Created
January 7, 2018 16:30
-
-
Save ttycelery/a2271a2a038a3a195c87881765a61b81 to your computer and use it in GitHub Desktop.
WordPress TimThumb Finder
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <title>WordPress TimThumb Finder</title> | |
| <?php | |
| /* | |
| * WordPress TimThumb Finder | |
| * Author : P4kL0nc4t | |
| * Date : 07/01/2018 | |
| * Adapted from Wordpress TimThumb Finder v1.0 by Rafay Baloch (Python) -> https://dl.packetstormsecurity.net/UNIX/scanners/wptimthumb-scanner.txt | |
| */ | |
| if(isset($_REQUEST['url'])) { | |
| $payload = array( | |
| '/timthumb.php', | |
| '/wp-content/plugins/cac-featured-content/timthumb.php?src=../../../', | |
| '/wp-content/plugins/category-grid-view-gallery/includes/timthumb.php?src=../../../', | |
| '/wp-content/plugins/category-list-portfolio-page/scripts/timthumb.php?src=../../../', | |
| '/wp-content/plugins/cms-pack/timthumb.php?src=../../../', | |
| '/wp-content/plugins/dp-thumbnail/timthumb/timthumb.php?src=../../../', | |
| '/wp-content/plugins/extend-wordpress/helpers/timthumb/image.php?src=../../../', | |
| '/wp-content/plugins/islidex/js/timthumb.php?src=../../../', | |
| '/wp-content/themes/vulcan/timthumb.php?src=../../../', | |
| '/wp-content/plugins/kino-gallery/timthumb.php?src=../../../', | |
| '/wp-content/themes/orangemantra/functions/thumb.php?src=../../../../', | |
| '/wp-content/plugins/lisl-last-image-slider/timthumb.php?src=../../../', | |
| '/wp-content/plugins/really-easy-slider/inc/thumb.php?src=../../../', | |
| '/wp-content/plugins/rent-a-car/libs/timthumb.php?src=../../../', | |
| '/wp-content/plugins/verve-meta-boxes/tools/timthumb.php?src=../../../', | |
| '/wp-content/plugins/vk-gallery/lib/timthumb.php?src=../../../', | |
| '/wp-content/plugins/wp-marketplace/libs/timthumb.php?src=../../../', | |
| '/wp-content/themes/13Floor/timthumb.php?src=../../../', | |
| '/wp-content/themes/advanced-newspaper/timthumb.php?src=../../../', | |
| '/wp-content/themes/Aggregate/thumb.php?src=../../../', | |
| '/wp-content/themes/Aggregate/timthumb.php?src=../../../', | |
| '/wp-content/themes/AmphionPro/script/timthumb.php?src=../../../', | |
| '/wp-content/themes/aperture/thumb.php?src=../../../', | |
| '/wp-content/themes/aperture/timthumb.php?src=../../../', | |
| '/wp-content/themes/arras/library/timthumb.php?src=../../../', | |
| '/wp-content/themes/arras-theme/library/timthumb.php?src=../../../', | |
| '/wp-content/themes/Avenue/timthumb.php?src=../../../', | |
| '/wp-content/themes/backstage/thumb.php?src=../../../', | |
| '/wp-content/themes/backstage/timthumb.php?src=../../../', | |
| '/wp-content/themes/Basic/timthumb.php?src=../../../', | |
| '/wp-content/themes/biznizz/thumb.php?src=../../../', | |
| '/wp-content/themes/biznizz/timthumb.php?src=../../../', | |
| '/wp-content/themes/Bold/timthumb.php?src=../../../', | |
| '/wp-content/themes/boldnews/thumb.php?src=../../../', | |
| '/wp-content/themes/boldnews/timthumb.php?src=../../../', | |
| '/wp-content/themes/broadcast/thumb.php?src=../../../', | |
| '/wp-content/themes/bt/includes/timthumb.php?src=../../../', | |
| '/wp-content/themes/bueno/thumb.php?src=../../../', | |
| '/wp-content/themes/bueno/timthumb.php?src=../../../', | |
| '/wp-content/themes/busybee/thumb.php?src=../../../', | |
| '/wp-content/themes/busybee/timthumb.php?src=../../../', | |
| '/wp-content/themes/c3/thumb.php?src=../../../', | |
| '/wp-content/themes/cadabrapress/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/canvas/thumb.php?src=../../../', | |
| '/wp-content/themes/canvas/timthumb.php?src=../../../', | |
| '/wp-content/themes/CFWProfessional/timthumb.php?src=../../../', | |
| '/wp-content/themes/Chameleon/timthumb.php?src=../../../', | |
| '/wp-content/themes/city/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/cityguide/timthumb.php?src=../../../', | |
| '/wp-content/themes/coda/thumb.php?src=../../../', | |
