MyBB HM My Country Flags SQL注射及修复 - 网站安全 - 自

HM My Country Flags SQL Injection

作者: JoinSe7en  join7 [+at+] riseup.net

测试 系统 : Linux

程序地址: http://mods.mybb.com/view/hm-my-country-flags

 

HM My Country Flags has a SQL Injection vulnerability.

If we go to a thread we'll see a country next to the users post.

 

We'll start HTTP Live Headers and press this link to get the URL (Otherwise it's in popup box and we will not see the URL)

 

Here we'll work some magic with the '

 

 

Returns:

 

'MyBB has experienced an internal SQL error and cannot continue.

 

SQL Error:

    1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''Belgium''' at line 1'

 

From here we can just perform basic UNION Based SQL Injection.

The column count is often very big, usually around 150-180 depending on the countries available.

 

This could be a query:

 

 

Output:

 

admin:018bda9eb505747441b9485b42cadab:apa2G1ge;

 

 

查看更多关于MyBB HM My Country Flags SQL注射及修复 - 网站安全 - 自的详细内容...