API tools faq
paste
inj3ctor_m4

Joomla & Wordpress Server Scanner

inj3ctor_m4
Nov 19th, 2014
1,229
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 4.02 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. set_time_limit(0);
  3. error_reporting(0);
  4. $options=getopt('j:w:');
  5. if(isset($options['j'])){
  6. echo"\r\n\t\tJoomla S3RV3R SC4NN3R\r\n";
  7. $ch=curl_init();
  8. foreach(joom_bing($options['j']) as $link){
  9. curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
  10. curl_setopt($ch,CURLOPT_URL,$link.'/administrator/');
  11. curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,0);
  12. curl_setopt($ch,CURLOPT_USERAGENT,'Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)');
  13. curl_setopt($ch,CURLOPT_TIMEOUT,30);
  14. $data=curl_exec($ch);
  15. if(preg_match('/Joomla!/',$data)){
  16. echo"\r\n-Link:\n";
  17. echo"\t$link\n";
  18. echo"-Composent:\n";
  19. if(count(jos_composent($link))>0){
  20. foreach(jos_composent($link) as $com){
  21. if(ask_exploit($com) == true){
  22. echo"\t$com =\t./Infected\r\n";
  23. $f=fopen($com.'.txt', 'ab');
  24. fwrite($f, $link."\r\n");
  25. fclose($f);
  26. }else{
  27. echo"\t$com\r\n";
  28. }
  29. }
  30. }else{
  31. echo"\tThere is No Composent\n";
  32. }
  33. }
  34. }
  35. curl_close($ch);
  36. }else if(isset($options['w'])){
  37. echo"\r\n\t\tWordpress S3RV3R GR4BB3R\r\n\n";
  38. $ch=curl_init();
  39. foreach(wp_bing($options['w']) as $link){
  40. curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
  41. curl_setopt($ch,CURLOPT_URL,$link.'/wp-login.php');
  42. curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,0);
  43. curl_setopt($ch,CURLOPT_USERAGENT,'Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)');
  44. curl_setopt($ch,CURLOPT_TIMEOUT,30);
  45. $data=curl_exec($ch);
  46. if(preg_match('/wp_attempt_focus/',$data)){
  47. echo"$link ...OK!\r\n";
  48. $f=fopen($options['w'].'-wp.txt', 'ab');
  49. fwrite($f, $link."\r\n");
  50. fclose($f);
  51. }
  52. }
  53. curl_close($ch);
  54. }else{
  55. echo"\r\n\t[!] Usage ex: php $argv[0] -(j,w) 127.0.0.1\r\n";
  56. }
  57. function joom_bing($ip){
  58. $ch=curl_init();
  59. $i=1;
  60. while($i){
  61. curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
  62. curl_setopt($ch,CURLOPT_URL,"http://www.bing.com/search?q=".urlencode("ip:$ip index.php?option=com")."&first=$i");
  63. curl_setopt($ch,CURLOPT_COOKIEFILE,'cookie.txt');
  64. curl_setopt($ch,CURLOPT_COOKIEJAR,'cookie.txt');
  65. curl_setopt($ch,CURLOPT_USERAGENT,"SamsungI8910/SymbianOS/9.1 Series60/3.0");
  66. $data=curl_exec($ch);
  67. preg_match_all('#<h2 class="sb_h3 cttl"><a href="(.*?)"#i',$data,$matches);
  68. foreach($matches[1] as $link){
  69. if(preg_match('/option/',$link)){
  70. $parse=pathinfo($link);
  71. $alllinks[]=$parse['dirname'];
  72. }
  73. }
  74. if(!preg_match('#class="sb_pagN"#i',$data)) break;
  75. $i+=10;
  76. }
  77. curl_close($ch);
  78. if(!empty($alllinks) && is_array($alllinks)){
  79. return array_filter(array_unique($alllinks));
  80. }
  81. }
  82. function jos_composent($link){
  83. $ch=curl_init();
  84. curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
  85. curl_setopt($ch,CURLOPT_URL,$link.'/');
  86. curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,0);
  87. curl_setopt($ch,CURLOPT_USERAGENT,'Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)');
  88. curl_setopt($ch,CURLOPT_TIMEOUT,30);
  89. $data=curl_exec($ch);
  90. curl_close($ch);
  91. preg_match_all('{option,(.*?)/}i',$data,$f);
  92. preg_match_all('{option=(.*?)(&amp;|&|")}i',$data,$f2);
  93. preg_match_all('{/components/(.*?)/}i',$data,$f3);
  94. return array_filter(array_unique(array_merge($f2[1],$f[1],$f3[1])));
  95. }
  96. function ask_exploit($com){
  97. $ch=curl_init();
  98. curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
  99. curl_setopt($ch,CURLOPT_URL,'http://joomlaexploit.com/');
  100. $data=curl_exec($ch);
  101. curl_close($ch);
  102. if(preg_match("#$com#",$data)){ return true;
  103. }else{ return false; }
  104. }
  105. function wp_bing($ip){
  106. $ch=curl_init();
  107. $i=1;
  108. while($i){
  109. curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
  110. curl_setopt($ch,CURLOPT_URL,"http://www.bing.com/search?q=".urlencode("ip:$ip /?page_id=")."&first=$i");
  111. curl_setopt($ch,CURLOPT_COOKIEFILE,'cookie.txt');
  112. curl_setopt($ch,CURLOPT_COOKIEJAR,'cookie.txt');
  113. curl_setopt($ch,CURLOPT_USERAGENT,"SamsungI8910/SymbianOS/9.1 Series60/3.0");
  114. $data=curl_exec($ch);
  115. preg_match_all('#<h2 class="sb_h3 cttl"><a href="(.*?)"#i',$data,$matches);
  116. foreach($matches[1] as $link){
  117. if(preg_match('/page_id=/',$link)){
  118. $parse=pathinfo($link);
  119. $alllinks[]=$parse['dirname'];
  120. }
  121. }
  122. if(!preg_match('#class="sb_pagN"#i',$data)) break;
  123. $i+=10;
  124. }
  125. curl_close($ch);
  126. if(!empty($alllinks) && is_array($alllinks)){
  127. return array_filter(array_unique($alllinks));
  128. }
  129. }
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!