CMS Scanner Vuln

1. <?php
2. @set_time_limit(0);
3. @error_reporting(0);
4.  
5. // Script Functions , start ..!
6.  
7. function ask_exploit_db($component){
8.  
9. $exploitdb ="http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=$component&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve=";
10.  
11. $result = @file_get_contents($exploitdb);
12.  
13. if (eregi("No results",$result))  {
14.  
15. echo"<td>Not Found</td><td><a href='http://www.google.com/search?hl=en&q=download+$component'>Download</a></td></tr>";
16.  
17. }else{
18.  
19. echo"<td><a href='$exploitdb'>Found ..!</a></td><td><--</td></tr>";
20.  
21. }
22. }
23.  
24. /**************************************************************/
25. /* Joomla Conf */
26.  
27. function get_components($site){
28.  
29. $source = @file_get_contents($site);
30.  
31. preg_match_all('{option,(.*?)/}i',$source,$f);
32. preg_match_all('{option=(.*?)(&amp;|&|")}i',$source,$f2);
33. preg_match_all('{/components/(.*?)/}i',$source,$f3);
34.  
35. $arz=array_merge($f2[1],$f[1],$f3[1]);
36.  
37. $coms=array();
38.  
39. if(count($arz)==0){ echo "<tr><td colspan=3>[~] Nothing Found ..! , Maybe there is some error site or option ... check it .</td></tr>";}
40.  
41. foreach(array_unique($arz) as $x){
42.  
43. $coms[]=$x;
44. }
45.  
46. foreach($coms as $comm){
47.  
48. echo "<tr><td>$comm</td>";
49.  
50. ask_exploit_db($comm);
51.  
52. }
53.  
54. }
55.  
56. /**************************************************************/
57. /* WP Conf */
58.  
59. function get_plugins($site){
60.  
61. $source = @file_get_contents($site);
62.  
63. preg_match_all("#/plugins/(.*?)/#i", $source, $f);
64.  
65. $plugins=array_unique($f[1]);
66.  
67. if(count($plugins)==0){ echo "<tr><td colspan=3>[~] Nothing Found ..! , Maybe there is some error site or option ... check it .</td></tr>";}
68.  
69. foreach($plugins as $plugin){
70.  
71. echo "<tr><td>$plugin</td>";
72.  
73. ask_exploit_db($plugin);
74.  
75. }
76.  
77. }
78.  
79. /**************************************************************/
80. /* Nuke's Conf */
81.  
82. function get_numod($site){
83.  
84. $source = @file_get_contents($site);
85.  
86. preg_match_all('{?name=(.*?)/}i',$source,$f);
87. preg_match_all('{?name=(.*?)(&amp;|&|l_op=")}i',$source,$f2);
88. preg_match_all('{/modules/(.*?)/}i',$source,$f3);
89.  
90. $arz=array_merge($f2[1],$f[1],$f3[1]);
91.  
92. $coms=array();
93.  
94. if(count($arz)==0){ echo "<tr><td colspan=3>[~] Nothing Found ..! , Maybe there is some error site or option ... check it .</td></tr>";}
95.  
96. foreach(array_unique($arz) as $x){
97.  
98. $coms[]=$x;
99. }
100.  
101. foreach($coms as $nmod){
102.  
103. echo "<tr><td>$nmod</td>";
104.  
105. ask_exploit_db($nmod);
106.  
107. }
108.  
109. }
110.  
111. /*****************************************************/
112. /* Xoops Conf */
113.  
114. function get_xoomod($site){
115.  
116. $source = @file_get_contents($site);
117.  
118. preg_match_all('{/modules/(.*?)/}i',$source,$f);
119.  
120. $arz=array_merge($f[1]);
121.  
122. $coms=array();
123.  
124. if(count($arz)==0){ echo "<tr><td colspan=3>[~] Nothing Found ..! , Maybe there is some error site or option ... check it .</td></tr>";}
125.  
126. foreach(array_unique($arz) as $x){
127.  
128. $coms[]=$x;
129. }
130.  
131. foreach($coms as $xmod){
132.  
133. echo "<tr><td>$xmod</td>";
134.  
135. ask_exploit_db($xmod);
136.  
137. }
138.  
139. }
140.  
141. /**************************************************************/
142.  /* Header */
143. function t_header($site){
144.  
145. echo'<table align="center" border="1" width="50%" cellspacing="1" cellpadding="5">';
146.  
147. echo'
148. <tr id="oo">
149. <td>Site : <a href="'.$site.'">'.$site.'</a></td>
150. <td>Exploit-db</b></td>
151. <td>Exploit it !</td>
152. </tr>
153. ';
154.  
155. }
156.  
157. ?>
158. <html>
159. <head>
160. <meta http-equiv="Content-Language" content="en">
161. <meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
162. <title>VULN SCANNER ONLINE</title>
163. <style type="text/css">body {
164.  background-image:url(https://scontent-amt2-1.xx.fbcdn.net/t31.0-8/fr/cp0/e15/q65/13161748_2018079475084811_4250834144748309831_o.jpg);background-position:center;background-color:#414141; }</style>
165. <center>
166. </head>
167.  
168. <body>
169.  
170. <p align="center">&nbsp;</p>
171. <p align="center">&nbsp;</p>
172. <p align="center">&nbsp;</p>
173. <form method="POST" action="">
174.     <p align="center">
175.     &nbsp;</p>
176. <p align="center">
177. <img src=https://lh3.googleusercontent.com/-qg8PY7S9LsM/VtENkUuLg8I/AAAAAAAAAPE/7PnXFF4-3n0/w480-h480/AZZATSSINS.png></p>
178.     <p align="center">
179.     <font size="4"><br></font></p>
180.     <p align="center"><input style="width:30%;height:28px;border:0;padding:0;background:#f9f9f9;color:#8f8f8f;" type="text" name="site" value="http://www.target.mu/"><select style="width:10%;height:28px;background:#e6e6e6;border:0;padding:0;margin:0;color:#7f7f7f;" name="what">
181.     <option>Wordpress</option>
182.     <option>Joomla</option>
183.     <option>Nuke's</option>
184.     <option>Xoops</option>
185.     </select><input style="width:10%;height:28px;background:#e6e6e6;border:0;padding:0;margin:0;color:#7f7f7f;" type="submit" value="Scan"></p>
186. </form>
187. <?
188.  
189. // Start Scan :P :P ...
190.  
191. if($_POST){
192.  
193. $site=strip_tags(trim($_POST['site']));
194.  
195. t_header($site);
196.  
197. echo $x01 = ($_POST['what']=="Wordpress") ? get_plugins($site):"";
198. echo $x02 = ($_POST['what']=="Joomla") ? get_components($site):"";
199. echo $x03 = ($_POST['what']=="Nuke's") ? get_numod($site):"";
200. echo $x04 = ($_POST['what']=="Xoops") ? get_xoomod($site):"";
201.  
202. }
203.  
204. ?>
205. </table>
206.  
207. <p align="center">
208. <b><i>&copy; AZZATSSINS CYBERSERKERS</i></b></p>
209. </body>
210.  
211. </html>