View difference between Paste ID: 7AptPCsj and fnsy3X6T
SHOW: | | - or go back to the newest paste.
1
<!--
2
########################################################################
3
##
4
# Script : [+]~ 1337 Multiple CMS Scaner Online v0.4 (0!IIIV) ~[+]
5
##
6
# Author : KedAns-Dz ( ked-h [ at ] hotmail [ dot ] com )
7
##
8
# Home : www.1337day.com
9
##
10
# Greets to : Dz Offenders Cr3W - Algerian Cyber Army - Inj3ct0r Team
11
##
12
#########################################################################
13
14
// Script Functions , start ..!
15
-->
16
<html>
17
<head>
18
<meta http-equiv="Content-Language" content="fr">
19
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
20
<title>1337 Multiple CMS Scaner Online v0.4 (0!IIIV) by KedAns-Dz</title>
21
<meta content="KedAns-Dz , Inj3ct0r Team , 1337 Multiple CMS Scaner Online" name="description">
22
<link href="http://209.217.227.77/~forumant/favicon.ico" type="image/x-icon" rel="shortcut icon" />
23
<style>
24
body,input,table,select{background: black; font-family:Verdana,tahoma; color: #008000; font-size:11px; }
25
a:link,a:active,a:visited{text-decoration: none;color: red;}
26
a:hover {text-decoration: underline; color: red;}
27
table,td,tr,#gg{ border-style:solid; text-decoration:bold; }
28
tr:hover,td:hover{background-color: #FFFFCC; color:green;}
29
.oo:hover{background-color: black; color:white;}
30
</style>
31
</head>
32
33
<body>
34
35
<p align="center">&nbsp;</p>
36
<p align="center">&nbsp;</p>
37
<p align="center">&nbsp;</p>
38
<p align="center"><font size="4">1337 Multiple CMS Scaner Online v0.4 (0!IIIV) | T0olKit By : KedAns-Dz</font></p><br>
39
<form method="POST">
40
<p align="center"><input type="text" name="site" size="65" value="127.0.0.1"><input type="submit" value="Scan.."></p>
41
</form><center>
42
<?php
43
@set_time_limit(0);
44
@error_reporting(0);
45
46
function check_exploit($cpmxx){
47
48
$link ="http://packetstormsecurity.org/search/files/?q=$cpmxx";
49
50
$result = @file_get_contents($link);
51
52
if (eregi("No Results Found",$result))  {
53
54
echo"<td>Not Found</td><td><a href='http://www.google.dz/#hl=en&q=download+$cpmxx'>Download</a></td></tr>";
55
56
}else{
57
58
echo"<td><a href='$link'>Found</a></td><td><=</td></tr>";
59
60
}
61
}
62
63
/* Joomla Conf */
64
function check_com($url){
65
66
$source = @file_get_contents($url);
67
68
preg_match_all('{option,(.*?)/}i',$source,$f);
69
preg_match_all('{option=(.*?)(&amp;|&|")}i',$source,$f2);
70
preg_match_all('{/components/(.*?)/}i',$source,$f3);
71
72
$arz=array_merge($f2[1],$f[1],$f3[1]);
73
74
$coms=array();
75
76
if(count($arz)==0){ echo "<tr><td colspan=3>[ Joomla ] ...Nothing Found !</td></tr>";}
77
78
foreach(array_unique($arz) as $x){
79
$coms[]=$x;
80
}
81
82
foreach($coms as $comm){
83
84
echo "<tr><td>$comm</td>"; 
85
check_exploit($comm);
86
}
87
88
}
89
90
/* WordPress Conf */
91
92
function get_plugins($url){
93
94
$source = @file_get_contents($url);
95
96
preg_match_all("#/plugins/(.*?)/#i", $source, $f);
97
98
$arz=array_unique($f[1]);
99
100
if(count($arz)==0){ echo "<tr><td colspan=3>[ Wordpress ] ...Nothing Found !</td></tr>";}
101
102
foreach($arz as $plugin){
103
104
echo "<tr><td>$plugin</td>";
105
106
check_exploit($plugin);
107
108
}
109
110
}
111
112
/**************************************************************/
113
/* Nuke's Conf */
114
115
function get_numod($url){
116
117
$source = @file_get_contents($url);
118
119
preg_match_all('{?name=(.*?)/}i',$source,$f);
120
preg_match_all('{?name=(.*?)(&amp;|&|l_op=")}i',$source,$f2);
121
preg_match_all('{/modules/(.*?)/}i',$source,$f3);
122
123
$arz=array_merge($f2[1],$f[1],$f3[1]);
124
125
$cpm=array();
126
127
if(count($arz)==0){ echo "<tr><td colspan=3>[ Nuke's ] ...Nothing Found !</td></tr>";}
128
129
foreach(array_unique($arz) as $x){
130
131
$cpm[]=$x;
132
}
133
134
foreach($cpm as $nmod){
135
136
echo "<tr><td>$nmod</td>";
137
138
check_exploit($nmod);
139
140
}
141
142
}
143
144
/*****************************************************/
145
/* Xoops Conf */
146
147
function get_xoomod($url){
148
149
$source = @file_get_contents($url);
150
151
preg_match_all('{/modules/(.*?)/}i',$source,$f);
152
153
$arz=array_merge($f[1]);
154
155
$cpm=array();
156
157
if(count($arz)==0){ echo "<tr><td colspan=3>[ Xoops ] ...Nothing Found !</td></tr>";}
158
159
foreach(array_unique($arz) as $x){
160
161
$cpm[]=$x;
162
}
163
164
foreach($cpm as $xmod){
165
166
echo "<tr><td>$xmod</td>";
167
168
check_exploit($xmod);
169
170
}
171
172
}
173
174
/**************************************************************/
175
176
function sec($site){
177
preg_match_all('{http://(.*?)(/index.php)}siU',$site, $sites);
178
if(eregi("www",$sites[0][0])){
179
return $site=str_replace("index.php","",$sites[0][0]);
180
}else{
181
return $site=str_replace("http://","http://www.",str_replace("index.php","",$sites[0][0]));
182
}}
183
184
$npages = 50000;
185
186
if ($_POST) 
187
{
188
  $ip = trim(strip_tags($_POST['site']));
189
  $npage = 1;
190
  $allLinks = array();
191
192
193
   while($npage <= $npages) 
194
  { 
195
  
