This Perl script performs a blind SQL injection attack against a vulnerable 'index_topic.php' endpoint by brute-forcing the admin password character-by-character. It uses a time-based or boolean-based approach to extract the MD5 hash of the admin password.
Classification
Working Poc 90%
Target:
Unknown web application with 'index_topic.php' endpoint (likely outdated or custom CMS)
No auth needed
Prerequisites:
Target with vulnerable 'index_topic.php' endpoint · Network access to the target · Perl environment with LWP::UserAgent