Home / os / win7

PHP SQL Injection Vulnerability / overwrite injection

Posted on 14 June 2010

<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>PHP SQL Injection Vulnerability / overwrite injection</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>=====================================================
PHP SQL Injection Vulnerability / overwrite injection
=====================================================


1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1
0     _                   __           __       __                     0
1   /'             __  /'__`        / \__  /'__`                   1
0  /\_,     ___   /\_/\_      ___  ,_/ /   _ ___           0
1  /_/  /' _ ` / /_/_\_&lt;_  /'___  /    /`'__          1
0       / /    /   / \__/  \_  \_   /           0
1       \_ \_ \_\_   \____/ \____\ \__\ \____/ \_           1
0       /_//_//_/ \_ /___/  /____/ /__/ /___/  /_/           0
1                   \____/ &gt;&gt; Exploit database separated by exploit   1
0                   /___/                                             0
0                                                                      1
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-0

[+] Title	: PHP SQL Injection Vulnerability||overwrite injection
[+] Author	: mc2_s3lector
[+] site	: www.yogyacarderlink.web.id
[+] Aplication	: inurl:&quot;edit.php?id=&quot;
[+] Dork        : inurl:&quot;com_image&quot;


demo:

DNSnam.com/[patch]/edit.php?id=
DNSnam.com/[patch]/edit.php?id=[sqli]


overwrit :
Edit Comment||edit entry|Guesthost||Edit Event||Edit News Post

demo:
http://www.golaketravis.com/news-edit.php?id=1023
http://www.samsrock.net/admin/edit.php?id=1824&amp;list_id=1&amp;page=1

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1
0	      thank to : All yogyacardrlink crew   		       0
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1
0	      thank to : KeDaicomputerworks   		               0
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1



# <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-06-14]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>

 

TOP

Malware :

Exploits :