API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 25th, 2018
149
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.92 KB | None | 0 0
raw download clone embed print report
  1. <html>
  2. <title>WordPress TimThumb Finder</title>
  3. <?php
  4. /*
  5. * WordPress TimThumb Finder
  6. * Author : P4kL0nc4t
  7. * Date : 07/01/2018
  8. * Adapted from Wordpress TimThumb Finder v1.0 by Rafay Baloch (Python) -> https://dl.packetstormsecurity.net/UNIX/scanners/wptimthumb-scanner.txt
  9. */
  10. if(isset($_REQUEST['url'])) {
  11. $payload = array(
  12. '/timthumb.php',
  13. '/wp-content/plugins/cac-featured-content/timthumb.php?src=../../../',
  14. '/wp-content/plugins/category-grid-view-gallery/includes/timthumb.php?src=../../../',
  15. '/wp-content/plugins/category-list-portfolio-page/scripts/timthumb.php?src=../../../',
  16. '/wp-content/plugins/cms-pack/timthumb.php?src=../../../',
  17. '/wp-content/plugins/dp-thumbnail/timthumb/timthumb.php?src=../../../',
  18. '/wp-content/plugins/extend-wordpress/helpers/timthumb/image.php?src=../../../',
  19. '/wp-content/plugins/islidex/js/timthumb.php?src=../../../',
  20. '/wp-content/themes/vulcan/timthumb.php?src=../../../',
  21. '/wp-content/plugins/kino-gallery/timthumb.php?src=../../../',
  22. '/wp-content/themes/orangemantra/functions/thumb.php?src=../../../../',
  23. '/wp-content/plugins/lisl-last-image-slider/timthumb.php?src=../../../',
  24. '/wp-content/plugins/really-easy-slider/inc/thumb.php?src=../../../',
  25. '/wp-content/plugins/rent-a-car/libs/timthumb.php?src=../../../',
  26. '/wp-content/plugins/verve-meta-boxes/tools/timthumb.php?src=../../../',
  27. '/wp-content/plugins/vk-gallery/lib/timthumb.php?src=../../../',
  28. '/wp-content/plugins/wp-marketplace/libs/timthumb.php?src=../../../',
  29. '/wp-content/themes/13Floor/timthumb.php?src=../../../',
  30. '/wp-content/themes/advanced-newspaper/timthumb.php?src=../../../',
  31. '/wp-content/themes/Aggregate/thumb.php?src=../../../',
  32. '/wp-content/themes/Aggregate/timthumb.php?src=../../../',
  33. '/wp-content/themes/AmphionPro/script/timthumb.php?src=../../../',
  34. '/wp-content/themes/aperture/thumb.php?src=../../../',
  35. '/wp-content/themes/aperture/timthumb.php?src=../../../',
  36. '/wp-content/themes/arras/library/timthumb.php?src=../../../',
  37. '/wp-content/themes/arras-theme/library/timthumb.php?src=../../../',
  38. '/wp-content/themes/Avenue/timthumb.php?src=../../../',
  39. '/wp-content/themes/backstage/thumb.php?src=../../../',
  40. '/wp-content/themes/backstage/timthumb.php?src=../../../',
  41. '/wp-content/themes/Basic/timthumb.php?src=../../../',
  42. '/wp-content/themes/biznizz/thumb.php?src=../../../',
  43. '/wp-content/themes/biznizz/timthumb.php?src=../../../',
  44. '/wp-content/themes/Bold/timthumb.php?src=../../../',
  45. '/wp-content/themes/boldnews/thumb.php?src=../../../',
  46. '/wp-content/themes/boldnews/timthumb.php?src=../../../',
  47. '/wp-content/themes/broadcast/thumb.php?src=../../../',
  48. '/wp-content/themes/bt/includes/timthumb.php?src=../../../',
  49. '/wp-content/themes/bueno/thumb.php?src=../../../',
  50. '/wp-content/themes/bueno/timthumb.php?src=../../../',
