facebook facebook twitter rss

Evil_blog (Piwigo Plugin) Remote Sql Injection

Author: Sl0t , Published: 27-12-2012
# Author > Sl0t
# Title > Evil_blog (Piwigo Plugin) Remote Sql Injection
# Version > 1.0
# Date > 7:32 AM Thursday, December 27, 2012
# Email > Slotleet@Gmail.com
# Website > Sec4ever.com & Dz-root.com & Sec4leb.com
# Desctiption > This Kind Of Vulns In Piwigo System Must Be Magic_quotes = Off And Using HEX Encrypt when inject the site

# File > Blog.php

Line : 25 > 30

$query = "SELECT id, UNIX_TIMESTAMP(date) AS date, header, text
FROM `".Evil_Blog_Table."`
WHERE 1
ORDER BY `date` DESC
LIMIT ".$number.",".$post_per_page;
$result = pwg_query($query);

if the line 30 is mysql_query then you don't need the magic_qoutes off or on , cz the PWG_QUERY, Is a manual function to addslash on single quote :D.

# Poc :

http://localhost/piwigo/?/blog/id/1[SQL]

# Greet's :

I-HMX,N4ss1m,Damane,Mohamed,RAB3OUN,THE INJECTOR,r0ckin,b0x,Paulz,H311-c0d3 (Ahmad <3),Linuxcs, AND ALL Those MOTHA F****** N00b In The NET :D

Like us on Facebook :