GVA SUPPORT
³äïîâ³äü íà çàïèòàííÿ ¹ 1357241802
Text: 
	ԲΠ= Òû õòî?

 Çàïèòàííÿ:<?php
/*
    jComDetect - Joomla Components Detection.
    Copyright (C) 2011  Ahlspiess <ahlspiess@tbdsecurity.com>
 
    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.
 
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
 
    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/
 
$jMe = new jComDetect;
class jComDetect {
 
    var $argv;
 
    function __construct() {
        global $argv;
        $this->argv = $argv;
        if(!isset($this->argv[1])) {
            $this->Help();
        } else {
            $this->argv = $argv;
            $this->init();
        }
    }
     
    function init() {
        $content = $this->cURL($this->argv[1]);
        if(!preg_match("/200 OK/", $content)) {
            $this->msg("[-] Error! 404 Not Found");
            exit;
        } else {
            print $this->jCheckComp($content);
        }
    }
     
    function jCheckComp($content) {
        $dupe = array();
        $nstack = array();
        preg_match_all("/Joomla\! (.*?) \-/", $content, $ver);
        $this->msg("[+] Joomla version ".$ver[1][0]);
        #$nstack[] = "joomla ".$ver[1][0];
        preg_match_all("/\/component(s?)\/(.*?)\//", $content, $val_1);
        preg_match_all("/option=(.*?)\&/", $content, $val_2);
        $var1 = explode(',', str_replace("com_com_", "com_", join(',com_', $val_1[2])));
        $var2 = $val_2[1];
        $stack = array_merge($var1, $var2);
        foreach($stack as $unstack) {
            if(!isset($dupe[$unstack]) and !is_null($unstack) and !empty($unstack) and (preg_match("/com_/", $unstack))) {
                $this->msg("[+] Founded {$unstack} Component");
                $nstack[] = $unstack;
                $dupe[$unstack] = true;
            }
        }
        echo "[Debug]".__fVULN__."\n";
        $this->fVuln($nstack);
    }
     
    function fVuln($c = array()) {
        $content = "";
        foreach($c as $com) {
            $content .= $this->cURL("http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description={$com}&filter_exploit_text=&filter_author=&filter_platform=31&filter_type=6&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve=");
        }
        preg_match_all("/\<a  href=\"http\:\/\/www\.exploit\-db\.com\/exploits\/(.*?)\"\>(.*?)\n/", $content, $me);
        for($i=0;$i<count($me[1]);$i++) {
            $this->msg("[+] ".trim(str_replace("</a>", "", $me[2][$i]))."\n --> http://www.exploit-db.com/exploits/".trim($me[1][$i]));
        }
         
    }
     
    function cURL($url) {
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_HEADER, 1);
        curl_setopt($ch, CURLOPT_TIMEOUT, 15);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_USERAGENT, "jVulnComponent Crawler v1-Ahlspiess");
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
        $data = curl_exec($ch);
        if($data) {
            return $data;
        } else {
            return 0;
        }
    }
     
    function Help() {
        $this->msg("Usage: php ".$this->argv[0]." <host/path>");
        $this->msg("Example: php ".$this->argv[0]." www.joomla.org/joomla/");
        $this->msg("Example: php ".$this->argv[0]." http://www.joomla.org/joomla/");
        exit;
    }
     
    function msg($x) {
        printf("%s\n", $x);
    }
 
}
 
?>

====================================
Âàøà â³äïîâ³äü