196
  $x=@file_get_contents('http://www.bing.com/search?q=ip%3A' . $ip . '+index.php?option=com&first=' . $npage);
197
198
  
199
	if ($x)
200
	{
201
		preg_match_all('(<div class="sb_tlst">.*<h3>.*<a href="(.*)".*>(.*)</a>.*</h3>.*</div>)siU', $x, $findlink);
202
		
203
		foreach ($findlink[1] as $fl)
204
		
205
		$allLinks[]=sec($fl);
206
		
207
		
208
		$npage = $npage + 10;
209
		
210
		if (preg_match('(first=' . $npage . '&amp)siU', $x, $linksuiv) == 0) 
211
			break;			   
212
	}
213
	
214
    else
215
		break;
216
  }
217
218
219
$allDmns = array();
220
221
foreach ($allLinks as $kk => $vv){
222
223
$allDmns[] = $vv;
224
}
225
			
226
echo'<table border="1"  width=\"80%\" align=\"center\">
227
<tr><td width=\"30%\"><b>Server IP&nbsp;&nbsp;&nbsp;&nbsp; : </b></td><td><b>'.$ip.'</b></td></tr>			
228
<tr><td width=\"30%\"><b>Sites Found&nbsp; : </b></td><td><b>'.count(array_unique($allDmns)).'</b></td></tr>
229
</table>';
230
echo "<br><br>";
231
232
echo'<table border="1" width="80%" align=\"center\">';
233
234
foreach(array_unique($allDmns) as $h3h3){
235
236
echo'<tr id=new><td><b><a href='.$h3h3.'>'.$h3h3.'</a></b></td><td><b>PacketStorm</b></td><td><b>Challenge of Exploiting ..!</b></td></tr>';
237
238
check_com($h3h3);
239
get_plugins($h3h3);
240
get_numod($h3h3);
241
get_xoomod($h3h3);
242
}
243
244
echo"</table>";
245
246
}
247
?></center>
248
<br><p align="center">
249
Coded By : <a href='http://facebook.com/KedAns'>KedAns-Dz</a> | <a href='http://1337day.com/'>Inj3ct0r 1337day Exploit Database</a><br>
250
Made in Algeria | CopyCenter (^.^) 2o12
251
</p>
252
</body>
253
</html>
254
<!-- ' Thanks to Lagripe-Dz aNd K!LLer-Dz'-->