Copy and save --> PoC.html.
Configure --> HOST, HOME_PATH
<html>
<title>
PoC BY Y3NH4CK3R --PROUD TO BE SPANISH-->
</title>
<h1>
Click "Execute PoC" to launch the proof of concept (SQLi)...
</h1>
<body bgcolor=#000000 text=#ffffff>
Copy and save --> PoC.html.
Configure --> HOST, HOME_PATH
<html>
<title>
PoC BY Y3NH4CK3R --PROUD TO BE SPANISH-->
</title>
<h1>
Click "Execute PoC" to launch the proof of concept (SQLi)...
</h1>
<body bgcolor=#000000 text=#ffffff>
#** [----[[]]----[]--- ----[]-----[]---[]--[]-----[]--[]-------[] []---[]----------[]--[]---/
# [> [[[]]] [][][][> [][] [] [][[] [[]] [][] [][][] [] [> [][][][> <][] []
#** **
#** **
#** VIVA SPAIN!... GANAREMOS EL MUNDIAL!...o.O **
#** PROUD TO BE SPANISH! **
#** **
#***********************************************************************************************
#***********************************************************************************************
#
#---------------------------------------------------------------------------------------------
It seems there was a quite similar bug found back in 2004:
http://marc.info/?l=bugtraq&m=109658688505723&w=2
A remote attacker can read, list and retrieve nearly all files on the System remotely.
Required is a valid samba account for a share which is writeable OR
a writeable share which is configured to be a guest account share,
in this case this is a preauth exploit.
The attacker can write for example into /tmp or where the account
he is connecting with has access to (/home/<user> etc).
I am 100% confident that many of them will fall for it.
Keep in mind that this group is the group that responds to emails like
the following:
"From: coolguy131@vacationhomes.xyz
You are akcount is ABOUT TO BE UPDATED respond with you'r
SOCIAL SECURITY AND LICENSE SCAN.
Error code 51535351535153515.5f."
Also as this is an user attention issue,
targeting pages that are heavily animated or otherwise distracting may
