-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathscan.php
More file actions
32 lines (27 loc) · 947 Bytes
/
scan.php
File metadata and controls
32 lines (27 loc) · 947 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
<?php
function save($filename, $file) {
$handle = fopen($filename, "a+");
fwrite($handle, $file);
fclose($handle);
return;
}
function check(String $url){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url . "/xmlrpc.php");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$post = file_get_contents("payload.txt");
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
curl_setopt($ch, CURLOPT_POST, 1);
$headers = array();
$headers[] = 'Content-Type: application/x-www-form-urlencoded';
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$result = curl_exec($ch);
if (curl_errno($ch)) {
return false;
}
curl_close ($ch);
return (boolean) stripos($result, "faultCode");
}
foreach (@explode(PHP_EOL, file_get_contents("targets.txt")) as $key => $value) {
echo (check($value) ? " [+] {$value} => VULN\n" . save("output.txt", $value.PHP_EOL) : " [-] {$value} AaHh BAD\n");
}