-
Notifications
You must be signed in to change notification settings - Fork 0
/
shell_finder.rb
136 lines (115 loc) · 3.48 KB
/
shell_finder.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
require 'eventmachine'
require 'optparse'
require 'thread'
require 'net/http'
class SHELL_FINDER
def initialize
@headers = {
'Connection' => 'keep-alive',
'Cache-Control' => 'max-age=0',
'Upgrade-Insecure-Requests' => '1',
'User-Agent' => 'Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36',
'Accept' => 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8',
'Accept-Encoding' => 'gzip, deflate',
'Accept-Language' => 'en-US,en;q=0.9,fr;q=0.8',
'referer' => 'www.google.com'
}
@threads = []
@params = {
input_file: nil,
output_file: 'output.txt'
}
end
def parser_options
begin
OptionParser.new do |parser|
parser.on("-i", "--input_file INPUT_FILE") do |input_file|
if File.exist?(input_file)
@params[:input_file] = input_file
else
STDERR.puts("Not Found: #{input_file}".red)
exit(1)
end
end
parser.on("-o", "--output_file OUTPUT_FILE") do |output_file|
@params[:output_file] = output_file
end
end.parse!
rescue Exception => err_parser
STDERR.puts("Error: #{err_parser}")
end
end
def parse_lines(lines)
lines.each do |line|
shell_finder(line.strip)
end
end
def main
begin
unless @params[:input_file].nil?
lines = File.readlines(@params[:input_file])
lines.each_slice(10) do |line_group|
@threads << Thread.new{parse_lines(line_group)}
end
@threads.each(&:join)
puts("Exploit Completed".magenta)
EM.stop
else
puts("Please set a URL file.")
EM.stop
end
rescue StandardError
return
end
end
def shell_finder(url)
begin
target_url = URI.parse(url)
target_url.path = "/wp-includes"
http = Net::HTTP.new(target_url.host, target_url.port)
http.use_ssl = (target_url.scheme = "https")
http.open_timeout = 5
http.read_timeout = 10
request = Net::HTTP::Post.new(target_url)
response = http.request(request)
if request
if response.body.include?('.php')
puts("#{target_url.scheme}:https://#{target_url.host}#{target_url.path} --> Successfully".green)
File.open(@params[:output_file], "a+") do |file|
file.puts(target_url)
end
return
else
puts("#{target_url.scheme}:https://#{target_url.host}#{target_url.path} --> Not Vuln".red)
return
end
else
puts("#{target_url.scheme}:https://#{target_url.host}#{target_url.path} --> Not Vuln".red)
end
rescue Net::ReadTimeout
puts("#{target_url.scheme}:https://#{target_url.host}#{target_url.path}? --> Not Vuln".red)
rescue Net::OpenTimeout
puts("#{target_url.scheme}:https://#{target_url.host}#{target_url.path} --> Not Vuln".red)
return
rescue StandardError
puts("#{target_url.scheme}:https://#{target_url.host}#{target_url.path} --> Not Vuln".red)
return
end
end
end
class String
def red
"\e[31m#{self}\e[0m"
end
def green
"\e[32m#{self}\e[0m"
end
def magenta
"\e[35m#{self}\e[0m"
end
end
EM.run do
finder = SHELL_FINDER.new
finder.parser_options
finder.main
end