  51. '/wp-content/themes/busybee/thumb.php?src=../../../',
  52. '/wp-content/themes/busybee/timthumb.php?src=../../../',
  53. '/wp-content/themes/c3/thumb.php?src=../../../',
  54. '/wp-content/themes/cadabrapress/scripts/timthumb.php?src=../../../',
  55. '/wp-content/themes/canvas/thumb.php?src=../../../',
  56. '/wp-content/themes/canvas/timthumb.php?src=../../../',
  57. '/wp-content/themes/CFWProfessional/timthumb.php?src=../../../',
  58. '/wp-content/themes/Chameleon/timthumb.php?src=../../../',
  59. '/wp-content/themes/city/scripts/timthumb.php?src=../../../',
  60. '/wp-content/themes/cityguide/timthumb.php?src=../../../',
  61. '/wp-content/themes/coda/thumb.php?src=../../../',
  62. '/wp-content/themes/coffeebreak/thumb.php?src=../../../',
  63. '/wp-content/themes/coffeebreak/timthumb.php?src=../../../',
  64. '/wp-content/themes/coffeedesk/includes/timthumb.php?src=../../../',
  65. '/wp-content/themes/comfy%20pro/thumb.php?src=../../../',
  66. '/wp-content/themes/continuum/thumb.php?src=../../../',
  67. '/wp-content/themes/continuum/timthumb.php?src=../../../',
  68. '/wp-content/themes/crisp/thumb.php?src=../../../',
  69. '/wp-content/themes/crisp/timthumb.php?src=../../../',
  70. '/wp-content/themes/cruz/scripts/timthumb.php?src=../../../',
  71. '/wp-content/themes/dailyedition/thumb.php?src=../../../',
  72. '/wp-content/themes/dandelion_v2.6.1/functions/timthumb.php?src=../../../',
  73. '/wp-content/themes/dandelion_v2.6.3/functions/timthumb.php?src=../../../',
  74. '/wp-content/themes/dandelion_v2.6.4/functions/timthumb.php?src=../../../',
  75. '/wp-content/themes/dcric/scripts/timthumb.php?src=../../../',
  76. '/wp-content/themes/DeepBlue/timthumb.php?src=../../../',
  77. '/wp-content/themes/deep-blue/timthumb.php?src=../../../',
  78. '/wp-content/themes/DeepFocus/thumb.php?src=../../../',
  79. '/wp-content/themes/DeepFocus/timthumb.php?src=../../../',
  80. '/wp-content/themes/delegate/thumb.php?src=../../../',
  81. '/wp-content/themes/delegate/timthumb.php?src=../../../',
  82. '/wp-content/themes/delicate/thumb.php?src=../../../',
  83. '/wp-content/themes/delicate/timthumb.php?src=../../../',
  84. '/wp-content/themes/DelicateNews/timthumb.php?src=../../../',
  85. '/wp-content/themes/deliciousmagazine/thumb.php?src=../../../',
  86. '/wp-content/themes/deliciousmagazine/timthumb.php?src=../../../',
  87. '/wp-content/themes/delight/scripts/timthumb.php?src=../../../',
  88. '/wp-content/themes/develop/thumb.php?src=../../../',
  89. '/wp-content/themes/diarise/thumb.php?src=../../../',
  90. '/wp-content/themes/digitalfarm/thumb.php?src=../../../',
  91. '/wp-content/themes/directory/timthumb.php?src=../../../',
  92. '/wp-content/themes/dualshockers2/thumb.php?src=../../../',
  93. '/wp-content/themes/duotive-three/includes/timthumb.php?src=../../../',
  94. '/wp-content/themes/EarthlyTouch/timthumb.php?src=../../../',
  95. '/wp-content/themes/eBusiness/timthumb.php?src=../../../',
  96. '/wp-content/themes/ecobiz/timthumb.php?src=../../../',
  97. '/wp-content/themes/editorial/thumb.php?src=../../../',
  98. '/wp-content/themes/ElegantEstate/thumb.php?src=../../../',
