<?php
error_reporting(0);
set_time_limit(0);
/**
* Timthumb plugin scanner for WordPress.
*
* @version 1.00
* @author Christian Ditaputratama <[email protected]>
*
* Timthumb plugin scanner for Wordpress.
* optionally dump scan result to text file.
*
* still very early release, just for testing and fun coding purpose :)
*
*------------------------------------------------------------------------+
* This program is free software; you can redistribute it and/or modify   |
* it under the terms of the GNU General Public License version 2 as      |
* published by the Free Software Foundation.                             |
*                                                                        |
* This program is distributed in the hope that it will be useful,        |
* but WITHOUT ANY WARRANTY; without even the implied warranty of         |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          |
* GNU General Public License for more details.                           |
*                                                                        |
* This script are often used solely for informative, educational         |
* purposes only. Author cannot be held responsible for any               |
* damage and (or) (ab)use of this script.                                |
* Please submit changes of the script so other people can use            |
* them as well. This script is free to use, don't abuse.                 |
*------------------------------------------------------------------------+
*/
$dirlist = 'timthumb.txt';

function doValidLink($link) {
       $validLink = preg_match("|^http(s)?://[a-z0-9-]+(.[a-z0-9-]+)*(:[0-9]+)?(/.*)?$|i", $link) ? $link : "http://" . $link;
       $link = $validLink[strlen($validLink)-1] == "/" ? $validLink : $validLink . "/";
   return $link;
}

function write($text) {
       global $fh;
       fwrite($fh, $text);
}

$greetz = "-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\n";
$greetz .=" Timthumb plugin scanner for WordPress\n";
$greetz .=" by ditatompel < ditatompel [at] gmail [dot] com >\n";
$greetz .=" Please send bug report to help improving this script.\n\n";
$greetz .=" Greetings for all members of devilzc0de.org, all Indonesian c0ders,\n";
$greetz .=" and all GNU Generation ;-)\n";
$greetz .=" Thanks to : 5ynL0rd who always inspire me, I glue you all my regards.\n";
$greetz .="-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\n";

if ( !is_file($dirlist) ) exit("[!] Error! please check directory your list!\n");

print $greetz;
if ( $argc < 2) {
       print_r("-----------------------------------------------------------------------------\n" .
       "Usage     : php " . $argv[0] . " [target] [output]\n" .
       "target    : domain / url\n" .
       "output    : file name for Every [+] Wo0t! output will be saved to (optional)\n" .
       "Example 1 : php " . $argv[0] . " myhost.com\n" .
       "Example 2 : php ".$argv[0]." myhost.com scan_result.txt\n" .
       "-----------------------------------------------------------------------------\n");
       exit;
}

$url = doValidLink($argv[1]);
$output = $argv[2];

echo "\r\nChecking " . $url . "\r\n";

$check = get_headers($url, 1);
if ( empty($check)) {
       print_r("No repsond from server.\nmake sure your target url are correct!\n" .
       "Exiting...\n" .
       "-----------------------------------------------------------------------------\n");
       exit;
}
$serverInfo = $check['Server'];
if (preg_match('/301/', $check[0]) || preg_match('/302/', $check[0]) ) {
       $url = $check['Location'];
       $serverInfo = $check['Server'][0];
}

$additionalInfo = NULL;
if ( !empty($output) ) {
       $fh = fopen($output, 'w');
       $additionalInfo = $fh ? 'Every [+] Wo0t! output will be saved on ' . $output : '[!] Cannot write scan result to ' . $output;
}

$info = "-----------------------------------------------------------------------------\n";
$info .= "\tTarget : " . $url . "\n";
$info .= "\tStatus : " . $check[0] . "\n";
$info .= "\tServer : " . $serverInfo . "\n";
$info .= "\tStart Scan : " . date("Y-m-d H:i:s") . "\n";
$info .= "\t" . $additionalInfo . "\n";
$info .= "-----------------------------------------------------------------------------\n";

print_r($info);

if ( $fh ) {
       write($greetz);
       write($info);
}
foreach ( file($dirlist) as $tim => $thumb){
       $thumb = explode("\n", $thumb);
       $headers = get_headers($url . $thumb[0], 1);
       if ( !preg_match('/404/', $headers[0]) ) {
               $result = "[+] Wo0t! Found! " . $url . $thumb[0] . "\r\n";
               echo $result;
               if ( $fh ) write($result);
       }
       elseif (preg_match('/301/', $headers[0]) || preg_match('/302/', $headers[0]) ) {
               $result = "[+] Wo0t! " . $url . $thumb[0] . " Found! redirect to -> " . $headers['Location'] . "\r\n";
               echo $result;
               if ( $fh ) write($result);
       }
       else {
               echo "[-] NOT Found! " . $url . $thumb[0] . "\r\n";
       }
}
if ( !empty($output) ) {
       write("-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Finish scan " . $tim . " path -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\r\n");
       fclose($fh);
}
echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Finish scan " . $tim . " path -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\r\n";
?>

You are viewing proxied material from sdf.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.