COM FABRIK - ShinChan - N45HT */
  188. echo "\n\n[+] Testing Exploit COM_FABRIK";
  189. $urlfabrik = "$targets/index.php?option=com_fabrik&c=import&view=import&filetype=csv&table=1";
  190. $curlfabrik = curl_init();
  191. curl_setopt($curlfabrik, CURLOPT_URL, $urlfabrik);
  192. curl_setopt($curlfabrik, CURLOPT_FOLLOWLOCATION, 1);
  193. curl_setopt($curlfabrik, CURLOPT_RETURNTRANSFER, 1);
  194. $response = curl_exec($curlfabrik);
  195. $httpCode = curl_getinfo($curlfabrik, CURLINFO_HTTP_CODE);
  196. curl_close($curlfabrik);
  197. if($httpCode == 200){
  198.     echo "\n    > Result : 200 ok";
  199.     echo "\n    > Exploit : COM_FABRIK";
  200.     echo "\n    > Tutorial : http://yobuilder.com/94tM\n";
  201.     $totalvuln = $totalvuln + 1;
  202. }else{
  203.     echo "\n    > Result : 404";
  204.     echo "\n    > Not Vulnerable";
  205.     $totalnotvuln = $totalnotvuln + 1;
  206. }
  207. /* Exploit COM FABRIK - ShinChan - N45HT */
  208.  
  209. /* Exploit COM Collector - ShinChan - N45HT */
  210. echo "\n\n[+] Testing Exploit COM_Collector";
  211. $urlcollector = "$targets/index.php?option=com_collector&view=filelist&tmpl=component&folder=&type=1";
  212. $curlcollector = curl_init();
  213. curl_setopt($curlcollector, CURLOPT_URL, $urlcollector);
  214. curl_setopt($curlcollector, CURLOPT_FOLLOWLOCATION, 1);
  215. curl_setopt($curlcollector, CURLOPT_RETURNTRANSFER, 1);
  216. $response = curl_exec($curlcollector);
  217. $httpCode = curl_getinfo($curlcollector, CURLINFO_HTTP_CODE);
  218. curl_close($curlcollector);
  219. if($httpCode == 200){
  220.     echo "\n    > Result : 200 ok";
  221.     echo "\n    > Exploit : COM_Collector";
  222.     echo "\n    > Tutorial : http://yobuilder.com/8uP0\n";
  223.     $totalvuln = $totalvuln + 1;
  224. }else{
  225.     echo "\n    > Result : 404";
  226.     echo "\n    > Not Vulnerable";
  227.     $totalnotvuln = $totalnotvuln + 1;
  228. }
  229. /* Exploit COM Collector - ShinChan - N45HT */
  230.  
  231. echo "\n\n [x] Result :";
  232. echo "\n    [~] Total Vulnerability = $totalvuln";
  233. echo "\n    [~] Total Not Vulnerability = $totalnotvuln\n\n";
  234. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top