  99. '/wp-content/themes/ElegantEstate/timthumb.php?src=../../../',
  100. '/wp-content/themes/eNews/thumb.php?src=../../../',
  101. '/wp-content/themes/eNews/timthumb.php?src=../../../',
  102. '/wp-content/themes/envision/thumb.php?src=../../../',
  103. '/wp-content/themes/ephoto/thumb.php?src=../../../',
  104. '/wp-content/themes/ePhoto/timthumb.php?src=../../../',
  105. '/wp-content/themes/equator/timthumb.php?src=../../../',
  106. '/wp-content/themes/eStore/timthumb.php?src=../../../',
  107. '/wp-content/themes/Event/timthumb.php?src=../../../',
  108. '/wp-content/themes/Feather/timthumb.php?src=../../../',
  109. '/wp-content/themes/flashnews/thumb.php?src=../../../',
  110. '/wp-content/themes/freshnews/thumb.php?src=../../../',
  111. '/wp-content/themes/G6Feature/includes/thumb.php?src=../../../',
  112. '/wp-content/themes/gallant/thumb.php?src=../../../',
  113. '/wp-content/themes/gazette/thumb.php?src=../../../',
  114. '/wp-content/themes/gazette/timthumb.php?src=../../../',
  115. '/wp-content/themes/Glow/timthumb.php?src=../../../',
  116. '/wp-content/themes/GrungeMag/timthumb.php?src=../../../',
  117. '/wp-content/themes/headlines/thumb.php?src=../../../',
  118. '/wp-content/themes/headlines/timthumb.php?src=../../../',
  119. '/wp-content/themes/headlines_enhanced_v2/thumb.php?src=../../../',
  120. '/wp-content/themes/idris/images/timthumb.php?src=../../../',
  121. '/wp-content/themes/impacto/thumb.php?src=../../../',
  122. '/wp-content/themes/insignio/images/timthumb.php?src=../../../',
  123. '/wp-content/themes/InterPhase/timthumb.php?src=../../../',
  124. '/wp-content/themes/kingsize/timthumb.php?src=../../../',
  125. '/wp-content/themes/lifestyle/thumb.php?src=../../../',
  126. '/wp-content/themes/LightBright/timthumb.php?src=../../../',
  127. '/wp-content/themes/Linepress/timthumb.php?src=../../../',
  128. '/wp-content/themes/livewire/thumb.php?src=../../../',
  129. '/wp-content/themes/mademan/scripts/timthumb.php?src=../../../',
  130. '/wp-content/themes/Magnificent/thumb.php?src=../../../',
  131. '/wp-content/themes/manifesto/scripts/timthumb.php?src=../../../',
  132. '/wp-content/themes/Max/thumb.php?src=../../../',
  133. '/wp-content/themes/Memoir/thumb.php?src=../../../',
  134. '/wp-content/themes/mimbo/scripts/timthumb.php?src=../../../',
  135. '/wp-content/themes/mimbopro/scripts/timthumb.php?src=../../../',
  136. '/wp-content/themes/minecraftapps.com/scripts/timthumb.php?src=../../../',
  137. '/wp-content/themes/mini-lab/functions/timthumb.php?src=../../../',
  138. '/wp-content/themes/Modest/thumb.php?src=../../../',
  139. '/wp-content/themes/Modest/timthumb.php?src=../../../',
  140. '/wp-content/themes/modularity/includes/timthumb.php?src=../../../',
  141. '/wp-content/themes/modularity2/includes/timthumb.php?src=../../../',
  142. '/wp-content/themes/multidesign/scripts/timthumb.php?src=../../../',
  143. '/wp-content/themes/muse/scripts/timthumb.php?src=../../../',
  144. '/wp-content/themes/myjourney/thumb.php?src=../../../',
  145. '/wp-content/themes/myjourney_3.1/thumb.php?src=../../../',
  146. '/wp-content/themes/MyProduct/timthumb.php?src=../../../',
  147. '/wp-content/themes/NewsPro/timthumb.php?src=../../../',
