Joomla Vulnerability Scanner By Ahlspiess
How It Work ?
=Crawling /components/ path , sometimes didnt work because robots.txt Dissallow /components/
Code : -
How To Use ?
1. Save As joomla.php in localhost or website.
2. Go to file,example 127.0.0.1/joomla.php?url=(www.target.com)
3. Copy The Components And Search At exploit-db.com / 1337day.org
How It Work ?
=Crawling /components/ path , sometimes didnt work because robots.txt Dissallow /components/
Code : -
- <?php
- /*
- jComDetect - Joomla Components Detection.
- Copyright (C) 2011 Ahlspiess <ahlspiess@tbdsecurity.com>
- Link: http://rempah-proj.googlecode.com/svn/trunk/PHP/jcomdetect.php
- Ported By Wcypierre <wcypierre@gmail.com>
- http://intizone.net
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation, either version 3 of the License, or
- (at your option) any later version.
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
- $url = $_GET['url'];
- $jMe = new jComDetect($url);
- class jComDetect {
- public $url;
- function __construct($url){
- $this->url = $url;
- $this->init();
- }
- function init() {
- $content = $this->cURL($this->url);
- if(!preg_match("/200 OK/", $content)) {
- $this->msg("[-] Error! 404 Not Found -- By Ahlspiess");
- exit;
- } else {
- print $this->jCheckComp($content);
- }
- }
- function jCheckComp($content) {
- $dupe = array();
- $nstack = array();
- preg_match_all("/Joomla\! (.*?) \-/", $content, $ver);
- $this->msg("[+] Joomla version ".$ver[1][0]);
- #$nstack[] = "joomla ".$ver[1][0];
- preg_match_all("/\/component(s?)\/(.*?)\//", $content, $val_1);
- preg_match_all("/option=(.*?)\&/", $content, $val_2);
- $var1 = explode(',', str_replace("com_com_", "com_", join(',com_', $val_1[2])));
- $var2 = $val_2[1];
- $stack = array_merge($var1, $var2);
- foreach($stack as $unstack) {
- if(!isset($dupe[$unstack]) and !is_null($unstack) and !empty($unstack) and (preg_match("/com_/",$unstack))) {
- $this->msg("[+] Founded {$unstack} Component");
- $nstack[] = $unstack;
- $dupe[$unstack] = true;
- }
- }
- //echo "[Debug]".__fVULN__."\n";
- $this->fVuln($nstack);
- }
- function fVuln($c = array()) {
- $content = "";
- foreach($c as $com) {
- $content .= $this->cURL("http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description={$com}&filter_exploit_text=&filter_author=&filter_platform=31&filter_type=6&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve=");
- }
- preg_match_all("/\<a href=\"http\:\/\/www\.exploit\-db\.com\/exploits\/(.*?)\"\>(.*?)\n/", $content,$me);
- for($i=0;$i<count($me[1]);$i++) {
- $this->msg("[+] ".trim(str_replace("</a>", "", $me[2][$i]))."\n --> http://www.exploit-db.com/exploits/".trim($me[1][$i]));
- }
- }
- function cURL($url) {
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_HEADER, 1);
- curl_setopt($ch, CURLOPT_TIMEOUT, 15);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt($ch, CURLOPT_URL, $url);
- curl_setopt($ch, CURLOPT_USERAGENT, "jVulnComponent Crawler v1-Ahlspiess, Ported by wcypierre");
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- $data = curl_exec($ch);
- if($data) {
- return $data;
- } else {
- return 0;
- }
- }
- function msg($x) {
- printf("%s<br />", $x);
- }
- }
- ?>
How To Use ?
1. Save As joomla.php in localhost or website.
2. Go to file,example 127.0.0.1/joomla.php?url=(www.target.com)
3. Copy The Components And Search At exploit-db.com / 1337day.org
Joomla Vulnerability Scanner By Ahlspiess