forked from rapid7/metasploit-vulnerability-emulator
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathuserFuncs.pl
More file actions
28 lines (27 loc) · 640 Bytes
/
userFuncs.pl
File metadata and controls
28 lines (27 loc) · 640 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
$kloxo_sqli_target = "YWJjMTIz";
sub kloxo_sqli {
#print "$dataBuf\n";
if ($dataBuf !~ /from%20client%20limit%201%29%2c(\d+)%2c1%29%29%3d(\d+)%/) {
print "no match\n";
return "";
}
my $pos = $1;
my $c = pack("C", $2);
#printf "$pos|$c\n";
my $r = 0;
if ($pos == 1) {
$r = ($c eq "_")? 1 : 0;
} elsif ($pos < 8) {
$r = 1;
} elsif ($pos == 16) { #16 = 7 + length(kloxo_sqli_target);
$r = 1;
} elsif (substr($kloxo_sqli_target, $pos-8, 1) eq $c) {
$r = 1;
}
if ($r) {
return "HTTP/1.1 200\r\nContent-Length: 0\r\n\r\n";
} else {
return "HTTP/1.1 200\r\nContent-Length: 18\r\n\r\n_error_login_error";
}
}
1;