  148. '/wp-content/themes/Nova/timthumb.php?src=../../../',
  149. '/wp-content/themes/Nyke/timthumb.php?src=../../../',
  150. '/wp-content/themes/ocram_2/thumb.php?src=../../../',
  151. '/wp-content/themes/optimize/thumb.php?src=../../../',
  152. '/wp-content/themes/optimize/timthumb.php?src=../../../',
  153. '/wp-content/themes/OptimizePress/timthumb.php?src=../../../',
  154. '/wp-content/themes/overeasy/timthumb.php?src=../../../',
  155. '/wp-content/themes/pearlie_14%20dec/scripts/timthumb.php?src=../../../',
  156. '/wp-content/themes/PersonalPress/timthumb.php?src=../../../',
  157. '/wp-content/themes/photoria/scripts/timthumb.php?src=../../../',
  158. '/wp-content/themes/photo-workshop/includes/timthumb.php?src=../../../',
  159. '/wp-content/themes/Polished/timthumb.php?src=../../../',
  160. '/wp-content/themes/postcard/thumb.php?src=../../../',
  161. '/wp-content/themes/premiumnews/thumb.php?src=../../../',
  162. '/wp-content/themes/premiumnews/timthumb.php?src=../../../',
  163. '/wp-content/themes/productum/thumb.php?src=../../../',
  164. '/wp-content/themes/profitstheme/thumb.php?src=../../../',
  165. '/wp-content/themes/prosto/functions/thumb.php?src=../../../',
  166. '/wp-content/themes/PureType/timthumb.php?src=../../../',
  167. '/wp-content/themes/purevision/scripts/timthumb.php?src=../../../',
  168. '/wp-content/themes/Quadro/timthumb.php?src=../../../',
  169. '/wp-content/themes/redlight/includes/timthumb.php?src=../../..//coffeebreak/thumb.php?src=../../../',
  170. '/wp-content/themes/Reporter/timthumb.php?src=../../../',
  171. '/wp-content/themes/retreat/thumb.php?src=../../../',
  172. '/wp-content/themes/rockstar/thumb.php?src=../../../',
  173. '/wp-content/themes/rockwell_v1.5/scripts/timthumb.php?src=../../../',
  174. '/wp-content/themes/rt_crystalline_wp/thumb.php?src=../../../',
  175. '/wp-content/themes/rt_panacea_wp/thumb.php?src=../../../',
  176. '/wp-content/themes/rt_syndicate_wp/thumb.php?src=../../../',
  177. '/wp-content/themes/sealight/thumb.php?src=../../../',
  178. '/wp-content/themes/SimplePress/timthumb.php?src=../../../',
  179. '/wp-content/themes/simplicity/thumb.php?src=../../../',
  180. '/wp-content/themes/simplicity/timthumb.php?src=../../../',
  181. '/wp-content/themes/skeptical/thumb.php?src=../../../',
  182. '/wp-content/themes/skeptical/timthumb.php?src=../../../',
  183. '/wp-content/themes/snapshot/thumb.php?src=../../../',
  184. '/wp-content/themes/snapshot/timthumb.php?src=../../../',
  185. '/wp-content/themes/spectrum/thumb.php?src=../../../',
  186. '/wp-content/themes/spectrum/timthumb.php?src=../../../',
  187. '/wp-content/themes/telegraph/scripts/timthumb.php?src=../../../',
  188. '/wp-content/themes/TheCorporation/timthumb.php?src=../../../',
  189. '/wp-content/themes/themorningafter/thumb.php?src=../../../',
  190. '/wp-content/themes/TheProfessional/timthumb.php?src=../../../',
  191. '/wp-content/themes/therapy/thumb.php?src=../../../',
  192. '/wp-content/themes/TheSource/timthumb.php?src=../../../',
  193. '/wp-content/themes/thestation/thumb.php?src=../../../',
  194. '/wp-content/themes/thestation/timthumb.php?src=../../../',