| '/wp-content/themes/coffeebreak/thumb.php?src=../../../', | |
| '/wp-content/themes/coffeebreak/timthumb.php?src=../../../', | |
| '/wp-content/themes/coffeedesk/includes/timthumb.php?src=../../../', | |
| '/wp-content/themes/comfy%20pro/thumb.php?src=../../../', | |
| '/wp-content/themes/continuum/thumb.php?src=../../../', | |
| '/wp-content/themes/continuum/timthumb.php?src=../../../', | |
| '/wp-content/themes/crisp/thumb.php?src=../../../', | |
| '/wp-content/themes/crisp/timthumb.php?src=../../../', | |
| '/wp-content/themes/cruz/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/dailyedition/thumb.php?src=../../../', | |
| '/wp-content/themes/dandelion_v2.6.1/functions/timthumb.php?src=../../../', | |
| '/wp-content/themes/dandelion_v2.6.3/functions/timthumb.php?src=../../../', | |
| '/wp-content/themes/dandelion_v2.6.4/functions/timthumb.php?src=../../../', | |
| '/wp-content/themes/dcric/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/DeepBlue/timthumb.php?src=../../../', | |
| '/wp-content/themes/deep-blue/timthumb.php?src=../../../', | |
| '/wp-content/themes/DeepFocus/thumb.php?src=../../../', | |
| '/wp-content/themes/DeepFocus/timthumb.php?src=../../../', | |
| '/wp-content/themes/delegate/thumb.php?src=../../../', | |
| '/wp-content/themes/delegate/timthumb.php?src=../../../', | |
| '/wp-content/themes/delicate/thumb.php?src=../../../', | |
| '/wp-content/themes/delicate/timthumb.php?src=../../../', | |
| '/wp-content/themes/DelicateNews/timthumb.php?src=../../../', | |
| '/wp-content/themes/deliciousmagazine/thumb.php?src=../../../', | |
| '/wp-content/themes/deliciousmagazine/timthumb.php?src=../../../', | |
| '/wp-content/themes/delight/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/develop/thumb.php?src=../../../', | |
| '/wp-content/themes/diarise/thumb.php?src=../../../', | |
| '/wp-content/themes/digitalfarm/thumb.php?src=../../../', | |
| '/wp-content/themes/directory/timthumb.php?src=../../../', | |
| '/wp-content/themes/dualshockers2/thumb.php?src=../../../', | |
| '/wp-content/themes/duotive-three/includes/timthumb.php?src=../../../', | |
| '/wp-content/themes/EarthlyTouch/timthumb.php?src=../../../', | |
| '/wp-content/themes/eBusiness/timthumb.php?src=../../../', | |
| '/wp-content/themes/ecobiz/timthumb.php?src=../../../', | |
| '/wp-content/themes/editorial/thumb.php?src=../../../', | |
| '/wp-content/themes/ElegantEstate/thumb.php?src=../../../', | |
| '/wp-content/themes/ElegantEstate/timthumb.php?src=../../../', | |
| '/wp-content/themes/eNews/thumb.php?src=../../../', | |
| '/wp-content/themes/eNews/timthumb.php?src=../../../', | |
| '/wp-content/themes/envision/thumb.php?src=../../../', | |
| '/wp-content/themes/ephoto/thumb.php?src=../../../', | |
| '/wp-content/themes/ePhoto/timthumb.php?src=../../../', | |
| '/wp-content/themes/equator/timthumb.php?src=../../../', | |
| '/wp-content/themes/eStore/timthumb.php?src=../../../', | |
| '/wp-content/themes/Event/timthumb.php?src=../../../', | |
| '/wp-content/themes/Feather/timthumb.php?src=../../../', | |
| '/wp-content/themes/flashnews/thumb.php?src=../../../', | |
| '/wp-content/themes/freshnews/thumb.php?src=../../../', | |
| '/wp-content/themes/G6Feature/includes/thumb.php?src=../../../', | |
| '/wp-content/themes/gallant/thumb.php?src=../../../', | |
| '/wp-content/themes/gazette/thumb.php?src=../../../', | |
| '/wp-content/themes/gazette/timthumb.php?src=../../../', | |
| '/wp-content/themes/Glow/timthumb.php?src=../../../', | |
| '/wp-content/themes/GrungeMag/timthumb.php?src=../../../', | |
| '/wp-content/themes/headlines/thumb.php?src=../../../', | |
| '/wp-content/themes/headlines/timthumb.php?src=../../../', | |
| '/wp-content/themes/headlines_enhanced_v2/thumb.php?src=../../../', | |
| '/wp-content/themes/idris/images/timthumb.php?src=../../../', | |
| '/wp-content/themes/impacto/thumb.php?src=../../../', | |
