Skip to content

DoctorHackerAbertay/Exploits

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Exploits

PHP App exploits for educational purposes only. It is illegal to use these exploits against a website you do not own.

Some Python exploits for vulnerable PHP apps that were downloaded from exploit-db.com. The exploits gain a command shell.

  1. AROX SCHOOL-ERP PRO: PHP Charts allows charts and graphs to be drawn easily. Arox school pro is a simple PHP and MySQL based School manager. Reference: https://www.exploit-db.com/exploits/46999

  2. MY LITTLE FORUM 2.3.5 My little forum is a simple PHP and MySQL based internet forum that displays the messages in classical threaded view (tree structure). The main claim of this web forum is simplicity. Reference: https://www.exploit-db.com/exploits/40021

  3. PHP CHARTS v 1.0 PHP Charts allows charts and graphs to be drawn easily. Reference: https://www.exploit-db.com/exploits/26453

  4. WEBSPELL 4.01.02 webSPELL is a free Content Management System which was especially developed for the needs of esport related communities. Reference: https://www.exploit-db.com/exploits/3402

  5. PPIM 1.0.1 pPIM is a Personal Information Management application written in PHP that can store contacts (including their photos), events, links, notes, send and check email, and upload files.

Read the Python code for any further details. E.g. create a user? You will also have to edit the IP address. If the exploit is successful then you will get a command shell.

alt text

Doctor_Hacker@twitter