  195. '/wp-content/themes/TheStyle/timthumb.php?src=../../../',
  196. '/wp-content/themes/tma/thumb.php?src=../../../',
  197. '/wp-content/themes/Transcript/thumb.php?src=../../../',
  198. '/wp-content/themes/Transcript/timthumb.php?src=../../../',
  199. '/wp-content/themes/tribune/scripts/timthumb.php?src=../../../',
  200. '/wp-content/themes/typebased/thumb.php?src=../../../',
  201. '/wp-content/themes/typebased/timthumb.php?src=../../../',
  202. '/wp-content/themes/u-design/scripts/timthumb.php?src=../../../',
  203. '/wp-content/themes/vibrantcms/thumb.php?src=../../../',
  204. '/wp-content/themes/vulcan/timthumb.php?src=../../../',
  205. '/wp-content/themes/watercolor/includes/timthumb.php?src=../../../',
  206. '/wp-content/themes/waves/functions/timthumb.php?src=../../../',
  207. '/wp-content/themes/welcome_inn/timthumb.php?src=../../../',
  208. '/wp-content/themes/WhosWho/timthumb.php?src=../../../',
  209. '/wp-content/themes/widescreen/includes/timthumb.php?src=../../../',
  210. '/wp-content/themes/wootube/thumb.php?src=../../../',
  211. '/wp-content/themes/wp-clear-prem/scripts/timthumb.php?src=../../../',
  212. '/wp-content/themes/WPCMS2/scripts/timthumb.php?src=../../../',
  213. '/wp-content/themes/zenko/scripts/timthumb.php?src=../../../'
  214. );
  215. $url = $_REQUEST['url'];
  216. echo "<pre><strong>WordPress TimThumb Finder: Result</strong><hr>";
  217. function status($a, $b){
  218. echo "$a: <strong>$b</strong>\n";
  219. }
  220. $found = FALSE;
  221. foreach ($payload as $uri) {
  222. $ch = curl_init();
  223. curl_setopt($ch, CURLOPT_URL, $url . $uri);
  224. curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
  225. $resp = curl_exec($ch);
  226. $info = curl_getinfo($ch);
  227. curl_close($ch);
  228. if(strpos($resp, "TimThumb version") !== FALSE) {
  229. status("url", $info['url']);
  230. status("found", "true");
  231. status("http_code", $info['http_code']);
  232. $found = TRUE;
  233. preg_match("/TimThumb version : (.*)/", $resp, $version, PREG_OFFSET_CAPTURE);
  234. $version = $version[1][0];
  235. $version = str_replace("</pre>", "", $version);
  236. status("version", $version);
  237. if(version_compare($version, "2.8.11") == -1) {
  238. status("vulnerable", "true");
  239. break;
  240. } else {
  241. status("vulnerable", "false");
  242. }
  243.  
  244. }
  245. }
  246. $found == FALSE ? status("found", "false") : "";
  247. echo "<a href='?'>Back to home</a></pre>";
  248. } else {
  249. ?>
  250. <pre><strong>WordPress TimThumb Finder</strong><hr>/*
  251. * Wordpress TimThumb Finder
  252. * Author : P4kL0nc4t
  253. * Date : 07/01/2018
  254. * Adapted from <a href="https://dl.packetstormsecurity.net/UNIX/scanners/wptimthumb-scanner.txt" style="color: inherit">WordPress TimThumb Finder v1.0 by Rafay Baloch (Python)</a>
  255. */</pre>
  256. <form>
  257. <label>URL: </label>
  258. <input type="text" placeholder="http://site.com" name="url">
  259. <button type="submit">Find!</button>
  260. </form>
  261. <?php
  262. }
  263. ?>
  264. <hr>
  265. <pre>Copyright &copy; <strong>P4kL0nc4t</strong> <?= date("Y"); ?></pre></html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!