| '/wp-content/themes/insignio/images/timthumb.php?src=../../../', | |
| '/wp-content/themes/InterPhase/timthumb.php?src=../../../', | |
| '/wp-content/themes/kingsize/timthumb.php?src=../../../', | |
| '/wp-content/themes/lifestyle/thumb.php?src=../../../', | |
| '/wp-content/themes/LightBright/timthumb.php?src=../../../', | |
| '/wp-content/themes/Linepress/timthumb.php?src=../../../', | |
| '/wp-content/themes/livewire/thumb.php?src=../../../', | |
| '/wp-content/themes/mademan/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/Magnificent/thumb.php?src=../../../', | |
| '/wp-content/themes/manifesto/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/Max/thumb.php?src=../../../', | |
| '/wp-content/themes/Memoir/thumb.php?src=../../../', | |
| '/wp-content/themes/mimbo/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/mimbopro/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/minecraftapps.com/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/mini-lab/functions/timthumb.php?src=../../../', | |
| '/wp-content/themes/Modest/thumb.php?src=../../../', | |
| '/wp-content/themes/Modest/timthumb.php?src=../../../', | |
| '/wp-content/themes/modularity/includes/timthumb.php?src=../../../', | |
| '/wp-content/themes/modularity2/includes/timthumb.php?src=../../../', | |
| '/wp-content/themes/multidesign/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/muse/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/myjourney/thumb.php?src=../../../', | |
| '/wp-content/themes/myjourney_3.1/thumb.php?src=../../../', | |
| '/wp-content/themes/MyProduct/timthumb.php?src=../../../', | |
| '/wp-content/themes/NewsPro/timthumb.php?src=../../../', | |
| '/wp-content/themes/Nova/timthumb.php?src=../../../', | |
| '/wp-content/themes/Nyke/timthumb.php?src=../../../', | |
| '/wp-content/themes/ocram_2/thumb.php?src=../../../', | |
| '/wp-content/themes/optimize/thumb.php?src=../../../', | |
| '/wp-content/themes/optimize/timthumb.php?src=../../../', | |
| '/wp-content/themes/OptimizePress/timthumb.php?src=../../../', | |
| '/wp-content/themes/overeasy/timthumb.php?src=../../../', | |
| '/wp-content/themes/pearlie_14%20dec/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/PersonalPress/timthumb.php?src=../../../', | |
| '/wp-content/themes/photoria/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/photo-workshop/includes/timthumb.php?src=../../../', | |
| '/wp-content/themes/Polished/timthumb.php?src=../../../', | |
| '/wp-content/themes/postcard/thumb.php?src=../../../', | |
| '/wp-content/themes/premiumnews/thumb.php?src=../../../', | |
| '/wp-content/themes/premiumnews/timthumb.php?src=../../../', | |
| '/wp-content/themes/productum/thumb.php?src=../../../', | |
| '/wp-content/themes/profitstheme/thumb.php?src=../../../', | |
| '/wp-content/themes/prosto/functions/thumb.php?src=../../../', | |
| '/wp-content/themes/PureType/timthumb.php?src=../../../', | |
| '/wp-content/themes/purevision/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/Quadro/timthumb.php?src=../../../', | |
| '/wp-content/themes/redlight/includes/timthumb.php?src=../../..//coffeebreak/thumb.php?src=../../../', | |
| '/wp-content/themes/Reporter/timthumb.php?src=../../../', | |
| '/wp-content/themes/retreat/thumb.php?src=../../../', | |
| '/wp-content/themes/rockstar/thumb.php?src=../../../', | |
| '/wp-content/themes/rockwell_v1.5/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/rt_crystalline_wp/thumb.php?src=../../../', | |
| '/wp-content/themes/rt_panacea_wp/thumb.php?src=../../../', | |
| '/wp-content/themes/rt_syndicate_wp/thumb.php?src=../../../', | |
| '/wp-content/themes/sealight/thumb.php?src=../../../', | |
| '/wp-content/themes/SimplePress/timthumb.php?src=../../../', | |
| '/wp-content/themes/simplicity/thumb.php?src=../../../', | |
| '/wp-content/themes/simplicity/timthumb.php?src=../../../', | |
| '/wp-content/themes/skeptical/thumb.php?src=../../../', | |
