joomla scanner

1. <?php
2. /*
3. Joomla Scanner
4. http://youtube.com/user/brazilobscure
5. */
6.  
7.  
8. @set_time_limit (0);
9.  
10. if (!isset ($argv[1]))
11.     die ("\nModo De Usar : php {$argv[0]} sites.txt\n\n");
12.  
13. if (!file_exists ($argv[1]))
14.     die ("\"{$argv[1]}\" Arquivo Nao Encontrado !\n\n");
15.  
16. $urls = file ($argv[1]);
17. echo "\n\n";
18. echo "   ###################################\n";
19. echo "   #                                 #\n";
20. echo "   # *** Brazilians Hackers Team *** #\n";
21. echo "   #                                 #\n";
22. echo "   ###################################\n";
23. echo "\n\n";
24. echo "   SITES CARREGADOS: ".count ($urls)."\n\n";
25.  
26. scan ($urls);
27.  
28. function scan ($urls)
29. {
30.     $path = array (
31.         "com_jce"=>array ("/No function call specified/i"=>"/index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form"),
32.         "com_jnews"=>array ("/(?=Saving your image to)(?!can't open file)/i"=>"/components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_image.php?name=yunus.txt"),
33.         "com_oziogallery"=>array ("/Can't open file for writing/i"=>"/components/com_oziogallery/imagin/scripts_ralcr/filesystem/writeToFile.php"),
34.         "com_oziogallery2"=>array ("/Can't open file for writing/i"=>"/components/com_oziogallery2/imagin/scripts_ralcr/filesystem/writeToFile.php"),
35.         "com_civicrm"=>array ("/(?=Saving your image to)(?!can't open file)/i"=>"/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload_image.php?name=yunus.txt"),
36.         "com_community"=>array ("/No access/i"=>"/components/com_community/index.html"),
37.         "com_media"=>array ("/<input type=\"file\" id=\"upload-file\" name=\"Filedata\" \/>/i"=>"/?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder="),
38.         "com_maianmedia"=>array ("/(?=Saving your image to)(?!can't open file)/i"=>"/administrator/components/com_maianmedia/charts/php-ofc-library/ofc_upload_image.php?name=yunus.txt")
39.     );
40.  
41.     foreach ($urls as $url)
42.     {
43.         $url = trim ($url);
44.         echo "   TESTANDO SITE --> $url\n\n";
45.         foreach ($path as $key=>$paths)
46.         {
47.             echo "\t\t$key : ";
48.             $file = fopen ("$key.txt", "a");
49.             foreach ($paths as $key2=>$p)
50.             {
51.                 $data = @file_get_contents ($url.$p);
52.                 if (preg_match ($key2, $data))
53.                 {
54.                     echo "-------->  ++++ Vulneravel ++++\n\n";
55.                     fwrite ($file, "$url\n");
56.                 }
57.                 else
58.                     echo "Nao Vulneravel\n";
59.             }
60.         }
61.         echo "\n";
62.     }
63. }
64.  
65. ?>