-
-
Save komang4130/8d2ac0f2b503dfb6945182f5f041670c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import os | |
import requests | |
def check_url(_dir): | |
_dir = _dir.split("joomla\\")[1] | |
url = "http://localhost:8072/joomla/" | |
url = url + _dir | |
url = url.replace("\\","/") | |
r = requests.get(url) | |
if "D:\\xampp" in r.text: | |
print url | |
return 1 | |
def check_jexec(dirss): | |
for root, dirs, files in os.walk(dirss): | |
for file in files: | |
if "vendor" not in root: | |
score = 0 | |
if file.endswith(".php"): | |
content = open(root + "\\" + file,'r').read() | |
if "defined('_JEXEC') or die" not in content: | |
score+= 1 | |
if "require_once" in content or "require" in content or "include_once" in content or "include" in content or "use" in content: | |
score+= 1 | |
if score == 2: | |
#print "score: %d" % score | |
if check_url(root + "\\" + file) == 1: | |
print "In %s" % root | |
print "-> %s" % file | |
_dir = "D:\\xampp\\htdocs\\joomla\\" | |
check_jexec(_dir) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment