#!/usr/bin/php -f
Notice: Undefined variable: argv in C:\xampp\htdocs\test\admin-ajax.php on line 12
This error message comes with my when I tried to get the code below run using localhost server ( Xammp on windows7 ). It is a PHP curl exploit which has created by the tool RIPS.
{
#!/usr/bin/php -f
<?php
#Userinput reaches sensitive sink when function screen_icon() is called.
# template.php curl exploit
#
//
// HTTP GET,
//
$target = $argv[1];
$username = "";
$password = "";
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_URL, "http://localhost/wordpress3/wp-admin/admin-ajax.php?post_type=22");
curl_setopt($ch, CURLOPT_HTTPGET, 1);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
curl_setopt($ch, CURLOPT_TIMEOUT, 3);
curl_setopt($ch, CURLOPT_LOW_SPEED_LIMIT, 3);
curl_setopt($ch, CURLOPT_LOW_SPEED_TIME, 3);
curl_setopt($ch, CURLOPT_COOKIEJAR, "/tmp/cookie_$target");
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");
$buf = curl_exec ($ch);
curl_close($ch);
unset($ch);
echo $buf;
?> }
Any suggestion to get this problem solved?