API tools faq
paste
Advertisement
Anubis_MSF

vbulltin 0day exploit checker.py

Anubis_MSF
Sep 22nd, 2013
262
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 2.88 KB | None | 0 0
raw download clone embed print report
  1. import urllib2,sys,webbrowser
  2.  
  3. global customer
  4. customer = 'var CUSTNUMBER = '
  5.  
  6. def parseURL(url):
  7.     for i in url:
  8.         if not url.endswith('/'):
  9.             url = url[:-1]
  10.         elif url.endswith('/'):
  11.             return url
  12.  
  13. def forum_install_upgrade(link):
  14.     link = parseURL(link)
  15.     if 'forum/install/upgrade.php' not in link: link += 'forum/install/upgrade.php'
  16.     try:
  17.         conn2 = urllib2.urlopen(link)
  18.         response = conn2.getcode()
  19.     except urllib2.HTTPError:
  20.         print '[-] %s do not exist' % link
  21.         print '[-] Website is not Vulnerable'
  22.     else:
  23.         print "[+] Found upgrade.php file\n[+] Searching for customer hash"
  24.         page = conn2.read()
  25.         if customer in page:
  26.             print '[+] Found customer hash\n[+] Website is exploitable. Please go to\n\n\t http://zeroh4ck3r.nazuka.net/0day.php \n\nand exploit the forum'
  27.             yes = raw_input("Press Enter to go to that link, Any key to quit ")
  28.             if yes == '': webbrowser.open('http://zeroh4ck3r.nazuka.net/0day.php')
  29.             else : exit
  30.         elif customer not in page:
  31.             print '[+] Customer hash not found\n[-] Website is not vulnerable to this 0day exploit'
  32.                
  33.        
  34. def install_upgrade(link):
  35.     if 'install/upgrade.php' not in link: link += 'install/upgrade.php'
  36.     try:
  37.         conn = urllib2.urlopen(link)
  38.         resp = conn.getcode()
  39.            
  40.     except urllib2.HTTPError:
  41.         print '[-] %s do not exist' % link
  42.         print '[+] Trying %sforum/install/upgrade.php' % original_link
  43.         forum_install_upgrade(original_link)
  44.        
  45.     else:
  46.         print '[+] Found upgrade.php file'
  47.         print '[+] Searching for Customer hash'
  48.         page = conn.read()
  49.         if customer in page:
  50.             print '[+] Found customer hash\n[+] Website is exploitable. Please go to\n\n\t http://zeroh4ck3r.nazuka.net/0day.php \n\nand exploit the forum'
  51.             yes = raw_input("Press Enter to go to that link, Any key to quit ")
  52.             if yes == '': webbrowser.open('http://zeroh4ck3r.nazuka.net/0day.php')
  53.             else : exit
  54.         elif customer not in page:
  55.             print '[-] Customer hash not found\n[-] Website is not vulnerable to this 0day exploit'
  56.  
  57.        
  58.            
  59. def main():
  60.     global original_link
  61.     print '''
  62. Vbulltin 0Day Exploit checker Script
  63.  
  64. By [Anubis/zero] Myanmar Security Forum Moderator
  65.  
  66. My email: z3r0.mhu@gmail.com
  67. My fb : www.facebook.com/zerouplink
  68. '''
  69.     original_link = raw_input('Enter website : ')
  70.     if not original_link.endswith('/') : original_link = original_link + '/'
  71.     if 'http://' not in original_link: original_link = 'http://' + original_link
  72.  
  73.     print "[+] Locating upgrade.php file"
  74.     print "[+] Trying %sinstall/upgrade.php" % original_link
  75.     install_upgrade(original_link)
  76.    
  77.  
  78.  
  79. if __name__ == '__main__':
  80.     main()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!