| '/wp-content/themes/skeptical/timthumb.php?src=../../../', | |
| '/wp-content/themes/snapshot/thumb.php?src=../../../', | |
| '/wp-content/themes/snapshot/timthumb.php?src=../../../', | |
| '/wp-content/themes/spectrum/thumb.php?src=../../../', | |
| '/wp-content/themes/spectrum/timthumb.php?src=../../../', | |
| '/wp-content/themes/telegraph/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/TheCorporation/timthumb.php?src=../../../', | |
| '/wp-content/themes/themorningafter/thumb.php?src=../../../', | |
| '/wp-content/themes/TheProfessional/timthumb.php?src=../../../', | |
| '/wp-content/themes/therapy/thumb.php?src=../../../', | |
| '/wp-content/themes/TheSource/timthumb.php?src=../../../', | |
| '/wp-content/themes/thestation/thumb.php?src=../../../', | |
| '/wp-content/themes/thestation/timthumb.php?src=../../../', | |
| '/wp-content/themes/TheStyle/timthumb.php?src=../../../', | |
| '/wp-content/themes/tma/thumb.php?src=../../../', | |
| '/wp-content/themes/Transcript/thumb.php?src=../../../', | |
| '/wp-content/themes/Transcript/timthumb.php?src=../../../', | |
| '/wp-content/themes/tribune/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/typebased/thumb.php?src=../../../', | |
| '/wp-content/themes/typebased/timthumb.php?src=../../../', | |
| '/wp-content/themes/u-design/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/vibrantcms/thumb.php?src=../../../', | |
| '/wp-content/themes/vulcan/timthumb.php?src=../../../', | |
| '/wp-content/themes/watercolor/includes/timthumb.php?src=../../../', | |
| '/wp-content/themes/waves/functions/timthumb.php?src=../../../', | |
| '/wp-content/themes/welcome_inn/timthumb.php?src=../../../', | |
| '/wp-content/themes/WhosWho/timthumb.php?src=../../../', | |
| '/wp-content/themes/widescreen/includes/timthumb.php?src=../../../', | |
| '/wp-content/themes/wootube/thumb.php?src=../../../', | |
| '/wp-content/themes/wp-clear-prem/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/WPCMS2/scripts/timthumb.php?src=../../../', | |
| '/wp-content/themes/zenko/scripts/timthumb.php?src=../../../' | |
| ); | |
| $url = $_REQUEST['url']; | |
| echo "<pre><strong>WordPress TimThumb Finder: Result</strong><hr>"; | |
| function status($a, $b){ | |
| echo "$a: <strong>$b</strong>\n"; | |
| } | |
| $found = FALSE; | |
| foreach ($payload as $uri) { | |
| $ch = curl_init(); | |
| curl_setopt($ch, CURLOPT_URL, $url . $uri); | |
| curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); | |
| $resp = curl_exec($ch); | |
| $info = curl_getinfo($ch); | |
| curl_close($ch); | |
| if(strpos($resp, "TimThumb version") !== FALSE) { | |
| status("url", $info['url']); | |
| status("found", "true"); | |
| status("http_code", $info['http_code']); | |
| $found = TRUE; | |
| preg_match("/TimThumb version : (.*)/", $resp, $version, PREG_OFFSET_CAPTURE); | |
| $version = $version[1][0]; | |
| $version = str_replace("</pre>", "", $version); | |
| status("version", $version); | |
| if(version_compare($version, "2.8.11") == -1) { | |
| status("vulnerable", "true"); | |
| break; | |
| } else { | |
| status("vulnerable", "false"); | |
| } | |
| } | |
| } | |
| $found == FALSE ? status("found", "false") : ""; | |
| echo "<a href='?'>Back to home</a></pre>"; | |
| } else { | |
| ?> | |
| <pre><strong>WordPress TimThumb Finder</strong><hr>/* | |
| * Wordpress TimThumb Finder | |
| * Author : P4kL0nc4t | |
| * Date : 07/01/2018 | |
| * Adapted from <a href="https://dl.packetstormsecurity.net/UNIX/scanners/wptimthumb-scanner.txt" style="color: inherit">WordPress TimThumb Finder v1.0 by Rafay Baloch (Python)</a> | |
| */</pre> | |
| <form> | |
| <label>URL: </label> | |
| <input type="text" placeholder="http://example.com" name="url"> | |
| <button type="submit">Find!</button> | |
| </form> | |
| <?php | |
| } | |
| ?> | |
| <hr> | |
| <pre>Copyright © <strong>P4kL0nc4t</strong> <?= date("Y"); ?></pre></html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment