Link Bid Script – ‘links.php’ SQL Injection

• Exploit Database
• 132 阅读

• 作者： R3d-D3V!L
  日期： 2010-05-14
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/12596/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55

  ######################{In The Name Of Allah The Mercifull} ######################   [~] Tybe: SQL Injection Vulnerabilities [~] Vendor: www.linkbidscript.com [+] Software: Link Bid Script [+] author: ((R3d-D3v!L)) [~] [+] TEAM: ArAB!AN !NFORMAT!ON SeCuR!TY ---->((4.!.5)) [~] [?] contact: X[at]hotmail.co.jp [-] [?] Date: 14.Jan.2010 [?] T!ME: 05:15 am GMT [?] Home: © Offensive Security [?]   ====================================================================================== # SQL Injection # links.php id ====================================================================================== [*] Err0r C0N50L3: http://127.0.0.1/links.php?id={EV!L EXPLO!T}   [*] prove of concept     when you put &apos; after id num you can see the page is changed       and when you put {order+by+1} after id you can see the normal page     the order is accepted so the script is infected.   [~]-----------------------------{((MAGOUSH-87))}------------------------------------------------# # [~] Greetz tO: [dolly &MERNA &DEV!L_MODY &po!S!ON Sc0rp!0N &JASM!N &MARWA & mAG0ush-1987] # # [~]70 ALL ARAB!AN HACKER 3X3PT : LAM3RZ # # [~] spechial thanks : ((HITLER JEDDAH & S!R TOTT! & DR.DAShER)) # # [?]spechial SupP0RT : MY M!ND # © Offensive Security # # [?]4r48!4n.!nforma7!0N.53cur!7y ---> ((r3d D3v!L<--M2Z--->JUPA<---aNd--->Devil ro0t)) # # [~]spechial FR!ND: 0r45hy # # [~] !&apos;M 4R48!4N 3XPL0!73R. # # [~]{[(D!R 4ll 0R D!E)]}; # # [~]---------------------------------------------------------------------------------------------