JComScanner v1.1

1. #!/usr/bin/env python
2.  
3. import os
4. import time
5. import random
6. import urllib2  as u2
7. import argparse as ap
8.  
9.  
10. sub_url = "/components/"
11. #------------------------------------------------------
12. # Args set
13. def add_args():
14.     p = ap.ArgumentParser()
15.     p.add_argument("-u", help = "Remote site URL")
16.     p.add_argument("-f", help = "Joomla components list file")
17.     p.add_argument("-t", help = "Timeout (sec)")
18.     p.add_argument("-T", help = "Randomization timeout (from 0 to N)")
19.     p.add_argument("-p", help = "HTTP Proxy server (PROXY:PORT)(example: 127.0.0.1:1080)")
20.     return p.parse_args(), p
21. #------------------------------------------------------
22.  
23. #------------------------------------------------------
24. # Timeout
25. def timeout(args):
26.     if args.T:
27.         time.sleep(random.randint(0, int(args.T)))
28.     elif args.t:
29.         time.sleep(int(args.t))
30.        
31. #------------------------------------------------------
32. #------------------------------------------------------
33. # Scan through HTTP server
34. def scan_through_proxy(args, com_name, op):
35.     try:
36.         url = args.u + sub_url + com_name
37.         op.open(url)
38.     except:
39.         raise
40.     return True
41. #------------------------------------------------------
42. #------------------------------------------------------
43. # Scan directly
44. def scan(args, com_name):
45.     try:
46.         url = args.u + sub_url + com_name
47.         req = u2.Request(url)
48.         u2.urlopen(req)    
49.     except:
50.         raise
51.     return True
52. #------------------------------------------------------
53.  
54. a, p = add_args()
55. if not a.u or not a.f:
56.     p.print_usage()
57.     p.exit()
58. else:
59.     if a.u.find("http://") < 0 and a.u.find("HTTP://") < 0:
60.         a.u = "http://" + a.u
61.  
62. if not os.access(a.f, os.F_OK):
63.     print "File {} does not exit or permission denied".format(a.f)
64.     exit()
65.  
66.  
67. print "[Joomla components scanner by R0nin]\n"
68. print "[+] Host:", a.u
69. try:
70.     if not a.p:
71.         with open(a.f) as com_file:
72.             for line in com_file:
73.                 line = line.strip("\r\n")
74.                 try:
75.                     scan(a, line)
76.                 except u2.HTTPError as he:
77.                     if he.code == 404:
78.                         print "Component: " + line.ljust(40,' ') + "[Not found]"
79.                 except u2.URLError as ue:
80.                     print "Exception: " + ue.reason
81.                 else:
82.                     print "Component: " + line.ljust(40,' ') + "[OK]"
83.                 timeout(a)
84.     else:
85.         if a.p.find("http://") < 0 and a.p.find("HTTP://") < 0:
86.             a.p = "http://" + a.p
87.         prx = u2.ProxyHandler({"http":a.p})
88.         op  = u2.build_opener(prx)
89.         u2.install_opener(op)
90.        
91.         print "[Scan via HTTP proxy {}]\n".format(a.p)
92.         with open(a.f) as com_file:
93.             for line in com_file:
94.                 line = line.strip("\r\n")
95.                 try:
96.                     scan_through_proxy(a, line, op)
97.                 except u2.HTTPError as he:
98.                     if he.code == 404:
99.                         print "Component: " + line.ljust(40,' ') + "[Not found]"
100.                 except u2.URLError as ue:
101.                     print "Exception: " + ue.reason
102.                 else:
103.                     print "Component: " + line.ljust(40,' ') + "[OK]"
104.                 timeout(a)
105. except KeyboardInterrupt:
106.     print "\nInterrupted by user (CTRL+C or Delete)"
107.     exit()
108. except:
109.     print "Uknown exception: exit..."
110.     exit()
111. else:
112.     print "\n[Sucess]\n"
113.     exit()